Git-regret 💀 — I Finally Finished the CLI That Reads Your Shame

This is an official submission for the GitHub Finish-Up-A-Thon Challenge.

---

Try It Yourself: https://ishantgupta30.github.io/git-regret/

🕒 Introduction: The Ghost in the .git Directory

Every developer has a digital graveyard.

It is a hidden directory, usually tucked away in a generic /Developer/Projects folder, filled with half-baked ideas, abandoned repositories, and code that was written at 3:00 AM under the influence of intense caffeine and false confidence.

For 18 months, my personal digital graveyard contained a repository called git-audit-tool.

If you opened that repository and ran git log, you would find a brief, tragic story told in three commits:

1. initial commit - hackathon night
2. wip add secret detection - crashes on big repos
3. giving up for tonight, too tired - will finish later

That last commit sat there untouched for a year and a half.

The code inside was embarrassing.

It was a single Python file that hardcoded execution limits, contained broken placeholders, and regularly threw unhandled exceptions if you pointed it at a repository with a mature history.

But the core problem never went away:

Nobody actually checks their git history until something goes terribly wrong.

We push API keys.

We squash terrible commit messages into production branches.

We leave panic-driven fix: layout again commits scattered across our history.

When the GitHub Finish-Up-A-Thon was announced, I realized it was time to stop closing the tab.

It was time to take this broken, abandoned script and turn it into a production-ready CLI.

This is the story of how I completely rewrote that technical mess into git-regret—a tool that scans repository history for mistakes, calculates project "regret metrics," and generates GitHub Copilot remediation plans automatically.

---

🛑 The Before: One Function, Zero Architecture, Infinite Shame

Before discussing the rebuild, we need to look at the starting line.

The original script was a masterclass in anti-patterns.

• One file
• Zero tests
• Fragile parsing
• Hardcoded limits
• Empty TODOs everywhere

import subprocess
import sys

# wip - trying to add secret detection
# TODO: this crashes on big repos lol

def run_audit(path="."):
    result = subprocess.run(
        ["git", "log", "--oneline", "-20"],
        cwd=path,
        capture_output=True,
        text=True
    )

    if result.returncode != 0:
        print("not a git repo")
        return

    commits = result.stdout.strip().splitlines()
    print(f"checking {len(commits)} commits...")

    for line in commits:
        sha = line.split()[0]
        msg = " ".join(line.split()[1:])

        if "wip" in msg.lower():
            print(f"bad commit: {sha} — {msg}")

if __name__ == "__main__":
    path = sys.argv[1] if len(sys.argv) > 1 else "."
    run_audit(path)

🔍 Anatomy of a Broken Script

The Magic Number Limitation

["git", "log", "--oneline", "-20"]

The tool literally refused to inspect more than 20 commits.

---

Fragile String Parsing

sha = line.split()[0]

The parser assumed every log line would always have the same structure.

Not exactly resilient engineering.

---

The Phantom Feature

The tool claimed to perform secret detection.

The implementation?

# TODO secret detection here

---

The README

# git-audit-tool

TODO: write this.

## Status
Gave up. Crashes on any repo > 10 commits. Will fix later.

- [ ] fix the crash
- [ ] add secret detection
- [ ] make it actually useful

Every time I looked at the repository, the technical debt felt bigger than the project itself.

---

💡 Designing git-regret

To build a utility people would actually use, I had to stop thinking like a script writer and start thinking like a systems engineer.

The vision centered around three pillars:

1️⃣ Multi-Dimensional Analysis

[Repository Scan Engine]
       │
       ├── HIGH SEVERITY 🚨
       │      ├── Secret Leaks
       │      └── Fix Chains
       │
       └── MEDIUM SEVERITY ⚠️
              ├── WIP Commits
              ├── Regret Keywords
              └── Giant Commits

---

2️⃣ Decoupled Architecture

Analysis and presentation should never depend on one another.

---

3️⃣ AI-Powered Remediation

Finding mistakes is useful.

Generating the exact fix plan is even better.

This became the foundation of the --copilot feature.

---

🤖 Pairing with GitHub Copilot

A surprising amount of CLI development is boilerplate:

• Regex creation
• Test fixtures
• Argument parsing
• State tracking

GitHub Copilot helped accelerate all of it.

---

🧠 Challenge #1: Secret Detection

I needed a reliable set of patterns for identifying leaked credentials.

Prompt

I am building a high-performance Python static analysis tool for git history. Generate compiled regex patterns for AWS keys, Stripe live keys, GitHub tokens, private SSH keys, database URLs, and common API secret assignments.

Result

import re

SECRET_PATTERNS = {
    "aws_access_key": re.compile(r"AKIA[A-Z0-9]{16}", re.IGNORECASE),
    "stripe_live_key": re.compile(r"sk_live_[0-9a-zA-Z]{24}"),
    "github_pat": re.compile(r"ghp_[0-9a-zA-Z]{36}"),
    "pem_private_key": re.compile(r"-----BEGIN[A-Z ]+PRIVATE KEY-----"),
    "database_url": re.compile(
        r"(mongodb|postgresql|postgres)://[^:]+:[^@]+@[^/]+"
    ),
}

This became the foundation of the scanning engine.

---

⛓️ Challenge #2: Detecting Fix Chains

One common signal of rushed development is a series of consecutive patch commits:

fix: layout bug
fix: layout bug try 2
fix: forgot import
bugfix: typo

These should usually be squashed into a single commit.

I asked Copilot to generate a state machine capable of identifying runs of three or more consecutive fix commits.

The resulting implementation correctly handled edge cases and trailing chains without introducing off-by-one errors.

---

🧪 Challenge #3: Automated Testing

Testing Git tooling is difficult because you cannot safely mutate a real repository during unit tests.

I used Copilot to generate a Pytest fixture that:

1. Creates a temporary repository.
2. Configures dummy Git identities.
3. Generates synthetic commit histories.
4. Runs assertions against isolated repositories.

The result was a reproducible testing environment covering:

• Secret detection
• Empty histories
• Pagination
• Fix chains
• WIP detection

By release day, the project had:

• 35 assertions
• 10 test scenarios
• Full isolated execution

---

🏗️ Architecture

The rewrite introduced strict separation between components.

┌────────────────────────────┐
│ cli.py                     │
│ Flag parsing               │
└─────────────┬──────────────┘
              │
              ▼
┌────────────────────────────┐
│ analyzer.py                │
│ Repository analysis        │
└─────────────┬──────────────┘
              │
              ▼
┌────────────────────────────┐
│ ui.py                      │
│ Rich rendering + prompts   │
└────────────────────────────┘

This architecture makes the analysis engine reusable in:

• GitHub Actions
• CI systems
• Future integrations

without modification.

---

🚀 The Result: git-regret

Installation:

pip install git-regret

Run:

git-regret

Sample output:

╭──────────────────────────────╮
│ git-regret 💀                │
│ Unbreak your past commits.   │
╰──────────────────────────────╯

Scanned 142 commits

Found:
🚨 1 HIGH
⚠️ 2 MEDIUM

[HIGH] Secret Leak Detected

Commit: a3f910d

Message:
hotfix: override api connection auth

Detail:
Leaked Stripe key detected

Suggested Fix:
Rotate credential and purge history.

---

🛠️ The Killer Feature: --copilot

git-regret --copilot

The tool generates a GitHub Copilot prompt tailored to the repository findings.

Example:

You are an elite principal engineer auditing my repository.

Detected:
- secret_leak
- trailing_fix_chain

Affected commits:
- a3f910d
- 84b2c11

Please:

1. Provide an interactive rebase plan.
2. Show git filter-repo commands.
3. Draft replacement commit messages.

Instead of searching Stack Overflow for hours, developers get an immediate remediation workflow.

---

📊 Before vs After

Metric	Old Script	git-regret
Codebase	87 Lines	520+ Lines
Architecture	Single File	Modular
Testing	None	35 Assertions
Analysis Rules	1	5
UI	print()	Rich
Error Handling	Minimal	Robust
AI Integration	None	Copilot Prompts

---

🔮 Roadmap

Planned features include:

git-regret install-hook

Automatically install pre-commit protections.

git-regret --ci

Generate GitHub Actions workflows automatically.

.gitregret.json

Custom organizational rules and policies.

---

🏁 Conclusion

Finishing an abandoned project taught me something important:

An old idea is not necessarily a bad idea. Sometimes it is simply waiting for a better implementation.

The original project failed because it lacked structure.

By introducing:

• Decoupled architecture
• Automated testing
• GitHub Copilot assistance
• Clear design boundaries

I transformed a forgotten hackathon script into a production-ready developer tool.

If you have an abandoned repository sitting in your projects folder, this challenge is your sign to revisit it.

You might discover that the hardest part was simply finishing.

---

⚡ Audit Your Repository Today

# Install
pip install git-regret

# Generate a report and Copilot remediation plan
git-regret --copilot

🔗 Links

• 🌐 Documentation & Website: https://ishantgupta30.github.io/git-regret/
• 📦 GitHub Repository: https://github.com/ishantgupta30/git-regret

⚡ Get Started

pip install git-regret
git-regret --copilot

If git-regret helps you uncover a secret, clean up a fix chain, or finally understand what happened in your repository six months ago, consider giving the project a ⭐.