DEV Community 👩‍💻👨‍💻

Levi Velázquez
Levi Velázquez

Posted on • Updated on

Git blame for finding who introduced an error and how to fix it.

As we know sometimes, someone can add/delete something, after that the project starts popping up errors everywhere.

The first action is finding the error, then if your team are more than three developers, spotting who introduced(by checking commits) the error could be painful and this is the second action. Knowing who did it. Luckily, we can use a not know(for beginners) command git blame.

Basically, we execute git blame path_of_the_file_where_the_error_is and an interactive prompt will appear showing our file line by line, along with the commit and the person who wrote/edited that line of code.

Example:

We spotted that someone accidentally changed settings production file to allow CORS requests from any host. Introducing a huge security hole in our platform.

We know the change was made on our production settings file, so, we run git blame

git blame settings/production.py
>>
......
72a82b25 (Juan Manuel 2018-03-27 08:46:42 -0500 30) DEBUG = False
72a82b25 (Juan Manuel 2018-03-27 08:46:42 -0500 31)
c54eabe6 (Levi Velazquez 2018-04-12 19:58:38 -0500 32) CORS_ORIGIN_ALLOW_ALL = True
......
Enter fullscreen mode Exit fullscreen mode

It says, in the commit c54eabe6 Levi Velázquez (That's me)- date: 2018-04-12 19:58:38, he edited/added this line CORS_ORIGIN_ALLOW_ALL = True

So, if we want to know what it was before the change, in order to fix it. We use git show using our commit name

git show c54eabe6
>>
commit c54eabe67350229f3977d9f268eb638f954cf5ea
Author: Levi Velazquez <levinoelvm@gmail.com>
Date:   Thu Apr 12 19:58:38 2018 -0500

    allowed CORS to all host


- CORS_ORIGIN_WHITELIST = [
-    'host1.com',
-    '.companydomain.com',
- ]
+ CORS_ORIGIN_ALLOW_ALL = True

Enter fullscreen mode Exit fullscreen mode

And voilà, we can see the commit date, author, message, as well, lines added and deleted. According to this, Levi(me) deleted CORS_ORIGIN_WHITELIST variable and set CORS_ORIGIN_ALLOW_ALL to True allowing all CORS request from any host.

Then, we can just revert our changes and fix the error.

In conclusion, blame on me or like GOT style: SHAME*SHAME*SHAME.
shame

Disclaimer: non-production environment was hurt during the creation of this post.

Top comments (0)

DEV

Thank you.

 
Thanks for visiting DEV, we’ve worked really hard to cultivate this great community and would love to have you join us. If you’d like to create an account, you can sign up here.