<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Hacker News: zricethezav</title><link>https://news.ycombinator.com/user?id=zricethezav</link><description>Hacker News RSS</description><docs>https://hnrss.org/</docs><generator>hnrss v2.1.1</generator><lastBuildDate>Fri, 03 Jul 2026 09:32:46 +0000</lastBuildDate><atom:link href="https://hnrss.org/user?id=zricethezav" rel="self" type="application/rss+xml"></atom:link><item><title><![CDATA[New comment by zricethezav in "Ask HN: What Are You Working On? (May 2026)"]]></title><description><![CDATA[
<p>I've been working on Betterleaks for the past three months. It's the successor to Gitleaks since I'm not focused on that project much anymore. I just released v1.2.0 which added GitHub as a source to scan for secrets against and a new filtering system powered by CEL for more expressiveness.<p><a href="https://betterleaks.com" rel="nofollow">https://betterleaks.com</a></p>
]]></description><pubDate>Sun, 10 May 2026 19:02:26 +0000</pubDate><link>https://news.ycombinator.com/item?id=48086774</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=48086774</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48086774</guid></item><item><title><![CDATA[New comment by zricethezav in "I wrote Gitleaks, now I'm maintaining Betterleaks"]]></title><description><![CDATA[
<p>8 years ago I wrote the first lines of Gitleaks and have been hooked on finding leaked secrets since. Gitleaks grew from a small project to a name recognized by developers and security folks. It sucks but I gotta take a step back from the project. I'll cut security releases but don't expect any new features from me.
But I'm not stepping back from secrets scanning! I'm working full time on maintaining Betterleaks, a drop-in replacement for Gitleaks with some fun new features and improvements like rule-defined validation, faster scans, new filters like token efficiency, and more.<p>Happy to chat about it and sorry if this causes any migration headache<p>`alias gitleaks='betterleaks'` should do the trick</p>
]]></description><pubDate>Thu, 12 Mar 2026 16:34:41 +0000</pubDate><link>https://news.ycombinator.com/item?id=47353455</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=47353455</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47353455</guid></item><item><title><![CDATA[I wrote Gitleaks, now I'm maintaining Betterleaks]]></title><description><![CDATA[
<p>Article URL: <a href="https://www.aikido.dev/blog/betterleaks-gitleaks-successor">https://www.aikido.dev/blog/betterleaks-gitleaks-successor</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=47353454">https://news.ycombinator.com/item?id=47353454</a></p>
<p>Points: 15</p>
<p># Comments: 3</p>
]]></description><pubDate>Thu, 12 Mar 2026 16:34:41 +0000</pubDate><link>https://www.aikido.dev/blog/betterleaks-gitleaks-successor</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=47353454</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47353454</guid></item><item><title><![CDATA[New comment by zricethezav in "Show HN: I built a tool that helps people scan and clean any repo for secrets"]]></title><description><![CDATA[
<p>looks familiar</p>
]]></description><pubDate>Tue, 22 Oct 2024 20:27:17 +0000</pubDate><link>https://news.ycombinator.com/item?id=41918362</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=41918362</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=41918362</guid></item><item><title><![CDATA[New comment by zricethezav in "I analyzed Stack Overflow for secrets"]]></title><description><![CDATA[
<p>> gitleaks : fatal error: runtime: out of memory<p>Should be fixed now: <a href="https://github.com/gitleaks/gitleaks/pull/1292">https://github.com/gitleaks/gitleaks/pull/1292</a>. Thanks for highlighting this simple change I've been putting off :)</p>
]]></description><pubDate>Fri, 17 Nov 2023 21:04:13 +0000</pubDate><link>https://news.ycombinator.com/item?id=38310292</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=38310292</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=38310292</guid></item><item><title><![CDATA[Live API Keys and Source Code Leaked in 4,500 of the Top Alexa Sites]]></title><description><![CDATA[
<p>Article URL: <a href="https://trufflesecurity.com/blog/4500-of-the-top-1-million-websites-leaked-source-code-secrets/">https://trufflesecurity.com/blog/4500-of-the-top-1-million-websites-leaked-source-code-secrets/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=37394160">https://news.ycombinator.com/item?id=37394160</a></p>
<p>Points: 13</p>
<p># Comments: 0</p>
]]></description><pubDate>Tue, 05 Sep 2023 16:31:53 +0000</pubDate><link>https://trufflesecurity.com/blog/4500-of-the-top-1-million-websites-leaked-source-code-secrets/</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=37394160</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=37394160</guid></item><item><title><![CDATA[Show HN: Forager – Browse millions of live secrets leaked from GitHub/NPM]]></title><description><![CDATA[
<p>Article URL: <a href="https://trufflesecurity.com/blog/introducing-forager/">https://trufflesecurity.com/blog/introducing-forager/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=36816425">https://news.ycombinator.com/item?id=36816425</a></p>
<p>Points: 2</p>
<p># Comments: 0</p>
]]></description><pubDate>Fri, 21 Jul 2023 17:04:38 +0000</pubDate><link>https://trufflesecurity.com/blog/introducing-forager/</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=36816425</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=36816425</guid></item><item><title><![CDATA[New comment by zricethezav in "Browse millions of secrets leaked in GitHub/NPM via Forager"]]></title><description><![CDATA[
<p>Agreed! 1/1000 is pretty frequent considering how many pushes to GitHub happen every single day. Folks probably get a false sense of security thinking no one is looking at their personal repos (spoiler alert... they are!)</p>
]]></description><pubDate>Wed, 19 Jul 2023 18:45:13 +0000</pubDate><link>https://news.ycombinator.com/item?id=36791291</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=36791291</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=36791291</guid></item><item><title><![CDATA[Browse millions of secrets leaked in GitHub/NPM via Forager]]></title><description><![CDATA[
<p>Article URL: <a href="https://trufflesecurity.com/blog/introducing-forager/">https://trufflesecurity.com/blog/introducing-forager/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=36790112">https://news.ycombinator.com/item?id=36790112</a></p>
<p>Points: 11</p>
<p># Comments: 3</p>
]]></description><pubDate>Wed, 19 Jul 2023 17:31:07 +0000</pubDate><link>https://trufflesecurity.com/blog/introducing-forager/</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=36790112</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=36790112</guid></item><item><title><![CDATA[New comment by zricethezav in "Toyota suffered a data breach by accidentally exposing a secret key on GitHub"]]></title><description><![CDATA[
<p>Gitleaks also offers a nice pre-commit hook: <a href="https://github.com/zricethezav/gitleaks#pre-commit" rel="nofollow">https://github.com/zricethezav/gitleaks#pre-commit</a></p>
]]></description><pubDate>Thu, 13 Oct 2022 21:51:28 +0000</pubDate><link>https://news.ycombinator.com/item?id=33196923</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=33196923</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=33196923</guid></item><item><title><![CDATA[New comment by zricethezav in "Toyota suffered a data breach by accidentally exposing a secret key on GitHub"]]></title><description><![CDATA[
<p>Good reminder to run Gitleaks or Gitleaks-Action on your repos<p>- <a href="https://github.com/zricethezav/gitleaks" rel="nofollow">https://github.com/zricethezav/gitleaks</a><p>- <a href="https://gitleaks.io/products" rel="nofollow">https://gitleaks.io/products</a></p>
]]></description><pubDate>Thu, 13 Oct 2022 21:28:09 +0000</pubDate><link>https://news.ycombinator.com/item?id=33196714</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=33196714</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=33196714</guid></item><item><title><![CDATA[New comment by zricethezav in "Toyota suffered a data breach by accidentally exposing a secret key on GitHub"]]></title><description><![CDATA[
<p>If using GitHub-Actions, Gitleaks offers competitive pricing for a secret scanning solution.<p><a href="https://gitleaks.io/products" rel="nofollow">https://gitleaks.io/products</a></p>
]]></description><pubDate>Thu, 13 Oct 2022 21:24:16 +0000</pubDate><link>https://news.ycombinator.com/item?id=33196679</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=33196679</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=33196679</guid></item><item><title><![CDATA[New comment by zricethezav in "Entitlement in Open Source"]]></title><description><![CDATA[
<p>I'm doing something similar with gitleaks: <a href="https://gitleaks.io/support.html" rel="nofollow">https://gitleaks.io/support.html</a><p>So far it's working out great.</p>
]]></description><pubDate>Wed, 21 Sep 2022 17:49:16 +0000</pubDate><link>https://news.ycombinator.com/item?id=32928634</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=32928634</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=32928634</guid></item><item><title><![CDATA[New comment by zricethezav in "Entitlement in Open Source"]]></title><description><![CDATA[
<p>I recently tried my hand in commercializing my open source project, gitleaks (<a href="http://gitleaks.io" rel="nofollow">http://gitleaks.io</a>). I'm keeping the core gitleaks project MIT but changed the gitleaks-action on GitHub to a commercial license. Revenue from the commercial license and maintenance agreements has netted me much more than donations I've received over the past couple years. I encourage any open source maintainer to try and find a business model (plugin, dual license, enterprise support, etc) for their project.<p>FWIW, here is a blog post explaining the rationale behind starting an LLC <a href="https://blog.gitleaks.io/gitleaks-llc-announcement-d7d06a52e801" rel="nofollow">https://blog.gitleaks.io/gitleaks-llc-announcement-d7d06a52e...</a></p>
]]></description><pubDate>Wed, 21 Sep 2022 17:47:41 +0000</pubDate><link>https://news.ycombinator.com/item?id=32928616</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=32928616</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=32928616</guid></item><item><title><![CDATA[New comment by zricethezav in "Hardcoded password in Confluence app has been leaked on Twitter"]]></title><description><![CDATA[
<p>Good reminder to run <a href="https://gitleaks.io" rel="nofollow">https://gitleaks.io</a> on your projects</p>
]]></description><pubDate>Fri, 22 Jul 2022 20:59:23 +0000</pubDate><link>https://news.ycombinator.com/item?id=32197038</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=32197038</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=32197038</guid></item><item><title><![CDATA[New comment by zricethezav in "Billion-record stolen Chinese database for sale on breach forum"]]></title><description><![CDATA[
<p>hardcoded creds in example documentation... T_T<p>Use vault, env vars, GitHub/GitLab secrets, anything but string literals!!!</p>
]]></description><pubDate>Tue, 05 Jul 2022 23:23:39 +0000</pubDate><link>https://news.ycombinator.com/item?id=31994968</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=31994968</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=31994968</guid></item><item><title><![CDATA[New comment by zricethezav in "Billion-record stolen Chinese database for sale on breach forum"]]></title><description><![CDATA[
<p>`pass` by itself might introduce false positives. `passwd` and `password` are common and more likely to be in the ROI of a secret. That said, I'm not opposed to `pass` by itself. I'll have to think about this one...<p>> but I assume they were chosen based on the statistics?<p>Nope, not statistics. Identifiers and keywords are chosen based on what I see out in the wild being a software engineer.</p>
]]></description><pubDate>Tue, 05 Jul 2022 23:21:10 +0000</pubDate><link>https://news.ycombinator.com/item?id=31994955</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=31994955</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=31994955</guid></item><item><title><![CDATA[New comment by zricethezav in "Billion-record stolen Chinese database for sale on breach forum"]]></title><description><![CDATA[
<p>More and more providers have been adding unique prefixes to their tokens and access keys which makes detection much easier. Ex, GitLab adds `glpat-` to their PAT.<p>A project I maintain, Gitleaks, can easily detect "unique" secrets and does a pretty good job at detecting "generic" secrets too. In this case, the generic gitleaks rule would have caught the secrets [1]. You can see the full rule definition here [2] and how the rule is constructed here [3].<p>[1] <a href="https://regex101.com/r/CLg9TK/1" rel="nofollow">https://regex101.com/r/CLg9TK/1</a><p>[2] <a href="https://github.com/zricethezav/gitleaks/blob/master/config/gitleaks.toml#L1139-L1147" rel="nofollow">https://github.com/zricethezav/gitleaks/blob/master/config/g...</a><p>[3] <a href="https://github.com/zricethezav/gitleaks/blob/master/cmd/generate/config/rules/generic.go" rel="nofollow">https://github.com/zricethezav/gitleaks/blob/master/cmd/gene...</a></p>
]]></description><pubDate>Tue, 05 Jul 2022 20:55:06 +0000</pubDate><link>https://news.ycombinator.com/item?id=31993575</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=31993575</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=31993575</guid></item><item><title><![CDATA[New comment by zricethezav in "Billion-record stolen Chinese database for sale on breach forum"]]></title><description><![CDATA[
<p>Assuming this unverified version of the story is true, the danger of accidentally leaking credentials in code is enormous and one of the reasons I continue to maintain and develop gitleaks. Those credentials[1] would have been caught by the gitleaks' generic rule [2]<p>[1] <a href="https://regex101.com/r/CLg9TK/1" rel="nofollow">https://regex101.com/r/CLg9TK/1</a><p>[2] <a href="https://github.com/zricethezav/gitleaks/blob/master/config/gitleaks.toml#L1139-L1147" rel="nofollow">https://github.com/zricethezav/gitleaks/blob/master/config/g...</a></p>
]]></description><pubDate>Tue, 05 Jul 2022 20:30:30 +0000</pubDate><link>https://news.ycombinator.com/item?id=31993306</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=31993306</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=31993306</guid></item><item><title><![CDATA[New comment by zricethezav in "Ask HN: What are some good non-subscription Mac apps?"]]></title><description><![CDATA[
<p>monodraw - <a href="https://monodraw.helftone.com/" rel="nofollow">https://monodraw.helftone.com/</a> like paint but for ascii art<p>I used it to come up with the new gitleaks logo: <a href="https://github.com/zricethezav/gitleaks" rel="nofollow">https://github.com/zricethezav/gitleaks</a></p>
]]></description><pubDate>Tue, 10 May 2022 15:33:54 +0000</pubDate><link>https://news.ycombinator.com/item?id=31328355</link><dc:creator>zricethezav</dc:creator><comments>https://news.ycombinator.com/item?id=31328355</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=31328355</guid></item></channel></rss>