NHacker Next
  • new
  • past
  • show
  • ask
  • show
  • jobs
  • submit
Show HN: I built a tool that helps people scan and clean any repo for secrets (securelog.com)
12 points by lexokoh 2 hours ago | 14 comments
zricethezav 1 minutes ago [-]
looks familiar
nonamepcbrand1 38 minutes ago [-]
Trufflehog does good job and GitGuardian is amazing. Whats new with yours?

p.s: i have contributed to those projects in past

lexokoh 36 minutes ago [-]
We built customized components for RSC and Logs. You should check it out. It's a bit different from what's out there, and this is from the feedback we got from the team we are working with.
lexokoh 35 minutes ago [-]
Would really love your feedback and you can contribute as well
trees101 14 minutes ago [-]
it would be handy in the age of AI, to be able to dynamically scrub data that gets copied/pasted into the AI.

It's too easy to leak secrets, or even doxx yourself through file paths containing your name etc.

I'd love to find a tool that made scrubbing that data easy

lexokoh 12 minutes ago [-]
We are working on this for the next release happy to get your feedback on it if it's possible
mvdtnz 42 minutes ago [-]
I tried scanning one repository (gitlab/gitlab) and it spun for a couple of minutes then failed with "Network Error." No other error details are available.
lexokoh 40 minutes ago [-]
Sorry about that. Is it a private or large repo? If so, you need to scan it from the CLI.

I am checking if there's any issue right now.

thih9 19 minutes ago [-]
> Is it a private or large repo?

I entered "rtyley/small-test-repo" which is public and small - and also got "Request failed with status code 400. Try again".

lexokoh 17 minutes ago [-]
Yah, server overload for the web version. Taking a look now. Sorry about that.

You can try again. I just tried it

mvdtnz 38 minutes ago [-]
Yes gitlab/gitlab is a large repo.
lexokoh 37 minutes ago [-]
Just run `npx securelog-scan` locally on the repo. You don't need to install it if you don't want to.
robinhoodexe 1 hours ago [-]
A similar tool is detect-secrets[1].

[1] https://github.com/Yelp/detect-secrets

lexokoh 39 minutes ago [-]
Nice, i like some of the concepts.
56 minutes ago [-]
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact
Rendered at 20:28:23 GMT+0000 (Coordinated Universal Time) with Vercel.