repo-supervisor
infisical-cli
| repo-supervisor | infisical-cli | |
|---|---|---|
| 2 | 4 | |
| 621 | 447 | |
| - | - | |
| 0.0 | 10.0 | |
| 11 months ago | over 1 year ago | |
| JavaScript | JavaScript | |
| MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
repo-supervisor
-
Is there any way you can be hacked if you have a secret route
Hackers might scan your app with tools that look for strings that appear to have high entropy, as hashes tend to have. repo-supervisor from auth0 does that with their so called „entropy meter“ to find secrets and passwords.
- Ask HN: What are the best automated tools for keeping credentials out of GitHub?
infisical-cli
-
Made a Node.js Tool for Dev Teams to Sync + Manage Environment Variables
We made a Node.js tool called Infisical recently to help dev teams sync their environment variables. It works by modifying your start/dev scripts with 1 line of code to automatically start pulling + injecting environment variables into your local processes as in the tutorial above; it gets rid of .env files entirely. This accomplishes 2 things:
-
Made a dev tool to help sync + manage environment variables for Node.js!
This past month, we've been working on a dev tool for Node.js to help teams sync their environment variables called Infisical. You can also check out the npm package here; we've made our CLI public btw so feel free to contribute and/or give feedback — we genuinely want to make this as useful for everyone as possible!
What are some alternatives?
trufflehog - Find and verify secrets
infisical - ♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure and prevent secret leaks.
git-secrets - Prevents you from committing secrets and credentials into git repositories
dotenv-webpack - A secure webpack plugin that supports dotenv and other environment variables and only exposes what you choose and use.
whispers - Identify hardcoded secrets in static structured text
dotenv-out - This CLI is a wrapper for dotenv and will output a resultant file with the compiled environment in a particular language format.
shhgit - Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
import-meta-env - Build once, deploy anywhere. Startup/Runtime environment variable solution for JavaScript. It helps in developing applications following the 12-factor principles.
Redeye - Redeye is a tool intended to help you manage your data during a pentest operation
envcli - Populate .env file from javascript variables
SecretScanner - :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
vanishing-keys - Vanishing Keys is the public implementation of how Authress provides One Time Secrets