git-secrets is a command-line utility that helps developers avoid committing passwords, access keys, and other sensitive credentials to Git repositories.
It works by scanning commits, commit messages, and selected merge histories against configured prohibited patterns, rejecting commits when a match is found. It’s particularly useful for teams working with AWS credentials, but it can also be configured with custom regular expressions and secret providers.
This is free and open source software.
Key Features
- Scans commits, commit messages, and non-fast-forward merge histories for prohibited secret patterns.
- Installs Git hooks to block accidental commits containing credentials.
- Provides built-in support for common AWS access key and secret key patterns.
- Can scan existing repository history before making a project public.
- Supports custom prohibited patterns and allowed patterns to reduce false positives.
- Offers secret provider support for generating patterns dynamically from external commands.
- Runs as a Git extension from the command line.
- Cross-platform support – runs under Linux, macOS, and Windows.
Website: github.com/awslabs/git-secrets
Support:
Developer: AWS Labs
License: Apache License 2.0
Related Software
| Git Storage and Security Tools | |
|---|---|
| git-lfs | Git extension for versioning large files |
| Jujutsu | Powerful version control system for software projects |
| git-bug | Distributed offline-first bug tracker |
| Dash | Rich terminal UI for GitHub |
| git-secrets | Prevent adding secrets into git repositories |
| Commitizen | Create well-structured Git commit messages |
| git-repair | Repair various forms of damage to git repositories |
| git-secret | Bash tool which stores private data inside a git repo |
| git-annex | Manage files with git without checking the file contents into git |
| gitmoji-cli | Use gitmojis in Git commit messages |
| ghq | Organise local clones of remote repositories |
| git-crypt | Transparent file encryption in git |
| gita | Manage multiple git repos |
| git-chglog | CHANGELOG generator implemented in Go |
| cz-git | Commitizen adapter and command-line tool |
| gitpane | Multi-repo Git workspace dashboard |
| git-trim | Keep Git working directories clear of stale local branches |
| gfold | Keep track of multiple Git repositories |
| Garden | Command runner and multi-repo Git configuration tool |
| mani | Manage collections of Git repositories |
| GitSocial | Git-native cross-forge collaboration |
| git-fresh | Refresh Git working copies from the terminal |
| Forge Sparks | Get Git forges notifications |
| gohome | Git standup and activity reporting CLI |
| git-appraise | Distributed code review system for Git repositories |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |