Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

How to remove a commit from Atlassian Bitbucket


In this article I will show you how to delete a commit from a Bitbucket repository.

Why would we need to delete a commit?

It can happen if you accidentally pushed sensitive information into your Bitbucket repository.

For example, you forgot to exclude a file with passwords from adding to git or you provided your password in one of the source files to test how the program works and then you forgot to remove your password from this source file. You pushed commits from your local repo to your Bitbucket repo and that is it. Your sensitive information is there. Everyone with access to this repository can see your password, for example. How to remove this sensitive information?

You can delete your repository and create a new one. But it would make you apply all settings from the deleted repo back and warn your mates, that you created a new repo. It sounds too complicated.

A simpler way would be to remove the wrong commit.

In this tutorial I will show you step by step how to do it.

Create a Bitbucket repo

First I will create a Bitbucket repository:

Screenshot 2020-05-31 at 10.47.30.png

Create a local repository, make changes, push to Bitbucket

I will create a new folder for my repository:

mkdir bitbucket-tutorial
cd bitbucket-tutorial/

I will initialise the git repository and add the remote for my Bitbucket repository:

git init
git remote add origin

I will create a new file and add some contents:

touch mynewfile.txt

Here is the contents of mynewfile.txt:

this line is initial commit

I will commit the changes and push the changes into Bibucket:

git add *
git commit -m "initial"
git push origin master

I will make changes to mynewfile.txt:

this line is initial commit
I added my password info here

I will commit changes and push to Bitbucket:

git add *
git commit -m "sensitive info"
git push origin master

If we have a look at our Bitbucket now we will see two commits:

Screenshot 2020-05-31 at 11.08.11.png

And our commit with sensitive information contains our password line:

Screenshot 2020-05-31 at 11.09.25.png

Even if we remove our password from mynewfile.txt, commit changes and push to Bitbucket, we will still be able to see our commit with sensitive info and hence our password.

We need to remove this commit completely from our Bitbucket repo

Remove commit with password

Let's first find the id of our commit:

git log --oneline --graph --decorate

Here is the output:

Screenshot 2020-05-31 at 11.18.31.png

I marked the id of our commit with a red rectangle.

Now let's remove this commit. We need to reset our git repository to the commit which took place before our wrong commit. The id of the previous comment is 3e90065:

Screenshot 2020-05-31 at 11.23.08.png

Now let's reset our repository

git reset --hard 3e90065

Now mytextfile.txt looks like this:

this line is initial commit

Correct! We do not have our information about the password.

Our commit history looks like this:

Screenshot 2020-05-31 at 11.26.25.png

We do not have our comment with sensitive information. Also correct!

But if we look at our Bitbucket repository, we still have our sensitive info comment:

Screenshot 2020-05-31 at 11.28.11.png

That is because we did not push our changes form our local repository to our Bitbucket repository. Let's do it:

git push --force origin master

Screenshot 2020-05-31 at 11.31.53.png

And now if you have a look at our repository in Bitbucket we will have only our initial commit:

Screenshot 2020-05-31 at 11.33.19.png

Success! We removed the commit with our password from our Bitbucket repository.


Thank you very much for a very clear explanation!

I tried this on our Bitbucket and it did not truly work.

Although the commit disappears from the list, if you know the commit ID you can still look at it and see the password file by manually entering the URL.

Like # people like this

Simple explanation, great result !!! THX

Thanks this worked. I had to get rid of a rouge commit from a rogue dev!

Will this work if the commit in question is not the last, most recent commit?

will this work if the commit in question is not the last one?

Hi, this worked great to rewind back several commits, just add in any id in the reset command (see below) - the id does not have to be the last one (to answer previous questions above) :) 

git reset --hard <commit id here> 

What if you created the commit using the Bitbucket website? Can we delete it without having to pull it down to a local and delete it using the local CLI ?

Thank You, it worked with me

Biggest issue is that if you know the commit's URL, you will still be able to access all the information, even after removing said commit and force pushing.

Like Gabriel.Reyes likes this

This definitely doesnt work in a PR since it would show all the commit trail... which i dont think github does this at all

Thank you it is very useful for all.

git push --force origin master

why use --force ?



Log in or Sign up to comment

Atlassian Community Events