← back to rack
/BUILT-IN

Git Cheatsheet

The commands that earned their place. Companion reference for the Git for Network Engineers series.

v1 · 2026.05.26

The commands that earned their place. This page is the printable companion to the Git for Network Engineers series — the bit you keep open in another tab.

Hit Print / Save as PDF above to take it with you.

#

Setup

One-time global config on a new machine.

  • git config --global user.name "Your Name" Identity attached to every commit you make.
  • git config --global user.email "[email protected]" Email tied to your GitHub account.
  • git config --global init.defaultBranch main Stop the master/main warning on every new repo.
  • git config --global pull.rebase true Default every git pull to rebase. Cleaner history, no merge commits.
  • ssh-keygen -t ed25519 -C "you@host" Generate an SSH key. Paste the .pub into GitHub → SSH Keys.
  • gh auth login Authenticate the GitHub CLI. Web-browser flow is the easiest path.
  • gh auth status Verify you are logged in and which scopes the token has.
#

The daily loop

Branch, edit, commit, push, PR, merge, sync. Repeat.

  • git switch -c feature/short-description Create and switch to a new feature branch off the current one.
  • git switch - Return to the previously checked-out branch. The cd - for git.
  • git status What changed, what is staged, what is untracked. Run constantly.
  • git add <file> / git add . Stage a specific file, or everything in the current dir and below.
  • git add -p Interactive staging by hunk. Pick exactly which changes go in the commit.
  • git commit -m "what this commit does" Take what is staged, save it as a snapshot with that message.
  • git push -u origin <branch> First push of a branch. Sets it to track origin. After this, just git push.
  • gh pr create --fill Open a PR. --fill auto-uses commit messages for title/body.
  • gh pr merge --squash --delete-branch Squash-merge the PR, delete the branch locally and remotely.
  • git switch main && git pull Back to main, sync with the merged result.
#

Inspect history

Reading the past. Use these before changing anything.

  • git log --oneline -10 Last 10 commits, compact view. The default git log is too noisy.
  • git log --oneline --graph --all Visualize branches and merges across the whole repo.
  • git log --grep="ci" Filter commits by message text (basic regex by default).
  • git log --author="tonhe" Every commit by an author whose name or email matches.
  • git log --since="2 weeks ago" Time-bounded log. Also --until= for a closing bound.
  • git log -- path/to/file.yml Every commit that touched that file. Note the --.
  • git log -p -- path/to/file.yml Same as above, but with the full diff inline for each commit.
  • git log --follow path/to/file.yml Track a file through renames. Useful when a file has moved.
  • git show <sha> Full diff of a specific commit. Add --stat for just the file list.
  • git show <sha>:path/to/file Read the contents of a file as it was at that commit.
  • git blame <file> Who wrote each line and when. The “why is it like this” command.
  • git blame -L 11,12 <file> Blame only specific lines. Useful for long files.
  • git diff / git diff --staged Unstaged changes vs. staged changes. Run before every commit.
#

Power tools

History as an investigation instrument.

  • git cherry-pick <sha> Apply a single commit from another branch onto the current branch.
  • git cherry-pick --abort Bail out if a cherry-pick conflicts and you do not want to resolve.
  • git bisect start Begin a binary search for the commit that broke something.
  • git bisect bad HEAD / git bisect good <sha> Mark current state as broken and a known-good commit. Git checks out the midpoint.
  • git bisect good / git bisect bad After testing the midpoint, mark it. Git narrows the range.
  • git bisect run <script> Automated bisect. Your script exits 0 for good, non-zero for bad.
  • git bisect reset End the bisect session and return to your starting branch.
  • git rebase -i HEAD~3 Interactive rebase. Squash, reword, drop, reorder the last 3 commits.
  • git rebase main Replay the current branch on top of latest main. Clean linear history.
#

Recovery

When you mess up. `git reflog` is your time machine.

  • git reflog Every place HEAD has been. Find the SHA of the thing you “lost,” recover from there.
  • git commit --amend --no-edit Add staged changes to the previous commit. Local only, never amend pushed commits.
  • git commit --amend -m "new message" Rewrite the most recent commit message. Still local only.
  • git restore --staged <file> Unstage a file. Modern replacement for git reset HEAD <file>.
  • git restore <file> Discard unstaged edits. Destructive: gone for good.
  • git revert <sha> New commit that undoes a published commit. Safe for shared history.
  • git reset --soft HEAD~1 Undo last commit, keep changes staged. Useful for restructuring.
  • git reset --hard <sha> Move branch to that SHA, throw out everything past it. Dangerous on shared branches.
  • git stash push -u -m "wip" Save uncommitted work (incl. untracked with -u) so you can switch branches.
  • git stash list / git stash pop See the stack of stashes. Pop the most recent one off and reapply.
  • git stash apply / git stash drop apply reapplies but keeps the stash on the stack. drop discards without applying.
  • git switch -c recover-it <sha> Bring a deleted branch back. Get the SHA from git reflog.
  • git push --force-with-lease Force-push, but only if nobody else pushed since you last fetched. Never use plain –force.
  • git filter-repo --invert-paths --path <file> --force Remove a file from all history. After a credential leak. Rotate the credential first.
#

Remotes and sync

Talking to the world beyond your laptop.

  • git remote -v List configured remotes and their URLs. origin is the convention.
  • git remote add origin <url> Connect a local repo to a remote. Done once per repo.
  • git remote set-url origin <url> Change a remote URL. Use this to switch from HTTPS to SSH.
  • git fetch --prune Pull down remote refs and clean up references to branches deleted on the remote.
  • git pull --rebase Fetch + rebase your local commits on top. Cleaner than the default fetch+merge.
  • git branch -a List all branches, local and remote-tracking.
  • git branch --show-current Just the current branch name. Scriptable. Useful for shell prompts and CI.
  • git branch -d <name> / git branch -D <name> Delete a merged branch. Capital -D forces deletion of unmerged branches.
  • git branch -m old-name new-name Rename a local branch. Often git branch -m main to rename from master.
#

Releases and tags

Annotated tags are how you mark known-good points. `git push --tags` ships them.

  • git tag List all tags in the repo.
  • git tag -a v1.0 -m "release notes" Create an annotated tag at HEAD. -a makes it a real object with author and message.
  • git push --tags Push all local tags to origin. By default git push does not push tags.
  • git show v1.0 See the tag metadata and the commit it points at.
#

GitHub from the terminal

`gh` is not git. It is the GitHub API on the command line.

  • gh repo create <name> --private --source=. --remote=origin --push Create a GitHub repo from the current dir, wire up origin, push.
  • gh repo view --web Open the current repo in your browser.
  • gh pr list --state all List open, closed, and merged PRs for the current repo.
  • gh pr view <num> See a PR in the terminal. --web to open it in your browser.
  • gh pr checkout <num> Pull a teammate’s PR branch locally. Killer feature for testing changes.
  • gh pr review --approve --body "lgtm" Approve a PR from the CLI. Also --request-changes or --comment.
  • gh run list --limit 5 Recent GitHub Actions workflow runs for the current repo.
  • gh run watch <id> Block until a run completes, then print the result. Great after git push.
  • gh run rerun <id> --failed Rerun only the failed jobs of a workflow run. For flaky CI.
  • gh issue list / gh issue create Browse and create issues from the terminal. Same --web trick available.
  • gh extension list / gh extension install <repo> List installed gh extensions. Install community extensions from GitHub repos.
#

Hardening

Make GitHub catch mistakes before they land.

  • pre-commit install Wire up .pre-commit-config.yaml hooks so they run on every git commit.
  • pre-commit run --all-files Run all configured hooks against every file in the repo. Use after first install.
  • git commit --no-verify Skip pre-commit hooks for this commit. Almost always the wrong move. Fix the hook.
  • .github/CODEOWNERS File where you assign default reviewers per path glob. Pairs with branch protection.
  • gh api repos/OWNER/REPO/branches/main/protection -X PUT --input rules.json Set branch protection rules from a JSON file. Versionable, scriptable.
  • gh secret set SECRET_NAME Set a repository secret for GitHub Actions workflows. Prompts for the value.
EOF · git 2.x · gh 2.x · companion to Git for Network Engineers series rendered · routerjockey.com/tools/git-cheatsheet · 2026.05.26