talisman
Husky.Net
Our great sponsors
talisman | Husky.Net | |
---|---|---|
5 | 5 | |
1,836 | 590 | |
1.3% | - | |
6.8 | 7.4 | |
19 days ago | 20 days ago | |
Go | C# | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
talisman
-
Detecting Secrets in Git Repositories
It's been a while since I looked, but pre-commit hooks (like talisman) would be the only way to prevent secrets from being committed/pushed. Server-side hooks are generally not supported on hosted repos (e.g. github, azure devops) since it's basically arbitrary code execution from the host's perspective.
-
Where have you had secrets leaked?
Isn't scanning for commits that contain secrets the better way? Best on server so secrets can't be pushed. Something like https://github.com/thoughtworks/talisman
- git push
-
GitHub Access Token Exposure
https://thoughtworks.github.io/talisman/
- 关于所谓密钥泄露,是否可以使用“先审后发”的方式避免?
Husky.Net
-
What are your pre-commit hooks?
I use Husky.net to hook in dotnet format on changed files.
-
Can the command dotnet format cause runtime errors?
One suggestion that I have is to set up Husky.Net. It'll allow you to ensure that dotnet format is run on every staged file. Assuming you guys are doing appropriately sized commits and PRs, your team will be able to evaluate formatting changes better by reviewing them in chunks as they come in, and not all at once in a large codebase.
- Migrating from JS/TS ecosystem to Blazor
-
Good nuget packages or GitHub repos to check out?
https://github.com/alirezanet/Husky.Net to auto run csharpier or anything else as a pre-commit hook
-
Enforce code style guidelines only on git push
Pre-commit hooks could work for this, but you will have to ensure everyone sets up the same pre-commit hook. https://github.com/typicode/husky or https://github.com/alirezanet/Husky.Net can make that easier.
What are some alternatives?
trufflehog - Find and verify secrets
GitRead.Net - .Net Standard library for reading Git repository data
husky - git hooks made easy
Gogs - Gogs is a painless self-hosted Git service
git-secrets - Prevents you from committing secrets and credentials into git repositories
GitExtensions - Git Extensions is a standalone UI tool for managing git repositories. It also integrates with Windows Explorer and Microsoft Visual Studio (2015/2017/2019).
ggshield - Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
csharpier - CSharpier is an opinionated code formatter for c#.
detect-secrets - An enterprise friendly way of detecting and preventing secrets in code.
Gitea - Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
simple-git-hooks - A simple git hooks manager for small projects
LibGit2Sharp - Git + .NET = ❤