|
|
|
|
Show HN: Autonoma – Python secret fixer that refuses unsafe fixes
(github.com)
|
|
2 points
by v_CodeSentinal
109 days ago
|
|
|
Built this after getting frustrated with scanners that find secrets but leave fixing to you. Autonoma fixes hardcoded secrets automatically —
but only when it's confident the fix is safe.
If it can't guarantee safety, it refuses and
tells you why. Before:
SENDGRID_API_KEY = "SG.live-abc123xyz987" After:
SENDGRID_API_KEY = os.getenv("SENDGRID_API_KEY") When it can't fix safely:
API_KEY = "sk-live-abc123"
→ REFUSED — could not guarantee safe replacement Tested on a real public repo with live exposed
Azure Vision and OpenAI API keys. Fixed both.
Refused one edge case. Nothing else touched. MIT licensed. Runs locally. No telemetry. |
|
|