|
|
|
|
|
|
by sublimino
3406 days ago
|
|
|
Open source alternatives for Git repos (ideally run in the pipeline): https://github.com/dxa4481/truffleHog - "Searches through git repositories for high entropy strings, digging deep into commit history" https://github.com/ezekg/git-hound - "Hound is a Git plugin that helps prevent sensitive data from being committed into a repository by sniffing potential commits against PCRE regular expressions" https://github.com/michenriksen/gitrob - "The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files that typically contain sensitive or dangerous information" https://github.com/awslabs/git-secrets - "Prevents you from committing passwords and other sensitive information to a git repository" |
|
|