Repo-supervisor Alternatives
Repo-supervisor
It happens sometimes that you can commit secrets or passwords to your repository by accident. The recommended best practice is not commit the secrets, that's obvious. But not always that obvious when you have a big merge waiting to be reviewed.
This tool allows you to setup a webhook that waits for the Pull Requests and scans all interesting files to check for leaked secrets. Every time PR is updated it rescans latest changes and generates a report.
Both acknowledge and rejection actions are triggering Slack notification which allows to whether improve or fix secrets detection rules.
Acknowledge report (YES): Approve that report as valid, detected strings are actual secrets.
Reject report (NO): Reject report, detected secrets are not credentials but only object identifiers, messages or other not related strings. It will help to improve the false-positives ratio.
Best Repo-supervisor Alternatives
Are you still using Repo-supervisor? Let's compare it to the best other options below. Maybe one of these Repo-supervisor alternatives will work on your device, too.
AWS Lab's git-secrets
FreeOpen SourceMacWindowsLinuxgit-secrets scans commits, commit messages, and --no-ff merges to prevent adding secrets into your git repositories. If a commit, commit message, or any commit in a...
GitGuardian
Free PersonalSoftware as a Service (SaaS)A developers-first solution scanning GitHub activity in real-time for API secret tokens, database credentials, certificates... Be alerted in seconds. Integrate in...
Gitleaks
FreeOpen SourceMacWindowsLinuxAudit git repos for secrets. Gitleaks provides a way for you to find unencrypted secrets and other unwanted data types in git source code repositories. As part of...
Gitrob
FreeOpen SourceMacWindowsLinuxGitrob is a tool to help find potentially sensitive files pushed to public repositories on Github. Gitrob will clone repositories belonging to a user or organization...
repo-security-scanner
FreeOpen SourceMacWindowsLinuxCLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys.
truffleHog
FreeOpen SourceMacWindowsLinuxSearches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
yara4pentesters
FreeOpen SourceMacWindowsLinuxrules to identify files containing juicy information like usernames, passwords etc.
Yelp's detect-secrets
FreeOpen SourceMacWindowsLinuxdetect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base.
Upvote Comparison
Interest Trends
Repo-supervisor Reviews
Add your reviews & share your experience when using Repo-supervisor to the world. Your opinion will be useful to others who are looking for the best Repo-supervisor alternatives.