Question: Let's say I want to open source my app but a long time ago I used to have credentials hard coded. What can I do to clean this up from history?
Git does have tools that allow you to rewrite history to fix situations like this, but by far the easiest solution is to invalidate those credentials so they become worthless.
Here's a checklist [1] (again, from gitguardian) of steps to follow before open-sourcing projects and [2] a guide on how to remediate hardcoded/exposed secrets.
