made a little tool to catch these things https://github.com/zricethezav/gitleaks. working on a CI version of it right now as well. gotta protect those credentials.
edit: ci version here - https://github.com/zricethezav/gitleaks-ci. work in progress, trying to add readme and instructions tonight. Also if anyone is interested in making gitleaks-ci into a paid github app... hmu
This is very cool! I built something very similar about a year back [0] -- yours looks like it supports some things that mine doesn't but that I've been wanting to add, such as providing the commit hash of the offending commit, which isn't something mine does due to the git diff parsing package I'm using.
[0]: https://github.com/ezekg/git-hound