git logo

How to nuke your Git(Hub) commit history?

This post was most recently updated on March 15th, 2023.

2 min read.

Ah – this was a fun one. I needed to figure out how to purge, flush and clear your commit history on GitHub. Turns out it isn’t as easy as clicking a button in the web user interface – the world is apparently not ready yet! 😁 Luckily, it wasn’t that complicated either – and the steps should work for other flavors of git as well.


Always remember to .gitignore your secrets, folks! And if you forget, pray you’re not committing to a public repository! And even if it’s a private one, purge the history afterward.

So, yeah – I messed up. After recycling the secret I ended up committing in error, I decided to cleanse the world of my mistake, and figure out how to destroy the history of my repository without actually removing the repository itself. And then I decided to publicize my mishap so that others might learn from it :)

On a side note, it’s lucky I’m using an old-fashioned version control like git, because if this was on blockchain, the process would’ve been far more complicated!


Let’s jump into it and nuke your secrets or embarrassing code comments from the commit history! 😁

Time needed: 30 minutes

How to remove your Git commit history?

  1. Remove all of your local git history

    In Windows:
    cd myrepo
    rmdir /S .git

    In whatever cool operating system the youngsters now use:
    cd myrepo
    rm -rf .git

  2. Init a new repository

    Now that the existing history has been destroyed

    git init
    git add .

  3. .gitignore your files

    At this point, your repository is empty with plenty of code to commit. This time, make sure NOT to commit anything you don’t want everyone else to see!

  4. Re-commit your data

    Okay, now you’re ready to commit your actual files.

    That can be done somewhat like this:
    git commit -m "Removed history, due to sensitive data"

  5. Push to remote

    The following will add your repo on GitHub as an origin and force push your changes there, overwriting the whole history.

    git remote add origin
    git push -u --force origin main

And there you go! Let me know how it goes for you, and which secret you ended up committing by mistake! 😁

For your information, mine was a token used in my Home Assistant configuration – I had .gitignored the secrets.yaml file, but I hadn’t properly removed some of the files Home Assistant generates – and one of them contains plenty of credentials. What fun.


0 0 votes
Article Rating
Notify of

most voted
newest oldest
Inline Feedbacks
View all comments