I usually work on pet projects using git to keep track of changes but without thinking too much about exposing credentials or sensitive information, and once it is a good idea to publish it I clean it up.

Step 1

The first thing I do is push my current version to a remote repository, because if I mess something up I can always revert my changes.

Step 2

Download and install git-filter-repo.

This is the tool used to remove files/directories or sensitive information from the repository history.

Step 3

These are the commands I usually use:

1. To remove a file or directory:

   git-filter-repo --path "my-trash-0" --path "my-trash-1/abc" --invert-paths
   

   Note: The --invert-paths flag is really important, otherwise you will remove all files but the ones specified.

2. To check if some text is present anywhere in the history:

   git rev-list --all | xargs git grep -i "text i'm looking for"
   

3. To replace/remove text:

   git filter-repo --replace-text <(echo "SECRET==>notsosecret")
   

Then rinse and repeat until there is not anything unwanted.

Step 4

Force push your changes.

As you've rewritten the repository history you will need to push your changes with the --force flag and depending on the remote repository settings you may need to allow force pushes.

Before doing this, you may need to add your remote again, because I believe git-filter-repo removes it to prevent you from pushing your changes by mistake.

You can do this with the following command:

git remote add origin https://github.com/user/repo

Thanks

Thanks for reading and I hope this can be useful to you.