My boss keeps committing his creds into git

1. infisical

   1 115 17,529 10.0 TypeScript

   Infisical is the open-source platform for secrets management, internal PKI, and SSH access.

   

   Infisical is another option – it combines secrets management and secret scanning in one tool: https://github.com/Infisical/infisical

2. Judoscale

   judoscale.com featured

   Save 47% on cloud hosting with autoscaling that just works. Judoscale integrates with Django, FastAPI, Celery, and RQ to make autoscaling easy and reliable. Save big, and say goodbye to request timeouts and backed-up task queues.

   

3. pre-commit

   2 202 13,688 8.0 Python

   A framework for managing and maintaining multi-language pre-commit hooks.

   

   https://pre-commit.com/ + AWS credentials, private key and detect secret hooks.

4. trufflehog

   3 31 18,802 9.8 Go

   Find, verify, and analyze leaked credentials

   

   Trufflehog also offers pre-commit hooks. You can have it report on PRs too.

5. gitleaks

   4 41 19,595 9.4 Go

   Find secrets with Gitleaks 🔑

   

   To add my anecdote, testing out Trufflehog versus Gitleaks and detect-secrets the other tools seemed superior on detection rate and easier to work with.

6. detect-secrets

   5 23 4,025 6.8 Python

   An enterprise friendly way of detecting and preventing secrets in code.

   

   To add my anecdote, testing out Trufflehog versus Gitleaks and detect-secrets the other tools seemed superior on detection rate and easier to work with.

7. CodeRabbit

   coderabbit.ai featured

   CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

   

Suggest a related project