Simon Rentzke

Removing sensitive data from GitHub wiki revision history

October 12, 2016

If you, like me, by mistake added a password to a Github Wiki, and would like to remove it from history. It’s actually quite easy.

The whole wiki, is actually a git repo, which you can checkout locally like this:

git clone<user>/<repo>.wiki.git

You can then do a rebase, to amend the the wiki changes (commits). Remove the sensitive commits, and then do a force push.

 git rebase --interactive HEAD~2
 git push -f

Please note: that even though you won’t be able to see it on the UI, the sensitive data will still exist in the git history, if you would like to be sure that nothing exists, you can destroy the whole wiki’s history, by following this gist.