Tencent WeChat is now a GitHub secret scanning partner

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Github github-api Security Osint Golang

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • shhgit

    Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

  • Hello-World

    My first repository on GitHub! (by octocat)

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • pub

    The pub command line tool

    • https://docs.github.com/en/code-security/secret-scanning/sec...

    A bit sad, they don't publish the list of regexes, etc.

    --------------

    I added a similar thing to the package manager for Dart / Flutter, because we saw users accidentally publishing secrets. That code is public, it relies on regexes and entropy estimation:

    https://github.com/dart-lang/pub/blob/eb8ee21a089ebe0f2c2dd8...

    It was heavily inspired by the researchers in:

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts