Software
We've compiled a list of 8 free and paid alternatives to Repo-supervisor. The primary competitors include truffleHog, Gitleaks. In addition to these, users also draw comparisons between Repo-supervisor and GitGuardian, yara4pentesters, Yelp's detect-secrets. Also you can look at other similar options here: Development Tools.
We've compiled a list of 8 free and paid alternatives to Repo-supervisor. The primary competitors include truffleHog, Gitleaks. In addition to these, users also draw comparisons between Repo-supervisor and GitGuardian, yara4pentesters, Yelp's detect-secrets. Also you can look at other similar options here: Development Tools.
Searches through git repositories for secrets, digging deep into commit history and branches.
rules to identify files containing juicy information like usernames, passwords etc.
detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code...
Prevents you from committing secrets and credentials into git repositories.
CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys.
Serverless tool that detects secrets and passwords in your pull requests - one file at a time
Serverless tool that detects secrets and passwords in your pull requests - one file at a time
Linux
Mac
Windows
It happens sometimes that you can commit secrets or passwords to your repository by accident. The recommended best practice is not commit the secrets, that's obvious. But not always that obvious when you have a big merge waiting to be reviewed.
This tool allows you to setup a webhook that waits for the Pull Requests and scans all interesting files to check for leaked secrets. Every time PR is updated it rescans latest changes and generates a report.
Both acknowledge and rejection actions are triggering Slack notification which allows to whether improve or fix secrets detection rules.
Acknowledge report (YES): Approve that report as valid, detected strings are actual secrets.
Reject report (NO): Reject report, detected secrets are not credentials but only object identifiers, messages or other not related strings. It will help to improve the false-positives ratio.
Share your opinion about the software, leave a review and help make it even better!
Suggest Changes
Your Feedback
Your vote has been counted.
Do you have experience using this software?
