GIT Pre commit hook and Secret validation - Tools | Devops Junction

A recent Security incident at Github where the engineering team accidentally committed their private security key into their public repository alarmed other engineers and organizations

Tech Giant and a pioneer and catalyst of Git, themselves have made a blunder. that cost them to re-create their private key and it has affected its customers too.

Read the full report here. 

Having said that, now we all know how crucial it is to protect our secrets from getting committed or pushed into our GIT repositories. Let it be Github, Bitbucket or Git lab

How to deal with it?  Here I have compiled a few tools that can help these accidental security leaks and sensitive information being committed or pushed

git precommit hook tools

Git Pre Commit Hook tools

So here are some tools to help you prevent accidental security leaks or sensitive information being committed to your repository

git-secrets - It can help you scan your existing repo or as a pre-commit hook. Supports AWS, GCP and Private Key scanning

pre-commit - To create and integrate multiple pre-commit hooks easily. supports custom-written local pre-commit checks as well as remote repository plugins. One of my favourite

detect-secrets - From the labs of Microsoft help to scan for secrets and API keys and Secrets/passwords before they are committed. can be integrated with a pre-commit hook

git-filter-repo / git-filter-branch - Helps in identifying unwanted files over the commit history on the local and remote repo. Also, help in removing the accidentally committed files with secrets.


BFG-RepoCleaner - If you are aware of `git-filter-repo` and `git-filter-branch` to clean history and files on the remote and local. BFG is an advanced and powerful version of the same and much faster than the farmer

Husky - If you are on the JavaScript frameworks ( backend or front end). you might like Husky which helps you to run the pre-commit checks. more details on the following link


Cleaning the secrets which are already committed

🚨 If you have already committed the secrets accidentally. You can still revert it before it's too late. the following article can help you in clearing the files/evidence across the local and remote repository commits


That's it for now. we will keep this article updated.

Sarav AK

Follow me on Linkedin My Profile
Follow DevopsJunction onFacebook orTwitter
For more practical videos and tutorials. Subscribe to our channel

Buy Me a Coffee at

Signup for Exclusive "Subscriber-only" Content