Search all of Git history for a string [duplicate]

I have a code base which I want to push to GitHub as open source. In this Git-controlled source tree, I have certain configuration files which contain passwords. I made sure not to track this file and I also added it to the .gitignore file. However, I want to be absolutely positive that no sensitive information is going to be pushed, perhaps if something slipped in-between commits or something. I doubt I was careless enough to do this, but I want to be positive.

Is there a way to "grep" all of Git? I know that sounds weird, but by "all" I mean every version of every file that ever existed. I guess if there is a command that dumps the diff file for every commit, that might work?


Git can search diffs with the -S option (it's called pickaxe in the docs)

git log -S password

This will find any commit that added or removed the string password. Here a few options:

  • -p: will show the diffs. If you provide a file (-p file), it will generate a patch for you.
  • -G: looks for differences whose added or removed line matches the given regexp, as opposed to -S, which "looks for differences that introduce or remove an instance of string".
  • --all: searches over all branches and tags; alternatively, use --branches[=<pattern>] or --tags[=<pattern>]

git rev-list --all | (
    while read revision; do
        git grep -F 'password' $revision
    done
)

Try the following commands to search the string inside all previous tracked files:

git log --patch  | less +/searching_string

or

git rev-list --all | GIT_PAGER=cat xargs git grep 'search_string'

which needs to be run from the parent directory where you'd like to do the searching.