Bug#914647: RFP: talisman -- By hooking into the pre-push hook provided by Git, Talisman validates the outgoing changeset for things that look suspicious - such as authorization tokens and private keys.

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#914647: RFP: talisman -- By hooking into the pre-push hook provided by Git, Talisman validates the outgoing changeset for things that look suspicious - such as authorization tokens and private keys.
From: Varac <varac@varac.net>
Date: Sun, 25 Nov 2018 23:19:40 +0100
Message-id: <[🔎] 154318438059.14243.12115869577012613197.reportbug@rocinante.bitrigger.de>
Reply-to: Varac <varac@varac.net>, 914647@bugs.debian.org

Package: wnpp
Severity: wishlist

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

* Package name    : talisman
  Version         : 0.3.3
  Upstream Author : Misc
* URL             : https://thoughtworks.github.io/talisman/
* License         : MIT
  Programming Lang: golang
  Description     : By hooking into the pre-push hook provided by Git, Talisman validates the outgoing changeset for things that look suspicious - such as authorization tokens and private keys.

Talisman is a tool to validate code changes that are to be pushed out of a local Git repository on a developer's workstation. By hooking into the pre-push hook provided by Git, it validates the outgoing changeset for things that look suspicious - such as potential SSH keys, authorization tokens, private keys etc.

The aim is for this tool to do this through a variety of means including file names and file content. We hope to have it be an effective check to prevent potentially harmful security mistakes from happening due to secrets which get accidentally checked in to a repository.

The implementation as it stands is very bare bones and only has the skeleton structure required to add the full range of functionality we wish to incorporate. However, we encourage folks that want to contribute to have a look around and contribute ideas/suggestions or ideally, code that implements your ideas and suggestions!

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCgAuFiEESvqqiCmYrIkee91NVGXnfnh27QQFAlv7H/wQHHZhcmFjQHZh
cmFjLm5ldAAKCRBUZed+eHbtBH4OD/9GlGw+3o4auVsGuy47tekhAJMhS2cj1oAx
+iaFGJkNw7Zs4+iRxVcDTftbIdtOsyU8X60hVPLqePxAsDXypq16vdOV1fbpBJmH
J71DqlbXFbIuiWhBgFmRoUqy5bg74MyfQjilacbYhh5V/D/Hz6+ZUQdRC9KdtExO
ejZgfmUD9Z/OnxehHHU0ygyXWunBKmimZO2fQZ0TgtAffZMCgXmdiDTYDiB/7Bix
arbdUyV7VljiCaTyROn+DZv4y1HoWIECX54wlvE/Zw623vFUprYaNlyLz+LNwLLk
mZrPtdFs+1mqTawsr1OCTUygg4eP0P5PttAaG1WIYLTLzBJmcq7u/0lXJtFNHOoW
NtbBlhebJZzBl0CgD2nt/pbMJrDb+jN/Pp9yehoL5JwZIzfry2tdBWV8WKb0AdlF
3kVkBUIDOrfFXEUA/J/dBgTvQEX4cm3A4PQmcrJI83d//O6l7MBxUrzhcrZgXIPP
JHLdgB9kyOVVeAv1Kq0qhqdYbT67Vsq/ajikjCkoWsiQZszAykuRGJuM4Ez4qa/x
Lif/TtVivEiuVhP7hEeEogkSFlcxL7uvtzj6IXwagHxiZ3bBaQfZUkxf7PEwOUEj
CrzFsIIn+B2CQJGpjhXvX52bTUP58D9S0lJ9wNfvLVHFH8wyd1dDEWNE5P7LdtAY
RI6bwpUgng==
=wOGZ
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Processed: python-pyxs: changing back from RFP to ITP
Next by Date: Bug#914658: ITP: authheaders -- Python library for the generation of email authentication headers
Previous by thread: Processed: python-pyxs: changing back from RFP to ITP
Next by thread: Bug#914658: ITP: authheaders -- Python library for the generation of email authentication headers
Index(es):
- Date
- Thread