Published : Apr 13, 2021
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar.
Understand more
Apr 2021
Assess
Yelp detect-secrets is a Python module for detecting secrets within a codebase; it scans files within a directory looking for secrets. It can be used as a Git pre-commit hook or to perform a scan in multiple places within the CI/CD pipeline. It comes with a default configuration that makes it very easy to use but can be modified to suit your needs. You can also install custom plugins to add to its default heuristic searches. Compared to similar offerings, we found that this tool detects more types of secrets with its out-of-the-box configuration.