I agree with the post. It really comes down to resetting and revoking the validity of compromised API keys. Never mind messing up with the commit history; just leave it as is and reset those keys ASAP.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.