gitleaks
draw.io
gitleaks | draw.io | |
---|---|---|
36 | 131 | |
15,280 | 38,715 | |
1.3% | 1.2% | |
8.1 | 8.5 | |
8 days ago | 11 days ago | |
Go | JavaScript | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gitleaks
-
Cloud Security and Resilience: DevSecOps Tools and Practices
1. Gitleaks: https://github.com/gitleaks/gitleaks Gitleaks provides a way for developers to find and prevent security breaches by scanning Git repositories for secrets like passwords and API keys.
-
How to use Lefthooks in your node project?
install gitleaks in your machine gitleaks
-
I Analyzed StackOverflow for Secrets
> gitleaks : fatal error: runtime: out of memory
Should be fixed now: https://github.com/gitleaks/gitleaks/pull/1292. Thanks for highlighting this simple change I've been putting off :)
-
[Help Needed] Securing Customized Gitleaks and Backend Communication?
I work in IT and we're enhancing our 'Shift Left Security' approach to prevent sensitive data leaks in our GitHub repositories. We've customized Gitleaks to send git-related information (like remote repository, author details, commit hash etc.) to our backend after each commit. This setup helps us monitor Gitleaks usage among our developers. (gitleaks)
-
Go Security Scanner
Cool. What features/capabilities are different compared to gitleaks?
-
My boss keeps committing his creds into git
To add my anecdote, testing out Trufflehog versus Gitleaks and detect-secrets the other tools seemed superior on detection rate and easier to work with.
-
Tools for very basic security audits
Some tools to consider: Gitleaks - open-source secret scanner for git repositories, files, and directories. Retire.js - dependency check tool for client JS code. Censys - Itβs a search engine that you can use, for example, to scan any IP address and check open ports, software versions, location of the servers, etc. If you want to check more tools, you can download this free ebook with a list of recommended security tools: https://brightinventions.pl/blog/app-security-free-ebook/ The listed tools are free or offer free trials.
-
About secret scanning
bonuses: - https://github.com/trufflesecurity/trufflehog - https://github.com/gitleaks/gitleaks
-
Someone has access to my private repos = I lost 140k
I GET IT I need to follow best practice and not upload any sensitive information, even if its a private repo. But through my 10 yeras of coding it happened twice. However these keys only lived in 2 areas: my laptop and GITHUB. My laptop is pretty secured, and the timing of the above events just make me really think someone internally at Github is running https://github.com/gitleaks/gitleaks on private repos he / she has access to.
-
any open source that checks security vulnerabilities in code?
Maybe https://github.com/gitleaks/gitleaks is what you are looking for
draw.io
- Open-Source Lucidchart Alternative
-
Show HN: Open source database diagram editor
At first I thought this was drawio: https://www.drawio.com/ with which you can generate a schema diagram from SQL. Is this the other way around.
-
Monodraw
For anyone who is willing to use a webapp, I like drawio[0]. You can download locally[1] and self host (I just use the python webserver).
While finding the Github, I see they now actually package an Electron application, so that is probably worth exploring[2].
[0] https://www.drawio.com/
[1] https://github.com/jgraph/drawio
[2] https://github.com/jgraph/drawio-desktop
- Diagramming software for Linux, Windows, Browser β open-source
-
Are there any good FREE flowchart makers?
draw.io works nicely for flowcharts and other types of diagrams.
-
Is a fully open-source draw.io possible?
:
The source code authored by us in this repo is
-
Mastering Diagrams: A Professional Approach to Enhancing Visuals with ChatGPT and Mermaid
Another way that you can leverage the power of ChatGPT and mermaid is when you are using a software designing tool such as Draw.io and you want to skip the tedious task of creating a diagram from scratch and want to get a push at the begging and save your time for the creative part of the diagram.
-
Ask HN: Tell us about your project that's not done yet but you want feedback on
There are also mockups with more features, so ignore weird UI at first.
[1]: https://www.drawio.com
-
Draw.io
> Additional minified JavaScript files and Java libraries are used in this project. All of the licenses are deemed compatible with the Apache 2.0, nothing is GPL or AGPL, due dilgence is performed on all third-party code.
Here's an issue that was opened:
https://github.com/jgraph/drawio/issues/3782
> The file for converting the mermaid code to mxgaph xml is available only in minified version. the unminified version "mermaid2drawio.js" is missing. Please include that.
Answer:
> We do not supply the source to that file.
With such phrasing, for now, I'll consider drawio proprietary with some parts in Apache 2 (even if it's actually the majority of the code).
It might be possible to have a fork with some optional features related to these non provided files removed, if by luck no critical feature is impacted.
-
Do you use an external game visual flow tool for planning purposes? If so, what is it and why do you like it?
Specifically I've been working on an incremental game and I've been using https://www.drawio.com/ to help me plan out what I want the progression of features/unlocks to be as the player progresses through the game, what pre-requirements/events are for each feature/unlock, etc.
What are some alternatives?
trufflehog - Find and verify secrets
excalidraw - Virtual whiteboard for sketching hand-drawn like diagrams
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
mermaid - Generation of diagrams like flowcharts or sequence diagrams from text in a similar manner as markdown
git-secrets - Prevents you from committing secrets and credentials into git repositories
GoJS, a JavaScript Library for HTML Diagrams - JavaScript diagramming library for interactive flowcharts, org charts, design tools, planning tools, visual languages.
pre-commit - A framework for managing and maintaining multi-language pre-commit hooks.
plantuml - Generate diagrams from textual description
husky - git hooks made easy
drawio-desktop - Official electron build of draw.io
semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
HackMD - CodiMD - Realtime collaborative markdown notes on all platforms.