Hacker News new | past | comments | ask | show | jobs | submit login
Show HN: I built a tool that helps people scan and clean any repo for secrets (securelog.com)
18 points by lexokoh 4 hours ago | hide | past | favorite | 14 comments





Trufflehog does good job and GitGuardian is amazing. Whats new with yours?

p.s: i have contributed to those projects in past

reply


We built customized components for RSC and Logs. You should check it out. It's a bit different from what's out there, and this is from the feedback we got from the team we are working with.

reply


Would really love your feedback and you can contribute as well

reply


it would be handy in the age of AI, to be able to dynamically scrub data that gets copied/pasted into the AI.

It's too easy to leak secrets, or even doxx yourself through file paths containing your name etc.

I'd love to find a tool that made scrubbing that data easy

reply


We are working on this for the next release happy to get your feedback on it if it's possible

reply


I tried scanning one repository (gitlab/gitlab) and it spun for a couple of minutes then failed with "Network Error." No other error details are available.

reply


Sorry about that. Is it a private or large repo? If so, you need to scan it from the CLI.

I am checking if there's any issue right now.

reply


> Is it a private or large repo?

I entered "rtyley/small-test-repo" which is public and small - and also got "Request failed with status code 400. Try again".

reply


Yah, server overload for the web version. Taking a look now. Sorry about that.

You can try again. I just tried it

reply


Yes gitlab/gitlab is a large repo.

reply


Just run `npx securelog-scan` locally on the repo. You don't need to install it if you don't want to.

reply


looks familiar

reply


A similar tool is detect-secrets[1].

[1] https://github.com/Yelp/detect-secrets

reply


Nice, i like some of the concepts.

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: