Leaked sensitive data to Github?? See how to remove committed sensitive data

It can happen to anyone, even a senior can accidentally push data to a public repo. It is fairly simple how you can solve it. I see two ways you can tackle this problem. The first way is using git filter-repo, and the second, an easier and faster way in my opinion, is to use BFG Repo Cleaner.

It is fairly simple, follow this steps and take your own conclusion:

1. Download the .jar file BFG Repo-Cleaner from the repository and placed it in the same folder where you will clone the project.

2. Clone a fresh copy of your repo, using the --mirror flag

$ git clone --mirror git://example.com/repo_with_sensitive_data.git        

3. Delete the files using the following commands:

$ java -jar bfg-1.14.0.jar --delete-files file_delete.json repo_with_sensitive_data.git        

4. Go to the project's repo where you want to remove the file with the credentials:

$ cd repo_with_sensitive_data.git
$ git reflog expire --expire=now --all && git gc --prune=now --aggressive        

5. Now that you're happy with the updated state of your repo:

$ git push        

Alright, you're all set! Time for everyone to toss out their old repo copies and grab fresh clones of the shiny, squeaky-clean version. Be sure to delete those dusty old clones—they've got messy history you don't want sneaking back into your newly polished repo!