Archives
/
git-secret
mirror of https://github.com/sobolevn/git-secret
2
1
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
verbose-test-output-2024
dependabot/docker/dot-ci/release-ci/debian/debian-12.5-slim
dependabot/docker/dot-ci/docker-ci/debian-gnupg1/debian-12.5-slim
dependabot/docker/dot-ci/docker-ci/debian-gnupg2/debian-12.5-slim
dependabot/docker/dot-ci/release-ci/alpine/alpine-3.19.1
dependabot/docker/dot-ci/releaser/alpine/alpine-3.19.1
dependabot/docker/dot-ci/docker-ci/alpine/alpine-3.19.1
gh-pages
dependabot/docker/dot-ci/release-ci/ubuntu/ubuntu-24.04
dependabot/docker/dot-ci/docker-ci/ubuntu/ubuntu-24.04
dependabot/github_actions/actions/github-script-7
sobolevn-patch-4
test-apk-and-arch
issue-881-towards-new-release
issue-916-disable-arch-tests
issue-135-spaces-in-parent-dirs
issue-918-stat-on-osx
fix-arch-signature-issue
sobolevn-patch-3
sobolevn-patch-2
sobolevn-patch-1
gitignore-grep-improvement
update-changelog
update-bats-to-1.6.0
add-multiple-files-gitignore
automated-verbose-test
passphrase1
test-on-arch
renames1
revert_usage_error_change
alma-tests
issue-765-rocky-linux
issue-755-changelog-for-bats-update
issue-638-dup-emails-test
issue-710-changelog
issue-752-add-directory
issue-710-cat-subdir-bug
v0.5.0
v0.4.0
v0.3.3
v0.2.3
v0.2.2
v0.2.1
v0.2.0
v0.1.2
v0.1.1
v0.1.0
prerelease
v0.2.4
v0.2.5
v0.2.6
v0.2.7
v0.2.7-alpha
v0.3.0
v0.3.1
v0.3.2
v0.4.0.alpha1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c820870cc8'
${ noResults }
git-secret/man/man1/git-secret-hide.1

73 lines
3.5 KiB
Groff
Raw Blame History

.\" generated with Ronn/v0.7.3
.\" http://github.com/rtomayko/ronn/tree/0.7.3
.
.TH "GIT\-SECRET\-HIDE" "1" "June 2021" "sobolevn" "git-secret 0.5.0-alpha1"
.
.SH "NAME"
\fBgit\-secret\-hide\fR \- encrypts all added files with the inner keyring\.
.
.SH "SYNOPSIS"
.
.nf
git secret hide [\-c] [\-F] [\-P] [\-v] [\-d] [\-m]
.
.fi
.
.SH "DESCRIPTION"
\fBgit\-secret\-hide\fR creates an encrypted version (typically called \fBfilename\.txt\.secret\fR) of each file added by \fBgit\-secret\-add\fR command\. Now anyone enabled via \fBgit secret tell\fR can can decrypt these files\. Under the hood, \fBgit\-secret\fR uses the keyring in \fB\.gitsecret/keys\fR and user\'s secret keys to decrypt the files\.
.
.P
It is recommended to encrypt (or re\-encrypt) all the files in a \fBgit\-secret\fR repo each time \fBgit secret hide\fR is run\.
.
.P
Otherwise the keychain (the one stored in \fB\.gitsecret/keys/*\.gpg\fR), may have changed since the last time the files were encrypted, and it\'s possible to create a state where the users in the output of \fBgit secret whoknows\fR may not be able to decrypt the some files in the repo, or may be able decrypt files they\'re not supposed to be able to\.
.
.P
In other words, unless you re\-encrypt all the files in a repo each time you \fBhide\fR any, it\'s possible to make it so some files can no longer be decrypted by users who should be (and would appear) able to decrypt them, and vice\-versa\.
.
.P
If you know what you are doing and wish to encrypt or re\-encrypt only a subset of the files even after reading the above paragraphs, you can use the \fB\-F\fR or \fB\-m\fR options\. The \fB\-F\fR option forces \fBgit secret hide\fR to skip any hidden files where the unencrypted versions aren\'t present\. The \fB\-m\fR option skips any hidden files that have not be been modified since the last time they were encrypted\.
.
.SH "OPTIONS"
.
.nf
\-v \- verbose, shows extra information\.
\-c \- deletes encrypted files before creating new ones\.
\-F \- forces hide to continue if a file to encrypt is missing\.
\-P \- preserve permissions of unencrypted file in encrypted file\.
\-d \- deletes unencrypted files after encryption\.
\-m \- encrypt files only when modified\.
\-h \- shows help\.
.
.fi
.
.SH "ENV VARIABLES"
.
.IP "\(bu" 4
\fBSECRETS_GPG_COMMAND\fR changes the default \fBgpg\fR command to anything else
.
.IP "\(bu" 4
\fBSECRETS_GPG_ARMOR\fR is a boolean to enable \fB\-\-armor\fR mode \fIhttps://www\.gnupg\.org/gph/en/manual/r1290\.html\fR to store secrets in text format over binary
.
.IP "\(bu" 4
\fBSECRETS_DIR\fR changes the default \fB\.gitsecret/\fR folder to another name as documented at git\-secret(7) \fIhttps://git\-secret\.io/\fR
.
.IP "\(bu" 4
\fBSECRETS_EXTENSION\fR changes the default \fB\.secret\fR file extension
.
.IP "\(bu" 4
\fBSECRETS_VERBOSE\fR changes the output verbosity as documented at git\-secret(7) \fIhttps://git\-secret\.io/\fR
.
.IP "\(bu" 4
\fBSECRETS_PINENTRY\fR changes the \fBgpg \-\-pinentry\fR mode \fIhttps://github\.com/gpg/pinentry\fR as documented at git\-secret(7) \fIhttps://git\-secret\.io/\fR
.
.IP "" 0
.
.SH "MANUAL"
Run \fBman git\-secret\-hide\fR to see this note\.
.
.SH "SEE ALSO"
git\-secret\-init(1) \fIhttps://git\-secret\.io/git\-secret\-init\fR, git\-secret\-tell(1) \fIhttps://git\-secret\.io/git\-secret\-tell\fR, git\-secret\-add(1) \fIhttps://git\-secret\.io/git\-secret\-add\fR, git\-secret\-reveal(1) \fIhttps://git\-secret\.io/git\-secret\-reveal\fR, git\-secret\-cat(1) \fIhttps://git\-secret\.io/git\-secret\-cat\fR
Reference in New Issue View Git Blame Copy Permalink