Removing sensitive info from all Git commits

Question

Say I have sensitive info, such as a corporate IP address in a Git commit, in fact perhaps 100s of commits. Is there a way to remove/replace that token from all commits using a Git command?

Answer 1

Github suggests the easiest way is using a program called BFG repo cleaner.

Using the BFG

The BFG Repo-Cleaner is a faster, simpler alternative to git filter-branch for removing unwanted data. For example, to remove your file with sensitive data and leave your latest commit untouched), run:

bfg --delete-files YOUR-FILE-WITH-SENSITIVE-DATA

To replace all text listed in passwords.txt wherever it can be found in your repository's history, run:

bfg --replace-text passwords.txt 

See the BFG Repo-Cleaner's documentation for full usage and download instructions.

If you're pushing this repo to a centralised location, ensure all the developers know what you are doing beforehand. Otherwise, you'll get some very upset people with very broken repositories and lost commits. You will also need to force a push to remote because you are rewriting history. This process is generally a huge hassle for everyone which is why I asked whether an IP address is sensitive enough to warrant this response.

On the security side, if these commits have already been made public, you should immediately assume that the confidentiality of information in the commits are compromised. You should immediately take appropriate security measures to mitigate any risks at this point.