I recently noticed that I had accidentally committed a .env file which contained sensitive information. My best guess is that I accidentally clicked OK when Webstorm asked me if I wanted to add the file to git because it was added to the .gitignore file immediately after creation. I did not notice that this file was being continually pushed to VCS for several weeks. I immediately ran git rm --cached .env and used BFG-Repo Cleaner to purge the file from my version history. The problem is that while BFG-Repo Cleaner did its job (albeit oddly, every commit is now duplicated), and the file no longer exists anywhere in my commit history, the commit where I actually removed the file shows exactly what was removed, i.e the passwords and keys. Is this the usual result of running BFG-Repo Cleaner? If so, how can I remove that commit from the history without losing any commits that have been made since then? Most of the answers that I can find refer to using git reset --hard to revert to the commit before the one that I want to get rid of, but I don't wish to lose my work after that point.
I just find it odd that a tool that is designed for removing sensitive data from version history, would still show the diff of the commit where the sensitive data was removed.
I used BFG-Repo-Cleaner as it seemed like an easier alternative to git-filter-branch, but is there a use case for using git-filter-branch here now, not to remove a file, but to remove the commit which shows the contents of the file that I removed?
Option 1: If you commit your file as a separate commit.
Lets say: This is your commit history
And you want to remove second commit.
Option 2: If you commit your file with other changes as well, then
Add that file to git ignore and commit all the changes from then as a new commit. In this, you will lose the history of the project from that point you commit that file to now.