Search a Git repository's full revision history (commit messages and diffs) for text patterns.
Poirot helps you investigate your repositories. Give him a set of clues (e.g. strings or regular expressions) and he will report back any place they appear in your repository’s revision history.
When used as a pre-commit hook, Poirot can warn you if you’re about to commit something you might not intend (think passwords, private keys, tokens, and other bits of sensitive or personally identifiable information).
Poirot began as a fork of CFPB’s fellow gumshoe, Clouseau.
Poirot uses these Python packages:
Poirot is available on PyPi and can be installed with pip as:
pip install poirot
You may want to install it in a virtual environment, unless you plan on using Poirot in a global commit hook.
In that case, you will have to ensure that you have done a global pip install for any Python versions you are using. E.g., if you want to run it on Python 2.7, 3.3, and 3.5 installed, install Poirot as follows:
pip2.7 install poirot pip3.3 install poirot pip3.5 install poirot
To invoke Poirot and see his findings, call him from the command line with
poirot and the following optional arguments:
email@example.com:DCgov/poirot.git. When included, you will be given the choice to clone or pull from the remote URL. Default value: none.
--dir, as part of a pre-commit hook.
--stagedis not included, otherwise none.
The most basic command Poirot will accept is:
That will search the current git directory’s last commit (i.e.
HEAD^!) for the patterns in the default pattern file.
To specify one or more different patterns files (each separated by a comma), do this instead:
The –patterns option also allows files accessible over HTTP, like this one here:
To search for a single term (like
Say you want to search for
password in the whole revision history of all branches. Then do:
poirot --term="password" --revlist="all"
You can further restrict the set of revisions Poirot looks through with the
author options (which correspond to the same flags in git). E.g.:
poirot --term="password" --revlist=40dc6d1...3e4c011 --before="2015-11-28" --after="2015-10-01" --author="firstname.lastname@example.org"
Perhaps you don’t have the repository available locally or you would like to update it from a remote URL. Just add the
url to your command and it will allow you to clone or pull to the current folder.
poirot --url https://github.com/foo/baz.git --term="password"
You can also specify a different directory than the current one with
dir. The following command will clone/pull to the folder
thisotherfolder, which sits inside of the current directory. If it does not yet exist, it will be created.
poirot --url https://github.com/foo/baz.git --term="password" --dir="thisotherfolder"
To search changes that have been staged for commit, but not yet committed, use the
poirot --term="password" --staged
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|File Name & Checksum SHA256 Checksum Help||Version||File Type||Upload Date|
|poirot-1.0.1-py2.py3-none-any.whl (20.9 kB) Copy SHA256 Checksum SHA256||py2.py3||Wheel||Jun 22, 2016|
|poirot-1.0.1.tar.gz (17.2 kB) Copy SHA256 Checksum SHA256||–||Source||Jun 22, 2016|