envchain
dotfiles
envchain | dotfiles | |
---|---|---|
3 | 3 | |
1,139 | 153 | |
- | - | |
0.0 | 5.6 | |
almost 2 years ago | about 2 months ago | |
C | Shell | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
envchain
-
How do you protect your secret keys in your local computer?
I use https://github.com/sorah/envchain. It stores your secrets in Keychain (macOS) or gnome-keyring.
-
Secretlint 6: masking API tokens in .bash_history and .zsh_history
Credentials are often stored as raw text in .config/ or ~/.aws. These can be found in 1Password Shell Plugins, op run, zenv, envchain, etc. to avoid storing raw tokens in files.
-
How to Handle Secrets on the Command Line
You have envchain to store secrets as ENV variables in your keyring and execute commands:
https://github.com/sorah/envchain
Not really something you would use for production web apps, I think envconsul covers that usecase:
https://github.com/hashicorp/envconsul
dotfiles
- kaihendry/dotfiles: Home directory with an absurd amount of tweaks
-
Use Multiple WM without DM
Kai Hendry has a prompt that asks him on login to start Xorg/DWM or not, in case he wants to run Sway, it's clever. dotfiles.
-
How to Handle Secrets on the Command Line
I defer to using AWS SSM to retrieve secrets https://github.com/kaihendry/dotfiles/blob/master/bin/ssm
But yeah, reading secrets of env or ps or the clipboard is a real issue, so I focus on making sure that doesn't leak.
I've made terrible mistakes leading /proc accidentally in my Web app https://github.com/securego/gosec/issues/569
What are some alternatives?
Mosh - Mobile Shell
zsh-secrets - Storing GPG encrypted environment variables
gosec - Go security checker
platform-compat - Roslyn analyzer that finds usages of APIs that will throw PlatformNotSupportedException on certain platforms.
envconsul - Launch a subprocess with environment variables using data from @HashiCorp Consul and Vault.
encpass.sh - Lightweight solution for using encrypted passwords in shell scripts
secretlint - Pluggable linting tool to prevent committing credential.
dotfiles - Dotfiles are the customization files in GNU/Linux. This repository assembly together all my others github config repos to one union. You can choose this global conf for your system or check other repos.
ShellCheck - ShellCheck, a static analysis tool for shell scripts