[Lilug] Auditing git for secrets? Suggestions?
Hypatia Bourbaki
knight.of.lambda.calculus at gmail.com
Tue Oct 21 10:14:03 PDT 2025
I would say some entropy-based methods (substitution encoded string usually
has significantly higher entropy than plaintext) plus state machines (like
a particular regex or some specifically trained Markov model) would be
quite effective.
Or perhaps a small and locally hosted LLM might be a novelty to complement
the above, but I don't have an estimate of the performance on the spot.
On Tue, Oct 21, 2025, 12:11 <odinson at warcloud.net> wrote:
> Hello All
>
> This is a huge topic, and careers can be exclusively made in this
> space. How do you harden your git trees/repos against revealing secrets?
> In case the tree falls into the wrong hands. Or is even intended for the
> public to see.
>
> I'm specifically looking in admin/engineer space like ansible,
> but more code orientated answers like CI/CD pipelines are welcome too.
> Looking for both practical techniques, and professional software and
> services.
>
> What's the norm, and separately, what is effective?
>
> Thanks for tipping your brains my direction.
>
> Matt
>
>
> -------------------------------------------------------------------------------
> Matthew Newhall, M.A.Newhall at warcloud.net
> A.S. in Computer Science, SUNY Farmingdale
> My weekly podcast, The Technocrat Live. http://www.thetechnocratlive.com
> President and founder of LILUG; president at lilug.org,
> http://www.lilug.org
> My theory; Psychopaths precede the conscience,
> http://civgene.matthewnewhall.com
> Scifi book; "Thicker Than Blood" http://www.thickerthanbloodthebook.com
> My maker blog; "The modness", http://themodness.wordpress.com
>
> People who put identity with a group above managing their own faith are the
> problem.
>
> -------------------------------------------------------------------------------
> _______________________________________________
> Lilug mailing list
> Lilug at lists.lilug.org
> http://lists.lilug.org/listinfo.cgi/lilug-lilug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lilug.org/pipermail/lilug-lilug.org/attachments/20251021/e9685464/attachment.htm>
More information about the Lilug
mailing list