Go to file
dependabot[bot] 841eb0b11b
Bump alpine from 3.14.0 to 3.14.1 in /.ci/release-ci/alpine (#708)
Bumps alpine from 3.14.0 to 3.14.1.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-09 17:43:10 +03:00
.ci Bump alpine from 3.14.0 to 3.14.1 in /.ci/release-ci/alpine (#708) 2021-08-09 17:43:10 +03:00
.github Update release-ci.yml 2021-06-28 20:59:01 +03:00
docs Bump addressable from 2.7.0 to 2.8.0 in /docs (#703) 2021-07-13 22:47:22 +03:00
man Ignores *.1 and *.7 files, closes #690 (#691) 2021-06-26 17:35:55 +03:00
RFC Add note about writing tests. Fix typo. (#471) 2019-04-29 18:21:30 -04:00
src Issue 630 hide armored2 (#661) 2021-06-26 16:24:26 +03:00
tests Issue 630 hide armored2 (#661) 2021-06-26 16:24:26 +03:00
utils [GH-678] Add no-cache option to apk installation. (#679) 2021-06-07 21:42:24 +03:00
vendor Adds fedora testing 2021-05-04 13:01:41 +03:00
.editorconfig [WIP] New CI 2021-05-04 13:01:41 +03:00
.gitattributes Ignores *.1 and *.7 files, closes #690 (#691) 2021-06-26 17:35:55 +03:00
.gitignore Closes #420 2021-06-26 16:58:27 +03:00
CHANGELOG.md Closes #618 2021-06-26 17:17:37 +03:00
CONTRIBUTING.md Rename killperson to removeperson (#685) 2021-06-16 10:31:58 +03:00
git-secret.gif Add animated GIF preview of the asciinema recording and link on README.md (#560) 2019-11-14 06:17:09 -05:00
LICENSE.md CONTRIBUTING.md added 2016-07-02 16:18:53 +03:00
Makefile Closes #420 2021-06-26 16:58:27 +03:00
README.md fix(readme): fix installation section link (#704) 2021-07-30 11:23:30 +03:00

git-secret

test release-ci Homebrew Supporters

git-secret

What is git-secret?

git-secret is a bash tool which stores private data inside a git repo. git-secret encrypts files with permitted users' public keys, allowing users you trust to access encrypted data using pgp and their secret keys.

With git-secret, changes to access rights are simplified, and private-public key issues are handled for you.

When someone's permission is revoked, secrets do not need to be changed with git-secret - just remove their key from the keychain using git secret removeperson their@email.com, re-encrypt the files, and they won't be able to decrypt secrets anymore. If you think the user might have copied the secrets or keys when they had access, then you should also change the secrets.

Preview

git-secret terminal preview

Installation

git-secret supports brew, just type: brew install git-secret

It also supports apt and yum. You can also use make if you want to. See the installation section for the details.

Requirements

git-secret relies on several external packages:

  • bash since 3.2.57 (it is hard to tell the correct patch release)
  • gawk since 4.0.2
  • git since 1.8.3.1
  • gpg since gnupg 1.4 to gnupg 2.X
  • sha256sum since 8.21 (on freebsd and MacOS shasum is used instead)

Contributing

Do you want to help the project? Find an issue and send a PR. It is more than welcomed! See CONTRIBUTING.md on how to do that.

Security

In order to encrypt (git-secret hide -m) files only when modified, the path mappings file tracks sha256sum checksums of the files added (git-secret add) to git-secret's path mappings filesystem database. Although, the chances of encountering a sha collision are low, it is recommend that you pad files with random data for greater security. Or avoid using the -m option altogether. If your secret file holds more data than just a single password these precautions should not be necessary, but could be followed for greater security.

If you found any security related issues, please do not disclose it in public. Send an email to security@wemake.services

Changelog

git-secret uses semver. See CHANGELOG.md.

Packagers

Thanks also to all the people and groups who package git-secret to be easier to install on particular OSes or distributions!

Here are some packagings of git-secret that we're aware of:

Such packages are considered 'downstream' because the git-secret code 'flows' from the git-secret repository to the various rpm/deb/dpkg/etc packages that are created for specific OSes and distributions.

We have also added notes specifically for packagers in CONTRIBUTING.md.

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]

Sponsors

Backers

Thanks to all our backers!

Backers

Contributors

This project exists thanks to all the people who contribute. [Contribute].

License

MIT. See LICENSE.md for details.

Thanks

Special thanks to Elio Qoshi from ura for the awesome logo.