git-obliterate
Permanently remove sensitive data from Git history
TLDR
Erase the existence of specific files
Erase the existence of specific files between 2 commits
SYNOPSIS
git obliterate [options]
PARAMETERS
--all
Applies obliteration to all files matching the name, regardless of path. Use with extreme caution.
--config=
Specifies the configuration file to use.
--force
Forces the obliteration, bypassing some safety checks. Use with caution.
One or more files to obliterate from the repository history.
DESCRIPTION
The `git-obliterate` command is a powerful, and potentially dangerous, tool for permanently removing sensitive or unwanted files from a Git repository's entire history. This includes all branches, tags, and commits. Unlike simply deleting the files from the current working directory and committing the change, `git-obliterate` rewrites the repository's history to effectively make it as though the files were never there in the first place.
Use with extreme caution! This command should only be employed when absolutely necessary, such as when accidentally committing sensitive data like passwords, API keys, or proprietary information. Rewriting history can cause significant problems for collaborators and any existing clones of the repository, as it requires them to rebase or completely re-clone the repository to incorporate the rewritten history. Before using, back up your repository.
CAVEATS
Rewriting history can create divergence between your local repository and remote repositories. All collaborators will need to rebase or re-clone their repositories to avoid conflicts and data loss. This process can be disruptive and time-consuming, especially for large repositories with many contributors. Always create a backup before using `git-obliterate`.
ALTERNATIVE APPROACHES
Before using `git-obliterate`, consider if less disruptive alternatives are sufficient. If the sensitive data is not critical and has not been widely distributed, removing it from future commits and adding the file to `.gitignore` may be enough. If the data leak is serious, contact security professionals for guidance.
SEE ALSO
git filter-branch(1), git rebase(1), git reset(1)