Git Blame & Log Tricks: Investigating Project History
In this tutorial, you'll learn about Git Blame & Log Tricks: Investigating Project History. We cover key concepts, practical examples, and best practices.
Git log displays commit history while Git blame shows who last modified each line of a file, tracing code origin and understanding project evolution.
In this tutorial, you'll learn advanced Git log and blame techniques for investigating project history. Understanding who changed what, when, and why is essential for debugging, code review, and project forensics. By the end, you'll filter, format, and search commit history like a Git detective.
flowchart TD
A[Investigation question] --> B{What to find?}
B --> C[Who changed this line?]
B --> D[When was this feature added?]
B --> E[Which commits touch this file?]
C --> F[git blame file]
D --> G[git log --grep="keyword"]
E --> H[git log -- file]
F --> I[Show commit details]
H --> I
G --> I
Git Log Basics
# Standard log
git log
# One line per commit
git log --oneline
# Graph with branches
git log --graph --oneline --all --decorate
Expected output:
* a1b2c3d (HEAD -> main) Add payment feature
* b2c3d4e Fix login bug
| * c3d4e5f (feature) Add login page
|/
* d4e5f6g Initial commit
Filtering Commits
Filter by author:
git log --author="John"
git log --author="john@example.com"
Filter by date:
git log --since="2026-01-01"
git log --until="2026-06-01"
git log --after="2 weeks ago"
Filter by commit message:
git log --grep="bugfix"
git log --grep="SEC-" --all # Find security-related commits
Filter by file:
git log -- src/main.py
git log --diff-filter=M -- src/ # Only modified files
Custom Log Formatting
Control exactly what appears:
git log --pretty=format:"%h - %an, %ar : %s"
Expected output:
a1b2c3d - John Doe, 2 hours ago : Add payment feature
b2c3d4e - Jane Smith, 3 days ago : Fix login bug
Common format placeholders:
| Code | Meaning |
|---|---|
%h |
Abbreviated commit hash |
%an |
Author name |
%ae |
Author email |
%ad |
Author date |
%ar |
Author date relative |
%s |
Subject/commit message |
%d |
Ref names |
%b |
Body |
Git Blame: Finding Who Changed a Line
git blame src/app.py
Expected output:
a1b2c3d (John Doe 2026-06-20 14:30:00 +0000 1) import os
b2c3d4e (Jane Smith 2026-06-19 10:00:00 +0000 2) import sys
a1b2c3d (John Doe 2026-06-20 14:30:00 +0000 3)
c3d4e5f (John Doe 2026-06-18 09:00:00 +0000 4) def main():
Blame specific lines:
git blame -L 10,20 src/app.py
Ignore whitespace changes:
git blame -w src/app.py
Combining Blame and Log
Find the full commit details from a blame result:
git show a1b2c3d
Or see commits touching specific lines:
git log -L 10,20:src/app.py
Common Errors
| Error | Cause | Fix |
|---|---|---|
fatal: file not found |
File path wrong | Check file exists at that path |
fatal: bad revision |
Invalid commit hash | Verify hash exists with git log |
You need to specify a revision |
No arguments to blame | Add file path: git blame file |
| Blame shows "Not Committed Yet" | Uncommitted changes | Commit first or use git diff |
| Blame shows old commit despite recent change | Whitespace change | Add -w to ignore whitespace |
log --grep matches nothing |
Search terms wrong | Remove quotes, use simpler terms |
--author not matching |
Case sensitive | Try first name without last name |
| Blame slow on large files | File has many revisions | Use -L to limit line range |
Practice Questions
Challenge
Create a repository with 10 commits across 3 files by 2 authors. Use git log to find: all commits by the first author, all commits in the last week, commits touching a specific file, commits with "fix" in the message. Use git blame on one file to identify which author wrote each line. Use git show to examine a specific commit from the blame output.
Real-World Task
In a production application, a bug was introduced in a function. Use git log -L :functionName:file.py to find which commits modified the function. Use git blame on the suspect lines to see when each line was last changed. Cross-reference with issue tracker to identify the commit that introduced the defect. This forensic investigation technique is used at DodaTech when debugging critical issues in Durga Antivirus Pro's scanning engine.
Built by the developers of Doda Browser, DodaZIP, and Durga Antivirus Pro.
Built by the developers of DodaTech
Doda Browser, DodaZIP & Durga Antivirus Pro