lint your git diff before you push
browser-side · no signup
Paste diff
Findings
🔍 Paste a git diff and click Lint It
to scan for issues before you push.

Git diff linter — catch issues before code review

DiffLint scans your unified diff for the mistakes that slip past a visual scan: debug statements you forgot to remove, merge conflict markers that will break your build, hardcoded credentials that shouldn't leave your machine, and TODO comments that shouldn't go out in a PR. Paste the output of git diff or git diff --staged and get a categorized report in under a second. Everything runs in your browser — your code never leaves your machine.

DiffLint is especially useful as a habit before opening a pull request, pushing to a shared branch, or reviewing your own changes one last time. It complements your linter and CI pipeline by catching the human-layer mistakes those tools miss: the console.log added for a debugging session, the binding.pry that snuck into a Ruby controller, the API key that got pasted directly into a config file.

What DiffLint checks

error Merge conflict markers
<<<<<<<, =======, >>>>>>> — breaks the build
error Hardcoded secrets
Passwords, API keys, tokens assigned to literals
error AWS access keys
AKIA... pattern — rotate immediately if found
error Private key material
-----BEGIN PRIVATE KEY----- and variants
error DO NOT COMMIT marker
Explicit markers added to prevent this exact situation
warning Debug statements
console.log, debugger, binding.pry, var_dump, dd(
warning TODO / FIXME comments
TODO, FIXME, HACK, XXX, NOCOMMIT in added lines
info Focused test skips
fdescribe, fit(, xit(, xdescribe — tests focused or skipped

How to use

Run git diff (for unstaged changes), git diff --staged (for staged changes), or git show HEAD (to check your last commit) in your terminal. Copy the output and paste it into DiffLint. Click Lint It or press Ctrl+Enter.

DiffLint understands unified diff format — the standard format used by git, GitHub, GitLab, and Bitbucket. It works with output from git diff, git stash show -p, git show, and .patch files. Multi-file diffs are fully supported.

Frequently asked questions

Does my code leave my browser?

No. DiffLint runs entirely in your browser using JavaScript. Your diff is parsed and scanned locally using regular expressions — nothing is sent to any server. This makes it safe to use with proprietary code, sensitive diffs, or diffs that might contain the very secrets you're scanning for.

What diff format does DiffLint support?

DiffLint parses unified diff format — the output of git diff, git show, git diff --staged, git stash show -p, and .patch files. It correctly handles multi-file diffs and tracks which file each finding belongs to.

Why does DiffLint only scan added lines?

DiffLint focuses on lines you're adding to the codebase (lines starting with + in the diff). Checking deleted lines for issues would create noise — you want to know what's going in, not what's leaving. Lines without a + prefix are context lines from the diff and are ignored.

Can I use DiffLint in my terminal or CI pipeline?

The browser tool is free and designed for manual use. A CI integration is planned — a webhook that scans pull requests automatically and posts a comment with findings. For now, DiffLint works best as a pre-push habit alongside git diff --staged.

DiffLint flagged something that's intentional. What do I do?

Warnings and info findings are advisory — you're the one who decides what belongs in the commit. If you're intentionally leaving a TODO comment or a test-skip marker, that's your call. DiffLint just surfaces it so the decision is conscious, not accidental.

More free developer tools

From the same linting cluster:

EnvLint — validate .env files FeedLint — validate RSS/Atom feeds Cronfig — test cron expressions LinkScrub — strip tracking params from URLs qrnch — QR code generator hashchop — SHA-256/SHA-512 hash generator jwtchop — JWT decoder epochop — Unix timestamp b64chop — Base64 encoder csvchop — CSV to JSON uuidchop — UUID generator radish — stack trace analyzer pxicons — pixel favicon editor yamlchop — YAML validator sqlchop — SQL formatter