secureli icon indicating copy to clipboard operation
secureli copied to clipboard
verified publisher icon slalombuild

Investigate alternative secret detection engine

Open gabenegron opened this issue 2 years ago • 2 comments

We are currently using Yelp detect-secrets, but there may be a better secrets detection hooks out there. Investigate options and make a decision on which available secrets detection hook is the best to use for secureli by default,

Note: There was is fork of detect-secrets that might work better, but we may decide to go in a totally different direction.

gabenegron avatar Jul 11 '23 21:07 gabenegron

This looks like a good starting point, but note that it is published by one of the companies promoted in the list, so it's not unbiased. https://spectralops.io/blog/top-9-git-secret-scanning-tools/

tdurk93 avatar Jan 16 '24 03:01 tdurk93

looking for open-source solution similar to Github Advanced Security, with particular interest in solution that leverages GenAI.

Could maybe reach out to connections at GitHub for potential partnership for using Advanced Security. @calebtonn can help coordinate with GitHub.

JordoHeffernan avatar Mar 14 '24 17:03 JordoHeffernan