Guides: Completely remove a file from all revisions
Don’t you hate when you can’t remove that file full of cleartext passwords from your github account? Even if you git rm it, it still is accessible in previous versions of the tree. So, you need to rewrite the entire tree. Fortunately, this is really easy with git.
How?
git filter-branch --index-filter 'git update-index --remove filename' HEAD git push --force --verbose --dry-run git push --force
filename is what you want to remove. Now, when you browse past revisions, the file will be gone!
You will need to do git push --force to push your changes, as this is no longer a fast forward push (the history and parents have been rewritten)
To retain tags you must specify --tag-name-filter "cat" but note that this will overwrite your existing tags.
When doing this I usually create a backup like this:
cd .git mkdir backup cp -r refs backup/refs cp packed-refs backup
since often I run filter-branch several times and you must delete refs/original between runs.
An Improved Method
The method given above actually rewrites the whole repository history. Usually, you’ll only want to rewrite it from the revision the sensitive data was introduced:
git filter-branch --index-filter 'git update-index --remove filename' <introduction-revision-sha1>..HEAD git push --force --verbose --dry-run git push --force
Where introduction-revision-sha1 is the SHA1 that the file was first committed to the repository.
