SourceClear Open Sources Tool That Identifies Potentially Hazardous Commits

Posted on Monday, June 13, 2016 by STUART PARKERSON, Global Sales

SourceClear has open sourced its Commit Watcher tool which identifies accidental disclosure of sensitive information (SSH keys, AWS credentials, etc.) and security patches for vulnerabilities that are not explicitly disclosed.

In a blog post the company commented, �We initially built Commit Watcher to discover these undisclosed (but public) security patches, which are fed into the Source Clear Registry once they have been verified. When we added the ability to find accidentally disclosed secrets in projects, we realized how valuable this tool can be for every company releasing open source software. Companies can watch their own projects, public and private, for accidental disclosures, and take remedial action as soon as possible.�

Commit Watcher ships with dozens of rules to find commits containing credentials from services like Amazon Web Services and Salesforce, to SSH keys, API tokens, database dump files, and more. The platform also looks for commits and commit messages that contain keywords that are often associated with security vulnerabilities.

More App Developer News

NIKKE 3.5 anniversary update livestream coming soon

New AI tool targets early dementia detection

Jentic launch gives AI agents api access

Experts warn ai-generated health content risks misinterpretation without human oversight

Ludo.ai Unveils API and MCP Beta to Power AI Game Asset Pipelines

AccuWeather Launches ChatGPT Integration for Live Weather Updates

Stop Using Business Jargon: 5 Ways Buzzwords Damage Job Performance

IT spending rises as banks balance legacy and innovation

Tech hiring slumps as Software Developer job postings fall

AI is becoming more widespread in collaboration tools

FCC prohibits new foreign router models citing critical infrastructure risks

ChatGPT Carbon Footprint Matches 1.3 Million Cars Report Finds

Lens Launches MCP Server to Connect AI Coding Assistants with Kubernetes

Accelerating corporate ai investment returns

Enviromates tech startup launches global participation platform

Private Repository Secures the AI-driven Development Boom

UK Fintech Platform Enviromates Connects Projects Brands and Consumers

Env Zero and CloudQuery Announce Merger

How Industrial AI Is Transforming Operations in 2026

AI generated work from managers is damaging trust among employees

Foresight Secures $25M to Bridge Infrastructure Execution Gap

UNESCO AI initiatives driving sustainable development in Africa

What can you build with ChatGPT in 48 hours

env zero and CloudQuery merge

China is accelerating the next phase of AI