detect-secrets
infisical
detect-secrets | infisical | |
---|---|---|
20 | 104 | |
3,493 | 12,446 | |
2.0% | 6.7% | |
8.1 | 10.0 | |
3 days ago | 7 days ago | |
Python | TypeScript | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
detect-secrets
- Rotz: Cross platform dotfile manager written in Rust
-
Detecting Secrets in Git Repositories
I searched a bit and found: https://github.com/Yelp/detect-secrets
-
My boss keeps committing his creds into git
To add my anecdote, testing out Trufflehog versus Gitleaks and detect-secrets the other tools seemed superior on detection rate and easier to work with.
-
"um": GPT-powered CLI Assistant
Respecting your privacy: To protect your sensitive data, um uses the excellent detect-secrets python library to remove passwords and tokens before indexing commands. Also our OpenAI account is opted out of collecting and using data for training the next versions of GPT.
- DataSurgeon: Quickly Extracts IP's, Email Addresses, Hashes, Files, URLs, Phone numbers and more from text
-
Protect yourself from accidentally leaking sensitive information
exclude: "^/migrations/" default_stages: [ commit, push ] default_language_version: python: python3 repos: - repo: https://github.com/Yelp/detect-secrets rev: v1.4.0 hooks: - id: detect-secrets name: Detect secrets language: python entry: detect-secrets-hook args: ['--baseline', '.secrets.baseline']
-
My setup for publishing to Dev.to using github
repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v2.3.0 hooks: - id: check-yaml - id: end-of-file-fixer - id: trailing-whitespace - repo: https://github.com/Yelp/detect-secrets rev: v1.4.0 hooks: - id: detect-secrets - repo: https://github.com/igorshubovych/markdownlint-cli rev: v0.33.0 hooks: - id: markdownlint args: ["--disable=MD013"] # this removes line length warnings
-
Toyota Accidently Exposed a Secret Key Publicly on GitHub for Five Years
Yelp has a "detect-secrets" project that can detect potential secrets and can be used as a pre-commit hook: https://github.com/Yelp/detect-secrets
-
Implement DevSecOps to Secure your CI/CD pipeline
detect-secret is an enterprise-friendly tool for detecting and preventing secrets in the code base. We can also scan the non-git tracked files. There are other tools as well like Gitleaks which also provide similar functionality.
-
Enable secure access to secrets for AWS ECS containers using Terraform - ecs-secrets-manager module
As presented in the report, a lot of secrets are hardcoded in the Git repository. This can be detected by secret detection tools. There are OSS like https://github.com/Yelp/detect-secrets or SaaS alternatives. The detection process can be executed by every team member locally using Git Hooks and on Github using Github Checks on the Pull Request level.
infisical
- Show HN: Open-source alternative to HashiCorp/IBM Vault
-
IBM to Acquire HashiCorp, Inc
You should look into Infisical: https://github.com/Infisical/infisical
Disclaimer: Iβm one of the founders.
-
IBM Planning to Acquire HashiCorp
Do you know that OpenBao is actually funded by IBM?
I'm biased (co-founder) but you should take a look at Infisical for secret management: https://infisical.com
-
Top Secrets Management Tools for 2024
Infisical
-
Ask HN: Where do you save your API keys?
Check out Infisical: https://infisical.com
We help developers manage API keys, DB access tokens, certificates, and other types of secrets across all of their infrastructure β providing smooth native integrations with k8s, terraform, github actions, any local development setup, and much more.
Disclaimer: I'm one of the founders.
-
π‘οΈ4 Top Database Security Tools in 2024 ππ₯
Infisical is an open-source, end-to-end encrypted secret management platform for storing, managing, and syncing application configuration and secrets like API keys, database credentials, and environment variables across applications and infrastructure. It is an alternative to HashiCorp Vault and AWS Secrets Manager.
-
OpenBao β FOSS Fork of HashiCorp Vault
Check out Infisical: https://github.com/Infisical/infisical
Disclaimer: I'm one of the founders
-
π₯π₯ Our awesome OSS friends π
Infisical- Open source, end-to-end encrypted platform that lets you securely manage secrets and configs across your team, devices, and infrastructure.
-
Secure Credential Management in Ansible on a Shared Server?
Check out Infisical: https://infisical.com
-
π₯π Top 10 Open-Source Must-Have Tools for Crafting Your Own Chatbot π€π¬
Start building with Infisical. Support Infisical on GitHub β
What are some alternatives?
trufflehog - Find and verify secrets
dotenv-vault - sync .env filesβfrom the creator of `dotenv`.
semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
sso-wall-of-shame - A list of vendors that treat single sign-on as a luxury feature, not a core security requirement.
snyk - Snyk CLI scans and monitors your projects for security vulnerabilities. [Moved to: https://github.com/snyk/cli]
infisical-cli - βΎ Infisical is an open-source, E2EE tool to sync environment variables across your team and infrastructure. [Moved to: https://github.com/Infisical/infisical]
gitleaks - Protect and discover secrets using Gitleaks π
Vault - A tool for secrets management, encryption as a service, and privileged access management
truffleHogRegexes - These are the regexes that power truffleHog
teller - Cloud native secrets management for developers - never leave your command line for secrets.
ggshield - Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
envless - OpenSource, frictionless and secure way to share and manage app secrets across teams.