2016-02-21 13:26:17 +00:00
# git-secret
2019-01-17 14:18:55 +00:00
[![Backers on Open Collective ](https://opencollective.com/git-secret/backers/badge.svg )](#backers) [![Sponsors on Open Collective ](https://opencollective.com/git-secret/sponsors/badge.svg )](#sponsors) [![Build Status ](https://img.shields.io/travis/sobolevn/git-secret/master.svg )](https://travis-ci.org/sobolevn/git-secret) [![Homebrew ](https://img.shields.io/homebrew/v/git-secret.svg )](https://formulae.brew.sh/formula/git-secret) [![Bintray deb ](https://img.shields.io/bintray/v/sobolevn/deb/git-secret.svg )](https://bintray.com/sobolevn/deb/git-secret/view)
2016-07-02 13:18:53 +00:00
Version 0.2.2 pre-release
There are a lot of changes, multiple things were refactored: tests,
some commands, building and meta.
Several critical bugs fixed.
Changes:
1. Fixed #74, when `_user_required` was not working after reimporting keys
2. Closes #73, now it is possible to provide multiple emails to the `killperson` command
3. Closes #72, now it is possible to provide multiple emails to the `tell` command
4. Closes #71, now every doc in this project refer to `git-secret.io` instead of old `gh-pages` website
5. Closes #70, now installation section is removed from main `man` file
6. Closes #69, now "See also" section in the `man`s are clickable
7. Closes #61, added "Manual" section to the manuals
8. Refs #38, added `centos` Dockerfile, but `ci` testing is still failing
9. Refs #52, tests are refactored. Added `clean` command tests, removed a lot of hardcoded things, moved tests execution from `./temp` folder to `/tmp`, added a lot of new check in old tests, and some new test cases
10. Refactored `hide` and `clean` commands to be shorter
11. `shellcheck` is now supported with `make lint`
Additional features are not comming to 0.2.2 after this commit.
2017-02-26 13:38:46 +00:00
[![git-secret ](https://raw.githubusercontent.com/sobolevn/git-secret/gh-pages/images/git-secret-big.png )](http://git-secret.io/)
2016-07-02 14:16:12 +00:00
2017-07-17 07:54:43 +00:00
2016-07-02 13:18:53 +00:00
## What is `git-secret`?
2019-11-14 11:17:09 +00:00
`git-secret` is a bash tool which stores private data inside a git repo.
2019-03-05 12:09:27 +00:00
`git-secret` encrypts files with permitted users' public keys,
2019-11-14 11:17:09 +00:00
allowing users you trust to access encrypted data using pgp and their secret keys.
2019-03-05 12:09:27 +00:00
2019-11-14 11:17:09 +00:00
With `git-secret` , changes to access rights are simplified, and private-public key issues are handled for you.
2019-03-05 12:09:27 +00:00
When someone's permission is revoked, secrets do not need to be changed with `git-secret` -
2019-11-14 11:17:09 +00:00
just remove their key from the keychain using `git secret killperson their@email.com` ,
2019-03-05 12:09:27 +00:00
re-encrypt the files, and they won't be able to decrypt secrets anymore.
2019-08-17 01:33:15 +00:00
If you think the user might have copied the secrets or keys when they had access, then
2019-03-05 12:09:27 +00:00
you should also change the secrets.
2016-02-21 13:26:17 +00:00
2017-07-17 07:54:43 +00:00
2016-02-24 11:24:07 +00:00
## Preview
2019-11-14 11:17:09 +00:00
[![git-secret terminal preview ](git-secret.gif )](https://asciinema.org/a/41811?autoplay=1)
2016-02-24 11:24:07 +00:00
2017-07-17 07:54:43 +00:00
2017-06-01 11:01:41 +00:00
## Installation
2016-02-24 11:24:07 +00:00
2017-06-01 11:01:41 +00:00
`git-secret` supports `brew` , just type: `brew install git-secret`
2016-02-24 11:24:07 +00:00
2019-11-14 11:17:09 +00:00
It also supports `apt` and `yum` . You can also use `make` if you want to.
2017-06-01 11:01:41 +00:00
See the [installation section ](http://git-secret.io/installation ) for the details.
2016-03-13 10:06:18 +00:00
2017-07-17 07:54:43 +00:00
### Requirements
`git-secret` relies on several external packages:
- `bash` since `3.2.57` (it is hard to tell the correct `patch` release)
2017-11-28 05:35:16 +00:00
- `gawk` since `4.0.2`
- `git` since `1.8.3.1`
- `gpg` since `gnupg 1.4` to `gnupg 2.X`
2019-03-05 12:09:27 +00:00
- `sha256sum` since `8.21` (on freebsd and MacOS `shasum` is used instead)
2017-07-17 07:54:43 +00:00
2016-07-02 13:18:53 +00:00
## Contributing
2016-02-21 13:26:17 +00:00
2019-11-14 11:17:09 +00:00
Do you want to help the project? Find an [issue ](https://github.com/sobolevn/git-secret/issues )
2018-04-17 03:43:57 +00:00
and send a PR. It is more than welcomed! See [CONTRIBUTING.md ](CONTRIBUTING.md ) on how to do that.
2017-06-01 11:01:41 +00:00
### Security
2017-11-28 05:57:11 +00:00
In order to encrypt (git-secret hide -m) files only when modified, the path
mappings file tracks sha256sum checksums of the files added (git-secret add) to
git-secret's path mappings filesystem database. Although, the chances of
encountering a sha collision are low, it is recommend that you pad files with
random data for greater security. Or avoid using the `-m` option altogether.
If your secret file holds more data than just a single password these
precautions should not be necessary, but could be followed for greater
security.
2018-10-27 06:53:16 +00:00
If you found any security related issues, please do not disclose it in public. Send an email to `security@wemake.services`
2016-02-21 13:26:17 +00:00
2017-07-17 07:54:43 +00:00
2016-07-02 13:18:53 +00:00
## Changelog
2016-02-21 13:26:17 +00:00
2019-09-20 14:57:32 +00:00
`git-secret` uses [semver ](https://semver.org/ ). See [CHANGELOG.md ](CHANGELOG.md ).
2016-02-21 13:26:17 +00:00
2017-07-17 07:54:43 +00:00
2019-01-15 04:16:41 +00:00
## Packagers
Thanks also to all the people and groups who package git-secret to be easier to install on particular OSes or distributions!
Here are some packagings of git-secret that we're aware of:
2019-09-20 14:57:32 +00:00
- https://formulae.brew.sh/formula/git-secret
2019-01-15 04:16:41 +00:00
- https://packages.ubuntu.com/bionic/git-secret
2019-03-21 00:55:22 +00:00
- https://apps.fedoraproject.org/packages/git-secret
2019-09-20 14:57:32 +00:00
- https://aur.archlinux.org/packages/git-secret/
- https://pkgs.alpinelinux.org/package/edge/testing/x86/git-secret
- https://packages.debian.org/sid/git-secret
2019-11-04 12:28:28 +00:00
- https://github.com/void-linux/void-packages/blob/master/srcpkgs/git-secret/template
2019-01-15 04:16:41 +00:00
2019-11-14 11:17:09 +00:00
Such packages are considered 'downstream' because the git-secret code 'flows' from the git-secret repository
2019-01-15 04:16:41 +00:00
to the various rpm/deb/dpkg/etc packages that are created for specific OSes and distributions.
We have also added notes specifically for packagers in [CONTRIBUTING.md ](CONTRIBUTING.md ).
2019-09-03 21:07:01 +00:00
## Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor ](https://opencollective.com/git-secret#sponsor )]
2018-02-03 07:57:57 +00:00
2019-09-03 21:07:01 +00:00
[![Sponsors ](https://opencollective.com/git-secret/tiers/sponsor.svg?width=890 )](https://opencollective.com/git-secret)
2018-02-03 07:57:57 +00:00
2019-09-03 21:07:01 +00:00
## Backers
2018-02-03 07:57:57 +00:00
2019-09-03 21:07:01 +00:00
Thanks to all our backers!
[![Backers ](https://opencollective.com/git-secret/tiers/backer.svg?width=890&avatarHeight=36 )](https://opencollective.com/git-secret)
2018-02-03 07:57:57 +00:00
2019-09-03 21:07:01 +00:00
## Contributors
This project exists thanks to all the people who contribute. [[Contribute ](CONTRIBUTING.md )].
< a href = "https://github.com/sobolevn/git-secret/graphs/contributors" > < img src = "https://opencollective.com/git-secret/contributors.svg?width=890" / > < / a >
2018-04-14 12:40:31 +00:00
2018-02-03 07:57:57 +00:00
2016-07-02 13:18:53 +00:00
## License
2016-02-21 13:26:17 +00:00
2016-07-02 13:18:53 +00:00
MIT. See [LICENSE.md ](LICENSE.md ) for details.
2016-07-02 14:16:12 +00:00
2017-07-17 07:54:43 +00:00
2016-07-02 14:16:12 +00:00
## Thanks
2016-03-13 10:06:18 +00:00
2017-02-04 20:15:16 +00:00
Special thanks to [Elio Qoshi ](https://elioqoshi.me/sq/ ) from [ura ](http://ura.design/ ) for the awesome logo.