Add detection for secrets in database connection strings and other URLs
Fewer false positives for non-random strings assigned to a secret
Support additional secret regex patterns using the --additional-pattern
argument
v0.1.6
7 months ago
Fix handling of .secretsignore files without [secrets] section (#61)
Add detection for gitlab tokens (Fixes #62)
Better detection of hex secrets
v0.1.5
1 year ago
Fix excessive false positives from random string detection
v0.1.4
1 year ago
[Bug #31] Detect secrets assigned with := operator
Fix pre-commit getting installed at wrong filename
Added more patterns to search for secret assignments
Added --only-matching option
v0.1.3
1 year ago
Renamed from secrets to ripsecrets to avoid name collisions with other
projects.
Added a new --strict-ignore option for pre-commit usage. When a pre-commit is
invoked it includes a list of filenames. By default secrets will search
referenced files regardless of the contents of .gitignore or .secretsignore.
However in a pre-commit context this will cause files explicitly ignored by
.secretsignore to be searched and the pre-commit to potentially fail. Using
the --strict-ignore flag will cause the .secretsignore file to be respected
even if the file is passed as an argument.
More targeted JWT regex
Lower minimum token length for random string detection
Don't explicitly flag AWS access key IDs since they're not secrets