如何使用git log查找包含凭证/密码的提交

时间:2019-06-19 09:51:48

标签: git diff credentials

因此,我有一个存储库,并怀疑有人不小心将凭据提交到其中

我需要找到所有包含我的凭据的提交:tiWEythzNEX8N3sktiWEythzNEX8N3sk

让我们看看一些提交。 There is small repo to reproduce

使用命令git log --oneline -n 10

963f080 (HEAD -> find-credentials-git-log) feat(3309): add middleware
b83a41f fix(3309): rm credentials
70ec8dc bug: ooops I show my credentials
895937f feat(3309): add server
534792d feat(3309): add types
9cce5c9 feat(3309): add position entity

现在让我们看看70ec8dc bug: ooops I show my credentials提交的git diff

使用命令git show 70ec8dc

commit 70ec8dc914609d50bd0ef3c0b420db0b7a4aa7f5
Author: Yegor <mail@gmail.com>
Date:   Wed Jun 19 12:21:38 2019 +0300

    bug: ooops I show my credentials

diff --git a/typeorm/3309/startServer.ts b/typeorm/3309/startServer.ts
index 0f1c9bd..b3bd09e 100644
--- a/typeorm/3309/startServer.ts
+++ b/typeorm/3309/startServer.ts
@@ -45,7 +45,7 @@ export const startServer = async () => {
         prefix: redisSessionPrefix
       }),
       name: 'offerhub',
-      secret: process.env.SESSION_SECRET,
+      secret: 'tiWEythzNEX8N3sktiWEythzNEX8N3sk', // My credentials
       resave: false,
       saveUninitialized: false,
       cookie: {

我需要找到git diff包含此文本/凭证tiWEythzNEX8N3sktiWEythzNEX8N3sk的所有提交。怎么做?

1 个答案:

答案 0 :(得分:2)

git log --oneline -S 'tiWEythzNEX8N3sktiWEythzNEX8N3sk'

请参阅文档here