No one wants their keys and secrets on GitHub, but one bad push can mean you are suddenly exposed. In the best-case scenario, you discover the issue and fix it before something bad happens, but in the worse case, you don’t find out until it is far too late. Most devs are familiar with using .gitignore files to prevent Git from tracking specific files and folders, but did you know that you can leverage Git hooks and some open source awesomeness to keep you from accidentally committing your secrets in the first place? If you are not actively using Git hooks in your workflows, then this talk is for you. Le look into the .git folder and unlock a whole world of automation possibilities!


Comments are closed.

Thanks for all the links and additional resources.

Nick Marsceau at 13:36 on 17 May 2023

Loved this talk! I'm definitely going to introduce some helpful git hooks to my team.

Andrew Easton at 13:54 on 17 May 2023

good, brief summary

Dana Luther at 09:06 on 18 May 2023

Great explanation of how to leverage git hooks and how they can be a more integral part of the process.

Gary Pedretty at 09:07 on 18 May 2023

Great insight into a tool that offers many benefits to automating and protecting your code in the git ecosystem

Kyle Schatzle at 09:25 on 18 May 2023

Great talk about some of the underlying aspects of git and git hooks. Honey tokens are indeed a thing.

Nuno Souto at 09:35 on 18 May 2023

Great insight into git hooks and how to utilize them to protect ourselves. Dwayne made it very easy and provided information for those that didn't know about it as well as those that already use them.

Ryan Howe at 11:57 on 18 May 2023

Great talk, I’ve been using GitGuardian for some time now and seeing alternative methods to help stopping secrets from getting into the repo was great!