How to prevent a public repo disaster!!

Let's say that you have finished a project you have been working for a long time and wish to make it public on GitHub.
After you make it public on GitHub then you realize you got a bunch of API keys, secret files, and a lot of files which should have been in the .gitignore file

We all have been there once or going to be

So if you are that unfortunate guy there is a way to remove all signs of your leaked info in this example we can assume that our API key is in a file called .env which is a file used to store environment variables

Step 1 : clone the repo into a temporary folder

mkdir repo_cleanup # makes a folder called repo_cleanupcd repo_cleanup # changing directory to repo_cleanupgit clone https://github.com/YOUR-USERNAME/YOUR-REPOSITORY . # clones the repo from which you want to remove the .env file

Step 2 :

git filter-branch --force --index-filter \"git rm --cached --ignore-unmatch .env" \--prune-empty --tag-name-filter cat -- --all

Introduce filter-branch magic that removes the naughty information (.env in our case)

Step 3 :

Add .env to your .gitignore file

Step 4 :

git add .gitgnoregit commit -m "Added .env to gitignore"

commit the .gitignore file

Step 4 :

Commit the changes with --force to remove the file from the history because if we don't do someone will be able to view the .env file in the repo's history

git push origin --force --allgit push origin --force --tags

Step 5 :

Success !!

Why is removing API Key from public key is important

I would recommend that you read this https://nakedsecurity.sophos.com/2019/03/25/thousands-of-coders-are-leaving-their-crown-jewels-exposed-on-github/
Basically it is for safety purposes because if hackers got your key they could spam your key and drive your costs up which you definitely don't want!

Bye and have a good day!