Yelp's detect-secrets

Yelp's detect-secrets

Yelp's detect-secrets is an open source tool for detecting secrets like API keys, passwords, or tokens accidentally committed into a code repository. It scans code repositories to find secrets that should not be committed publicly.
Security & Privacy Secrets Detection
Yelp's detect-secrets image
secrets passwords tokens detection open-source
Yelp's detect-secrets alternatives ➤

detect-secrets: Open Source Tool for Securing Code Repositories

An open source tool for detecting sensitive data like API keys, passwords, and tokens in code repositories to prevent public exposure.

What is Yelp's detect-secrets?

Yelp's detect-secrets is an open source tool created by Yelp to help detect accidentally committed secrets like API keys, passwords, or tokens in public and private git repositories. It scans git commit histories and branch diffs to identify secrets that match various detection rules such as API keys, SSH keys, AWS keys, and more.

Detect-secrets is designed to integrate with pre-commit hooks and CI/CD pipelines to scan repositories before code gets committed or deployed to production. This prevents accidental commit of secrets which could lead to security vulnerabilities or exploits. The tool can scan multiple programming languages and file types including JSON, YAML, JavaScript, Python, etc.

Some key features of detect-secrets include pattern-based secret detection using regular expressions and machine learning, integration with services like AWS Key Management Service for secret rotation, pluggable secret scanning rules, support for whitelisting false positives, Slack notifications when secrets are committed, and more.

Overall, Yelp's detect-secrets provides an automated way for developers to avoid accidentally leaking API keys or other secrets into public and private git repositories in GitHub, GitLab, Bitbucket, and more. The open source tool helps enforce secret detection as code is written to improve security.

Yelp's detect-secrets Features

Features

  1. Scans code for secrets like API keys, passwords, tokens
  2. Prevents accidental commit of secrets to public code repositories
  3. Plugin architecture supports detection of custom secret patterns
  4. Whitelisting to exclude false positives
  5. Alerts on commit or push if secrets detected
  6. Works with GitHub, BitBucket, GitLab, custom Git servers

Pricing

  • Open Source

Pros

Open source and free

Easy installation and setup

Prevents costly security mistakes

Customizable detection rules

Works across major code hosting platforms

Cons

Requires some configuration for best results

Potential for false positives if rules not tuned

Must remember to add real secrets to whitelist

Only scans text files, not binaries

Official Links

Official Website
https://github.com/Yelp/detect-secrets

The Best Yelp's detect-secrets Alternatives

Top Security & Privacy and Secrets Detection and other similar apps like Yelp's detect-secrets

No alternatives found for Yelp's detect-secrets. Why not suggest an alternative?