Discover Hidden Secrets in Git Repos with Rust

This page summarizes the projects mentioned and recommended in the original post on dev.to

CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  1. JAZ

    Find secrets hidden in commits

    [package] name = "secret_catcher" version = "0.0.1" authors = ["John Naylor "] edition = "2021" description = "Find secrets hidden in commits" repository = "https://github.com/jonaylor89/JAZ" license = "MIT" readme = "README.md" [dependencies] git2 = "0.13"

  2. CodeRabbit

    CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

    CodeRabbit logo
  3. leaky-repo

    Benchmarking repo for secrets scanning

    At this point, we've succeeded at what we set out to create. I went ahead and scanned common testing repositories for this sort of thing like Plazmaz/leaky-repo and dijininja/leakyrepo. In general the program found all or most of the secrets. In the case of dijininja/leakyrepo it found a lot of RSA private keys which is acceptable but technically a misidentification. For Plazmaz/leaky-repo we find the majority of the keys although once again misidentify some. The decision to use rust makes performance really solid although still a little slow even for small repos. A couple good extensions to this to help with that could be adding a thread pool in order to scan objects in parallel. In more professional code, it seems more idiomatic for the scan_objects() function to return some objects of objects including their results rather than just printing the one containing secrets. For example, it could be formatted something like this:

  4. leakyrepo

    A repo which contains lots of things which it shouldn't

    At this point, we've succeeded at what we set out to create. I went ahead and scanned common testing repositories for this sort of thing like Plazmaz/leaky-repo and dijininja/leakyrepo. In general the program found all or most of the secrets. In the case of dijininja/leakyrepo it found a lot of RSA private keys which is acceptable but technically a misidentification. For Plazmaz/leaky-repo we find the majority of the keys although once again misidentify some. The decision to use rust makes performance really solid although still a little slow even for small repos. A couple good extensions to this to help with that could be adding a thread pool in order to scan objects in parallel. In more professional code, it seems more idiomatic for the scan_objects() function to return some objects of objects including their results rather than just printing the one containing secrets. For example, it could be formatted something like this:

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Show HN: Cb – The simplest CLI clipboard tool

    1 project | news.ycombinator.com | 7 Feb 2025
  • Ask HN: Who wants to be hired? (February 2025)

    14 projects | news.ycombinator.com | 3 Feb 2025
  • It Is Time to Standardize Principles and Practices for Software Memory Safety

    2 projects | news.ycombinator.com | 6 Feb 2025
  • Numbat: A typed language with support for physical dimensions and units

    1 project | news.ycombinator.com | 7 Feb 2025
  • Search PPP Loans by Zip Code

    1 project | news.ycombinator.com | 6 Feb 2025

Did you know that Rust is
the 5th most popular programming language
based on number of references?