Sirwart Secrets Versions Save

A command-line tool to prevent committing secret keys into your source code


1 month ago
  • [Bug #31] Detect secrets assigned with := operator
  • Fix pre-commit getting installed at wrong filename
  • Added more patterns to search for secret assignments
  • Added --only-matching option


2 months ago
  • Renamed from secrets to ripsecrets to avoid name collisions with other projects.
  • Added a new --strict-ignore option for pre-commit usage. When a pre-commit is invoked it includes a list of filenames. By default secrets will search referenced files regardless of the contents of .gitignore or .secretsignore. However in a pre-commit context this will cause files explicitly ignored by .secretsignore to be searched and the pre-commit to potentially fail. Using the --strict-ignore flag will cause the .secretsignore file to be respected even if the file is passed as an argument.
  • More targeted JWT regex
  • Lower minimum token length for random string detection
  • Don't explicitly flag AWS access key IDs since they're not secrets
  • Fix bug with legacy npm token regex
  • [Bug #13] More targeted random string regex


2 months ago
  • More targeted AWS regex
  • Add --help and --version subcommands


2 months ago
  • Fix crash when running with no arguments
  • Notarize binaries for macOS properly


2 months ago

Initial release