What to do when you commit secret in git
It depends.
If you made a commit just now
Remove the commit using BFG or filter-branch
If you have pushed the commit to repository
CHANGE THE SECRET!
All secrets that get pushed to remote repository should be treated as compromised and you cannot be 100% sure it haven’t been pulled by somebody else. github docs
You should still cleanup your commit using methods above to prevent confusion among other devs if they stumble upon the secret in the codebase (even if it’s already changed, they might not know about it)
It’s better to prevent
Git secrets prevents you from commiting secrets https://github.com/awslabs/git-secrets
Tweet