How to remove a file from Git history

Łukasz Holeczek Łukasz Holeczek
calendar Wednesday, December 10, 2025
#git #history #security #filter-repo

Removing sensitive files like passwords or API keys from Git history is critical for security when they’re accidentally committed. As the creator of CoreUI with over 25 years of development experience, I’ve helped teams clean repositories after accidental credential commits many times. The most effective modern solution is to use git filter-repo, which is faster and safer than the older filter-branch command. This tool completely rewrites history to remove all traces of the file.

Use git filter-repo to completely remove a file from Git history.

# Install git-filter-repo first
pip install git-filter-repo

# Remove file from entire history
git filter-repo --path secrets.env --invert-paths

# Force push to update remote
git push origin --force --all

The git filter-repo command with --path specifies which file to target, and --invert-paths removes it instead of keeping it. This rewrites every commit in your repository’s history, removing all traces of the file. After running this command, you must force push to update the remote repository. Important: this rewrites commit hashes, so all team members must re-clone the repository.

Best Practice Note

This is the same cleanup approach we use for CoreUI projects when sensitive data is accidentally committed. Before running this command, ensure all team members have pushed their work and are aware of the history rewrite. After cleaning, rotate any exposed credentials immediately, as the file may still exist in cloned repositories or CI/CD caches.

Speed up your responsive apps and websites with fully-featured, ready-to-use open-source admin panel templates—free to use and built for efficiency.

Free Angular Admin Template
Angular
Free Bootstrap Admin Template
Bootstrap
Free React.js Admin Template
React Logo
React.js
Free Vue.js Admin Template
Vue.js

About the Author

Łukasz Holeczek

Łukasz Holeczek, Founder of CoreUI, is a seasoned Fullstack Developer and entrepreneur with over 25 years of experience. As the lead developer for all JavaScript, React.js, and Vue.js products at CoreUI, they specialize in creating open-source solutions that empower developers to build better and more accessible user interfaces.

With expertise in TypeScript, JavaScript, Node.js, and modern frameworks like React.js, Vue.js, and Next.js, Łukasz combines technical mastery with a passion for UI/UX design and accessibility. CoreUI’s mission is to provide developers with tools that enhance productivity while adhering to accessibility standards.

Łukasz shares its extensive knowledge through a blog with technical software development articles. It also advises enterprise companies on building solutions from A to Z. Through CoreUI, it offers professional services, technical support, and open-core products that help developers and businesses achieve their goals.

Learn more about CoreUI’s solutions and see how your business can benefit from working with us.
Subscribe to our newsletter
Get early information about new products, product updates and blog posts.
How to Merge Objects in JavaScript
How to Merge Objects in JavaScript
calendar Tuesday, February 27, 2024
What is globalThis in JavaScript?
What is globalThis in JavaScript?
calendar Wednesday, January 8, 2025
How to Use Bootstrap Modal in Vue 3 – Clean Integration with CoreUI
How to Use Bootstrap Modal in Vue 3 – Clean Integration with CoreUI
calendar Thursday, July 3, 2025
How to Center a Button in CSS
How to Center a Button in CSS
calendar Wednesday, May 15, 2024

Answers by CoreUI Core Team

How to use onBeforeUnmount in Vue
How to use Angular environments for production and dev
How to encode a string in base64 in JavaScript
How to use built-in validators in Angular
How to build a GraphQL API in Node.js
How to pass props in React