Git Investigation
This skill should be used when the user asks to "use git blame", "check git history", "find git commits", "use git log", "use git diff", "use git bisect", "trace code changes", "find who changed this code", or mentions using git commands for investigating code history and changes during root cause analysis.
What this skill does
# Git Investigation ## Overview Git is a distributed version control system that tracks code changes over time. This skill provides guidance for using git commands to investigate code history, identify when bugs were introduced, and track down specific changes during root cause analysis. ## When to Use This Skill Apply this skill when: - Tracing when specific code was changed - Finding who authored problematic code - Identifying commits that introduced bugs - Comparing code versions before/after incidents - Searching commit messages for clues - Binary searching for breaking commits (bisect) ## Essential Git Commands for RCA ### git log - View Commit History **Basic usage**: ```bash git log ``` **Useful flags for RCA**: **Show commits with diffs**: ```bash git log -p ``` **Show commits for specific file**: ```bash git log -- path/to/file.js ``` **Show commits in time range**: ```bash git log --since="2025-12-19 00:00" --until="2025-12-19 23:59" ``` **Show one-line summaries**: ```bash git log --oneline ``` **Show commits by author**: ```bash git log --author="Developer Name" ``` **Show commit graph**: ```bash git log --graph --oneline --all ``` **Search commit messages**: ```bash git log --grep="database" --grep="pool" --all-match ``` **Format output**: ```bash git log --format="%h %an %ad %s" --date=short ``` ### git blame - Find Line Authors **Basic usage**: ```bash git blame path/to/file.js ``` **Show line ranges**: ```bash git blame -L 40,50 path/to/file.js ``` **Show email addresses**: ```bash git blame -e path/to/file.js ``` **Follow line history through renames**: ```bash git blame -C -C -C path/to/file.js ``` **Show commit details**: ```bash git blame -s path/to/file.js ``` **Blame output format**: ``` abc123de (Developer Name 2025-12-19 10:15:00 +0000 45) max: 10, ``` - `abc123de`: Commit SHA - `Developer Name`: Author - `2025-12-19 10:15:00`: Timestamp - `45`: Line number - `max: 10,`: Code content ### git diff - Compare Versions **Compare working directory with last commit**: ```bash git diff ``` **Compare specific commits**: ```bash git diff commit1 commit2 ``` **Compare file across commits**: ```bash git diff commit1 commit2 -- path/to/file.js ``` **Compare with previous commit**: ```bash git diff HEAD~1 HEAD ``` **Show diff for specific commit**: ```bash git show commit_sha ``` **Unified diff with context**: ```bash git diff -U5 # Show 5 lines of context ``` **Word-level diff**: ```bash git diff --word-diff ``` ### git show - View Commit Details **Show complete commit**: ```bash git show commit_sha ``` **Show specific file in commit**: ```bash git show commit_sha:path/to/file.js ``` **Show commit metadata only**: ```bash git show --stat commit_sha ``` ### git bisect - Binary Search for Breaking Commit **Use when**: You know code worked at one point and is broken now, but don't know which commit broke it. **Workflow**: 1. **Start bisect**: ```bash git bisect start ``` 2. **Mark current as bad**: ```bash git bisect bad ``` 3. **Mark known good commit**: ```bash git bisect good commit_sha # or tag, or HEAD~20 ``` 4. **Test current code** (git checks out midpoint) - Run tests or reproduce bug - If broken: `git bisect bad` - If working: `git bisect good` 5. **Repeat** until git identifies first bad commit 6. **End bisect**: ```bash git bisect reset ``` **Automated bisect**: ```bash git bisect start HEAD v1.0 git bisect run ./test-script.sh ``` Test script should exit 0 for good, non-zero for bad. ## Git Investigation Workflows ### Workflow 1: Find When Line Changed **Goal**: Identify when specific line was last modified **Steps**: 1. Use blame to find commit: ```bash git blame path/to/file.js | grep "suspicious code" ``` 2. Extract commit SHA from blame output 3. View commit details: ```bash git show commit_sha ``` 4. Review commit message, author, timestamp, and changes ### Workflow 2: Track File History **Goal**: See all changes to a file over time **Steps**: 1. View commit history for file: ```bash git log -p -- path/to/file.js ``` 2. Focus on time range around incident: ```bash git log --since="2025-12-18" --until="2025-12-19" -- path/to/file.js ``` 3. Review each commit's diff to identify suspicious changes ### Workflow 3: Find Recent Changes to Multiple Files **Goal**: Identify recent commits affecting several related files **Steps**: 1. List recent commits with file stats: ```bash git log --since="2025-12-19" --stat ``` 2. Filter commits touching specific directory: ```bash git log --since="2025-12-19" -- src/config/ ``` 3. Look for commits near incident time that modified relevant files ### Workflow 4: Search Commit Messages **Goal**: Find commits related to specific feature or bug **Steps**: 1. Search commit messages: ```bash git log --grep="database" --grep="connection" --all-match ``` 2. Or search for any of multiple terms: ```bash git log --grep="database\|connection\|pool" ``` 3. Review matching commits for relevance ### Workflow 5: Compare Working vs Deployed Version **Goal**: Identify differences between deployed and current code **Steps**: 1. Find deployed commit SHA (from deployment logs or tags): ```bash deployed_sha="abc123" ``` 2. Compare with current code: ```bash git diff $deployed_sha HEAD ``` 3. Or compare specific file: ```bash git diff $deployed_sha HEAD -- path/to/file.js ``` 4. Review differences for potential issues ### Workflow 6: Binary Search for Breaking Commit **Goal**: Find exact commit that introduced bug **Steps**: 1. Identify known-good commit (e.g., last working version): ```bash git log --oneline # Find commit SHA before issue appeared ``` 2. Start bisect: ```bash git bisect start git bisect bad # Current is broken git bisect good good_commit_sha ``` 3. Test each checkout: - Reproduce issue or run tests - Mark as `git bisect good` or `git bisect bad` 4. Git identifies first bad commit 5. Review that commit to find root cause ## Advanced Git Techniques ### Finding Deleted Code **Search for deleted lines**: ```bash git log -S "deleted code pattern" --all ``` **Example** - Find when "max: 100" was removed: ```bash git log -S "max: 100" -- src/config/database.js ``` ### Following Renames **Track file across renames**: ```bash git log --follow -- path/to/file.js ``` **Blame with rename detection**: ```bash git blame -C -C -C path/to/file.js ``` ### Finding Large Changes **Show commits by diff size**: ```bash git log --stat --format="%h %s" | head -20 ``` **Find commits with many changes**: ```bash git log --shortstat | grep -E "file.*change" ``` ### Checking Specific Commit **View commit details**: ```bash git show commit_sha ``` **View files changed in commit**: ```bash git show --name-only commit_sha ``` **View commit as patch**: ```bash git format-patch -1 commit_sha ``` ## Interpreting Git Output ### Git Blame Output ``` abc123de src/config/database.js (Developer Name 2025-12-19 10:15:00 +0000 45) max: 10, ``` **Extract**: - Commit: `abc123de` - File: `src/config/database.js` - Author: `Developer Name` - Date: `2025-12-19 10:15:00` - Line: `45` - Code: `max: 10,` **Action**: Check if timestamp correlates with incident start. ### Git Log Output ``` commit abc123def456789 Author: Developer Name <[email protected]> Date: Thu Dec 19 10:15:00 2025 +0000 Refactor database configuration Align pool size with staging environment ``` **Extract**: - Full SHA: `abc123def456789` - Author: `Developer Name <[email protected]>` - Date: `Thu Dec 19 10:15:00 2025` - Message: Multi-line commit message **Red flags**: - Vague messages: "fix bug", "update code" - Large refactors near incident time - Config changes without explanation ### Git Diff Output ```diff diff --git a/src/config/database.js b/src/config/database.js index abc123d..def456e 100644 --- a/src/config/database.js +++ b/src/config/database.js @@ -42,7 +42,7 @@ function createConnectionPool() { return new Pool({
Related in General
modeling-omnistudio-epc-catalog
IncludedSalesforce Industries CME EPC product-modeling skill for Product2-based catalog creation. Use when creating EPC products, configuring product attributes, building offer bundles with Product Child Items, or reviewing EPC DataPack JSON metadata for product catalog changes. TRIGGER when: user creates or updates Product2 EPC records, AttributeAssignment payloads, AttributeMetadata/AttributeDefaultValues, Offer bundles, or ProductChildItem relationships. DO NOT TRIGGER when: designing OmniScripts/FlexCards/Integration Procedures (use building-omnistudio-omniscript, building-omnistudio-flexcard, or building-omnistudio-integration-procedure), implementing Apex business logic (use generating-apex), or troubleshooting deployment pipelines (use deploying-metadata).
relationship-science-coach
IncludedUse this skill for direct, practical adult relationship coaching: couples conflict, repair, trust, marriage, dating, flirting, attachment patterns, emotional connection, sex, desire differences, eroticism, kink negotiation, affection, love languages, breakups, and long-term passion. Draw on Gottman, EFT and Hold Me Tight, attachment science, modern sex research, Perel, Nagoski, Kerner, Schnarch, Love and Stosny, and flexible love-language tools. Be concrete and low-hedge. Redirect only for imminent danger, abuse, coercive control, minors, non-consent, self-harm, stalking, or medical/legal/psychiatric decisions.
building-sf-integrations
IncludedSalesforce integration architecture and runtime plumbing with 120-point scoring. Use this skill to set up Named Credentials, External Credentials, External Services, REST/SOAP callout patterns, Platform Events, and Change Data Capture. TRIGGER when: user sets up Named Credentials, External Services, REST/SOAP callouts, Platform Events, CDC, or touches .namedCredential-meta.xml files. DO NOT TRIGGER when: Connected App/OAuth config (use configuring-connected-apps), Apex-only logic (use generating-apex), or data import/export (use handling-sf-data).
venue-templates
IncludedAccess comprehensive LaTeX templates, formatting requirements, and submission guidelines for major scientific publication venues (Nature, Science, PLOS, IEEE, ACM), academic conferences (NeurIPS, ICML, CVPR, CHI), research posters, and grant proposals (NSF, NIH, DOE, DARPA). This skill should be used when preparing manuscripts for journal submission, conference papers, research posters, or grant proposals and need venue-specific formatting requirements and templates.
let-fate-decide
IncludedDraws the 12 Houses of the Zodiac Tarot spread to inject entropy into planning when prompts are vague, ambiguous, or casually delegated. Interprets the spread to guide next steps. Use when the user says 'let fate decide', 'YOLO', 'whatever', 'idk', or other nonchalant phrases, makes Yu-Gi-Oh references, or when you are about to arbitrarily pick between multiple reasonable approaches. Prefer over ask-questions-if-underspecified when the user's tone is casual or playful rather than precision-seeking.
net-ops
IncludedCross-platform network troubleshooting (Windows, macOS, Linux) via local or remote shell. Use for: DNS broken, can't resolve hostnames, nslookup/dig works but apps fail, NRPT, WFP, scutil, /etc/resolver, systemd-resolved, /etc/resolv.conf, NetworkManager, VPN DNS leak residue (ProtonVPN/Mullvad/WireGuard/AnyConnect), AV/firewall blocking DNS or DoH, Tailscale DNS interaction, intermittent connectivity, remote diagnostics over SSH.