[git, github, versioning, remove, sensitive, password, large, project, version, control, file, directory]

Remove Sensitive or Large Files From Your Repository

1 mins


Your Git repository will eventually become the long-term memory of your project, and you may decide to make the repository public so others can learn from or use your work. Versioning is a powerful and good tool to use, unless…

  • you accidentally stored sensitive information in your source code that you do not want to be out in the public (e.g., API credentials, passwords),
  • you accidentally stored files (e.g., large data sets, images) in your repository, that you cannot upload to GitHub (and hence can’t synchronize your repository anymore)

In such situations, the good news is that solutions exist! These solutions will be discussed in this building block:

  • Undo your last commit
  • Entirely remove files

Undo your last commit

If you have just committed sensitive content, simply roll back to the last version of your repository using:

git reset --soft HEAD~1

Entirely remove files

When sensitive data has been committed, follow these steps to wipe out the file and its commits:

  1. Open Git Bash in your repository’s main directory.
  2. In Git Bash, enter the following command:
git filter-branch --index-filter 'git rm --cached --ignore-unmatch file_to_remove' --prune-empty -- --all

Replace file_to_remove with the path and file name of the file that you want to wipe out.

  1. If the command doesn’t work, verify you have used the correct file name and path. Typically, the file name and path are indicated in a Git error message when trying to push or pull. Thanks to StackOverflow for this solution!

Check out the GitHub manuals for a step-by-step guide! Alternatively, use BFG Repo Cleaner, a convenient tool to remove unwanted files from your project.


Avoid future mishaps by learning to exclude files from versioning.


This guide presents effective strategies for removing sensitive data or unwanted files:

  • Undoing your last commit
  • Entirely removing files

By applying these techniques, you can navigate the challenges of preserving the integrity of your repository while sharing your work with the wider community.