Download
git-secrets is a tool by AWS Labs designed to prevent sensitive information (passwords, credentials, secret keys, AWS credentials etc.) from being committed into Git repositories. It works by installing Git hooks that scan commit messages, staged changes, and merging operations (especially non-fast-forward merges) for disallowed patterns. It is configurable: you can define your own prohibited patterns, allow certain false positives, and even register secret providers, like scanning ~/.aws/credentials. It supports installation across *nix systems and Windows to enforce security best practices in source control.
Features
- Installs Git hooks (pre-commit, commit-msg, prepare-commit-msg) that block commits or merges containing prohibited patterns
- Ability to scan past history (all commits, existing repository) for patterns to catch issues retroactively
- Configurable prohibited and allowed patterns via regex or literal matching, allowing suppression of false positives
- Support for “secret providers” which are executables that output additional prohibited patterns (e.g. AWS credentials)
- Cross-platform install support: *nix (Linux/macOS), Windows via PowerShell, Homebrew etc.
- Optionally skip checks via --no-verify for special cases, also ability to set global templates so new repos automatically include hooks
Project Samples
Categories
GitLicense
Apache License V2.0Follow git-secrets
nel_h2
Simply solve complex auth. Easy for devs to set up. Easy for non-devs to use.
Custom auth drains 25% of dev time and risks 62% more breaches, stalling enterprise deals. Frontegg platform delivers a simple login box, seamless authentication (SSO, MFA, passwordless), robust multi-tenancy, and a customizable Admin Portal. Integrate fast with the React SDK, meet compliance needs, and focus on innovation.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of git-secrets!