Secrets: A command-line tool to prevent committing secret keys into your source

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Python CLI CI security-tools Devsecops

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • ripsecrets

    A command-line tool to prevent committing secret keys into your source code

    • interesting that the author defines a list of pre-defined secrets to scan for

    https://github.com/sirwart/secrets/blob/main/src/find_secret...

    Why no check for AWS keys?

  • git-secrets

    Prevents you from committing secrets and credentials into git repositories

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • ggshield

    Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

    • you may also want to look at ggshield: https://github.com/GitGuardian/ggshield

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts