When I learned Git, many tutorials were pretty clear that what goes into git stays there as they were added, which is the whole point of a vcs.
So I would dare to say that your example is not entirely a good one? In my 10 years of using Git, in both privately and professional this has happened exactly zero times. But that's just me.
To use an somewhat odd analogy, it would be akin to asking the average car driver to replace the crown wheel in the differential. I'm certain everyone can do it with enough youtube tutorials and practice, but.. I digress.
But actually it makes sense, Git is like a car, once they understand what basic problem it tries to solve and learn the commands to push, pull, commit, rebase and merge, it's enough as learning navigating traffic and use the car from point a to point b.
So I believe git is easy enough for normal, but of course when situations like your example occurs it's harder (but understandable considering what problem the tool is trying to solve).
I am not being condescending here, it's my real world experience that tells me that very few people have issues with git, and looking at how many use github/gitlab/gitea/etc everyday shows the same.
Delete the file from (past) commits? Isn't the whole point (idiomatic way) that you don't do that, and only delete it in the newest commit?
Unless you mean some intentionally weird scenario, where you want to just delete the file to prevent it from being accessible period.
But that's (afaik) against the whole concept of git, and so verry much outside the intended use.
The rule was to not use any external tools so it doesn't qualify.
But you're right. filter-repo is a great tool. You can even use pleasant Python "callbacks" instead of a hodge-podge of env variables and shell snippets.
The rule is arbitrary and unhelpful and only helps drive a rhetorical point, not actual advice: you really don’t want to do this without a tool as safe and fast as filter-repo. Even recommending filter-branch is just aligning the footgun slightly.
If a point is to be made that confirms OP: removing a file completely isn’t trivial, and thinking one did when one didn’t it is too easy.
It ships with git, so without extra tools, it is the implied solution to OP’s question, and the default choice for many.
I’m not saying they recommend it, as the question drives a rhetorical point. But it’s worth mentioning “git filter-repo” as a solution you will not stumble into as easily as the more difficult, brittle and slow “git filter-branch”.
What I said in my one-sentence-reply is that there are no non-deprecated, built-in tools that helps with this task in a streamlined manner. Which means by extension that it is not a trivial task.
Without using any external tools. You've got 5 minutes. Should be plenty of time to delete 1 file and/or figure out how to do that simple task right?
Good luck.