In this article I will show you how to delete commits from a Bitbucket repository.
Why would we need to delete a commit?
It can happen if you accidentally pushed sensitive information into your Bitbucket repository.
For example, you forgot to exclude a file with passwords from adding to git or you provided your password in one of the source files to test how the program works and then you forgot to remove your password from this source file. You pushed commits from your local repo to your Bitbucket repo and that is it. Your sensitive information is there. Everyone with access to this repository can see your password, for example. How to remove this sensitive information?
You can delete your repository and create a new one. But it would make you apply all settings from the deleted repo back and warn your mates, that you created a new repo. It sounds too complicated.
A simpler way would be to remove the wrong commit.
In this tutorial I will show you step by step how to do it.
Create a Bitbucket repo
First I will create a Bitbucket repository:
Create a local repository, make changes, push to Bitbucket
I will create a new folder for my repository:
mkdir bitbucket-tutorial cd bitbucket-tutorial/
I will initialise the git repository and add the remote for my Bitbucket repository:
git init git remote add origin https://email@example.com/alex1mmm/bitbucket-repo-article.git
I will create a new file and add some contents:
Here is the contents of mynewfile.txt:
this line is initial commit
I will commit the changes and push the changes into Bibucket:
git add * git commit -m "initial" git push origin master
I will make changes to mynewfile.txt:
this line is initial commit I added my password info here
I will commit changes and push to Bitbucket:
git add * git commit -m "sensitive info" git push origin master
If we have a look at our Bitbucket now we will see two commits:
And our commit with sensitive information contains our password line:
Even if we remove our password from mynewfile.txt, commit changes and push to Bitbucket, we will still be able to see our commit with sensitive info and hence our password.
We need to remove this commit completely from our Bitbucket repo
Remove commit with password
Let’s first find the id of our commit:
git log --oneline --graph --decorate
Here is the output:
I marked the id of our commit with a red rectangle.
Now let’s remove this commit. We need to reset our git repository to the commit which took place before our wrong commit. The id of the previous comment is 3e90065:
Now let’s reset our repository
git reset --hard 3e90065
Now mytextfile.txt looks like this:
this line is initial commit
Correct! We do not have our information about the password.
Our commit history looks like this:
We do not have our comment with sensitive information. Also correct!
But if we look at our Bitbucket repository, we still have our sensitive info comment:
That is because we did not push our changes form our local repository to our Bitbucket repository. Let’s do it:
git push --force origin master
And now if you have a look at our repository in Bitbucket we will have only our initial commit:
Success! We removed the commit with our password from our Bitbucket repository.