Accidentally pushed sensitive data? Follow these steps to undo the damage.

If you have accidentally pushed some sensitive information to a remote repository, you don’t need to panic. Take couple of deep breaths; Wipe the sweat off your forehead; And follow the steps below.

First, control the damage:

Any sensitive information pushed to a public repository should be considered compromised. So if there are passwords and private keys in those commits, change them right now!

Scenario 1: You pushed sensitive information in your last commit.

If the sensitive information was in the last commit you just pushed to remote, you can amend it right away. Here we use the master branch as an example but you could do this on any branch.

Edit the file containing the sensitive information and stage your changes:

$ git add edited_file

If you want to remove an entire file but keep it locally, use git rm. Then add it to .gitignore to prevent this from happening again. Stage the changes.

$ git rm --cached sensitive_file.txt
$ echo sensitive_file.txt >> .gitignore
$ git add .gitignore

Amend the commit (add --no-edit if you don’t want to edit the commit message).

$ git commit --amend --no-edit

Push to remote. Use —force-with-lease to make sure you don’t overwrite the remote branch by mistake in case more people have committed to it after your last commit.

$ git push --force-with-lease origin master

Scenario 2: There is sensitive information in an old commit.

In this scenario, some sensitive information was committed and pushed to a branch. Many more commits have been made afterwards to that branch.

This is a slightly tricky situation. I will use an example to guide you through it.

In the git log shown below, some sensitive data was added to a file in commit d30716e Add api info to file. We are going to go back in history to that commit, change its content, amend it and get back.

$ git log --decorate --oneline --graph
* ecf48d1 (HEAD -> master, origin/master) Fix user interface bug
* e67f542 Add correct username to api info.
* d30716e Add api info to file.
* 56bba7b add the file.
* fdcc463 Initial commit

Everyone involved in the project should close all their open pull requests and stash all their local changes.

Now you can do a clean pull from origin master:

$ git reset --hard origin/master
$ git pull

It’s time for an interactive rebase. In this example, the offending commit is two commits behind current HEAD. So we do an interactive rebase with its parent commit:

$ git rebase -i HEAD~3

This will open the default editor and lists all the commits involved. Mark the commit you want to change by changing pick to edit . Save and close the editor. This will move HEAD to that commit so that you can edit the files.

edit d30716e Add api info to file.
pick e67f542 Add correct username to api info.
pick ecf48d1 Fix user interface bug

# Rebase 56bba7b..ecf48d1 onto 56bba7b (3 commands)
# Commands:
# p, pick <commit> = use commit
# r, reword <commit> = use commit, but edit the commit message
# e, edit <commit> = use commit, but stop for amending
# s, squash <commit> = use commit, but meld into previous commit
# f, fixup <commit> = like "squash", but discard this commit's log message
# x, exec <command> = run command (the rest of the line) using shell
# b, break = stop here (continue rebase later with 'git rebase --continue')
# d, drop <commit> = remove commit
# l, label <label> = label current HEAD with a name
# t, reset <label> = reset HEAD to a label
# m, merge [-C <commit> | -c <commit>] <label> [# <oneline>]
# .       create a merge commit using the original merge commit's
# .       message (or the oneline, if no original merge commit was
# .       specified). Use -c <commit> to reword the commit message.
# These lines can be re-ordered; they are executed from top to bottom.
# If you remove a line here THAT COMMIT WILL BE LOST.
# However, if you remove everything, the rebase will be aborted.
# Note that empty commits are commented out

Go ahead and remove the sensitive info. Stage any edited files and amend the commit:

$ git add edited_file
$ git commit --amend --no-edit

Continue the rebase process:

$ git rebase --continue

Fix any conflicts that might arise in favour of your changes.

Push your changes to the remote branch with force:

$ git push --force

Now you can ask your collaborators to do a clean pull from origin of that branch.

Great job! You just undid the damage! 👏