Search code examples
gitgithubbfg-repo-cleaner

Remove file from github and history

I am aware this question has been asked before but I am still confused on the exact steps that I need to take.

A few months ago I committed a file which contains sensitive information in a public repository (that I own) on github. I now must remove this file along with any trace of it.

Specifically, it's a web.config file which contains some db details. I need to remove the connection string, but I am happy to delete the whole file and add it back if need be.

There have been many commits since.

I looked at BFG which sounds like the right tool for the job, but this has not worked - possibly I made a mistake.

Steps: 

git clone --mirror git://example.com/my-repo.git
bfg-1.12.15.jar --delete-files web.config  my-repo.git
cd my-repo.git
git reflog expire --expire=now --all && git gc --prune=now --aggressive

git push

Output: 

Counting objects: 1064, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (1058/1058), done.
Writing objects: 100% (1064/1064), done.
Total 1064 (delta 775), reused 289 (delta 0)

Everything up-to-date

The file still persists, what exactly do I need to do to remove this web.config file from the repository?

Update

Ok so it was suggested to remove the web.config and then re-run the command: 

rm web.config 
git commit -am "removed web config"
git push

and then I re-ran all the commands above and I am getting: 

Using repo : xxx.git

Found 246 objects to protect
Found 2 commit-pointing refs : HEAD, refs/heads/master

Protected commits
 -----------------

These are your protected commits, and so their contents will NOT be altered:

 * commit 1f4ad898 (protected by 'HEAD')

Cleaning
--------

Found 114 commits
Cleaning commits:       100% (114/114)
Cleaning commits completed in 93 ms.

BFG aborting: No refs to update - no dirty commits found??

Update 2

Turns out BFG is working fine and I was accidentally typing out web.config lowercase and not the actual Web.config. Anyway it has sorted my problem :)

Solution

  • The steps you described seem like the correct way to use the BFG tool (as based on their documentation).

    Do note that the BFG Repo Cleaner only affects the history of your repository and does not touch the latest commit in your commit history. In other words, the tip of your branch will need to be cleaned up first, and the BFG tool run after that.

    Depending on what your current status is, first clean up the current state of things with or git rm web.config, commit your changes, push everything up, and then run the BFG to clean the history.