Skip to content

🔒 Security: Add comprehensive credential protection #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
vanman2024 merged 1 commit into from
Dec 25, 2025
Merged

🔒 Security: Add comprehensive credential protection #1

vanman2024 merged 1 commit into from
Dec 25, 2025

Conversation

@vanman2024
Copy link
Owner

@vanman2024 vanman2024 commented Dec 25, 2025

Security Enhancement

Add comprehensive credential protection to prevent API key exposure.

What's Added:

  1. .gitleaks.toml

    • Strict secret detection configuration
    • Custom rules for documentation files
    • Catches Google, Supabase, Clerk, Stripe keys

  2. scripts/sanitize-env-for-docs.sh

    • Sanitizes environment variables for documentation
    • Prevents real credentials in docs
    • Provides safe placeholders

  3. docs/CREDENTIAL-SAFETY.md

    • Complete security guidelines
    • Emergency response procedures
    • Best practices for doc generation

  4. .git-hooks/pre-commit

    • Pre-commit hook for gitleaks
    • Prevents committing secrets
    • Runs automatically before each commit

Setup:

After merging, team members should:

# Install gitleaks (one-time)
brew install gitleaks  # macOS
# or https://github.com/gitleaks/gitleaks

# Install pre-commit hook (one-time per repo)
cp .git-hooks/pre-commit .git/hooks/pre-commit
chmod +x .git/hooks/pre-commit

For Doc Generators:

When creating documentation with API keys:

source scripts/sanitize-env-for-docs.sh
echo "GOOGLE_API_KEY=$SANITIZED_GOOGLE_API_KEY"
# Output: GOOGLE_API_KEY=your_google_api_key_here

🤖 Generated with Claude Code

@vanman2024 @claude
security: Add comprehensive credential protection
280f5c0 
Add security measures to prevent API key exposure:
- .gitleaks.toml: Strict secret detection config
- scripts/sanitize-env-for-docs.sh: Env var sanitization for docs
- docs/CREDENTIAL-SAFETY.md: Security guidelines and procedures
- .git-hooks/pre-commit: Pre-commit secret scanning hook

These measures prevent accidental commit of API keys, tokens, and other
credentials in documentation and code.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
@vanman2024 vanman2024 merged commit 820bc57 into master Dec 25, 2025
1 check failed
@vanman2024 vanman2024 deleted the security/add-credential-protection branch December 25, 2025 21:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vanman2024