SourceClear's Commit Watcher
Aug 15, 2016, 14:00 (1 Talkback[s])
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
Someone accidentally commits private AWS keys to an open-source project and ends up handing candy to a bitcoin miner. Once committed, these secrets are easily discoverable through GitHub Search, which makes this accidental disclosure additionally dangerous. To combat this and other threats to safe use of open source, Source Clear announced Commit Watcher, a recently open-sourced tool that finds interesting and potentially hazardous commits—both accidental credential leaks and undisclosed security patches.