How do you fully remove leaked credentials from Git history?
This tests Git history rewriting and incident response. Rotate the secret first, then use git-filter-repo to purge the file, force-push main, and require all teammates to re-clone before resuming. A red flag is recommending git revert or skipping rotation.
This evaluates destructive Git operations and incident response. A strong answer covers: immediate secret rotation; using git-filter-repo to purge the file from all commits; force-pushing main; temporarily disabling branch protection; and coordinating a team-wide re-clone to prevent recontamination. Key risks are broken automation from changed commit hashes, lost closed PR diffs, and stale clones re-pushing the secret.
Read the original → docs.github.com
- #git
- #security
- #incident-response
- #ci/cd
- #version-control
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.