How to remove sensitive files from your git history

If you've committed passwords, API keys or accidentally committed a large file you may need to remove it from your git history.

This can be done using the following simple filter-branch command.

git filter-branch --tree-filter 'rm -f ./path/to/example' HEAD

Replace the path with the file you wish to remove.

Some instances where you should remove files from your git repository:

  • Database dumps
  • Log files
  • Large binaries
  • Configuration files with sensitive info (passwords, API keys)
  • Github will block you when you try to upload a file over 100MB. The above command will solve this.

This command could be added to your .bashrc file, in order to create a custom shortcut. For example:

Edit ~/.bashrc, and add the following:

alias "git-rm-all-history"=git filter-branch --tree-filter 'rm -f $1' HEAD

Now, you can remove sensitive files by simply running git-rm-all-history path/to/file.