I have a code base which I want to push to GitHub as open source. In this git-controlled source tree, I have certain configuration files which contain passwords. I made sure not to track this file and I also added it to the .gitignore file. However, I want to be absolutely positive that no sensitive information is going to be pushed, perhaps if something slipped in-between commits or something. I doubt I was careless enough to do this, but I want to be positive.
Is there a way to "grep" all of git? I know that sounds weird, but by "all" I mean every version of every file that ever existed. I guess if there is a command that dumps the diff file for every commit, that might work?
This question is related to
git
Git can search diffs with the -S option (it's called pickaxe in the docs)
git log -S password
This will find any commit that added or removed the string password. Here a few options:
-p: will show the diffs. If you provide a file (-p file), it will generate a patch for you.-G: looks for differences whose added or removed line matches the given regexp, as opposed to -S, which "looks for differences that introduce or remove an instance of string".--all: searches over all branches and tags; alternatively, use --branches[=<pattern>] or --tags[=<pattern>]Try the following commands to search the string inside all previous tracked files:
git log --patch | less +/searching_string
or
git rev-list --all | GIT_PAGER=cat xargs git grep 'search_string'
which needs to be run from the parent directory where you'd like to do the searching.
git rev-list --all | (
while read revision; do
git grep -F 'password' $revision
done
)
Source: Stackoverflow.com