50 Repos
Security features that mask or redact sensitive environment variables from logs and console output.
Distinguishing note: Focuses on security and data protection rather than general environment configuration.
Explore 50 awesome GitHub repositories matching security & cryptography · Sensitive Variable Redaction. Refine with filters or upvote what's useful.
Mise is a development environment orchestrator that manages software runtimes, environment variables, and task execution. It functions as a version manager and task runner, providing a unified interface to synchronize project-specific configurations and dependencies across different machines. By automating the installation and switching of tools, it ensures that development environments remain consistent and reproducible. The project distinguishes itself through a hierarchical configuration system that automatically discovers settings by traversing the directory tree. It uses shim-based comma
Protects sensitive information by masking private environment variables in logs and output.
Renovate is a GitOps-driven dependency management engine designed to automate the maintenance of software projects. It functions as an automated update tool that scans repository files to identify outdated dependencies, fetches the latest compatible versions from external sources, and generates pull requests to apply those updates. By integrating directly with code hosting platforms, it synchronizes project dependencies through declarative configuration files, ensuring that software components remain current and secure. The project distinguishes itself through its platform-agnostic architectu
Automatically masks sensitive credentials and tokens from log output to prevent accidental exposure during automated operations.
Letta is a framework for building, deploying, and managing autonomous AI agents that maintain persistent state across long-term interactions. It provides a comprehensive suite of primitives for defining agents with configurable personas, modular memory blocks, and tool-use capabilities, enabling them to retain user preferences and conversation history over extended sessions. The platform distinguishes itself through its advanced memory management and orchestration capabilities. It allows agents to autonomously update their own memory, perform retrieval-augmented generation, and coordinate com
Redacts sensitive credentials from agent logs and command history while injecting them at runtime.
Hurl is a command line HTTP testing tool and REST API test runner that uses a declarative, plain-text format to specify HTTP requests and responses. It functions as a client for continuous integration pipelines, allowing users to describe request sequences without a full programming language. The tool distinguishes itself by sequencing HTTP calls and verifying responses through matchers and variable capture. It maintains a stateful variable store, enabling data extracted from one response to influence subsequent requests within a workflow. The system covers API integration testing and REST w
Includes security features to mask secrets and private variables in output logs.
Gensim is a natural language processing toolkit designed for large-scale text analysis and the training of semantic vector embeddings. It provides a framework for identifying latent thematic structures within document collections and calculating semantic similarity between text segments using unsupervised statistical algorithms. The project is distinguished by its ability to handle datasets that exceed available system memory through incremental corpus streaming, which processes documents one at a time from disk. It utilizes sparse vector representations and dictionary-based token mapping to
Redacts or masks sensitive data in place across various file formats to ensure compliance.
Instructor is a framework designed for structured data extraction, validation, and language model integration. It functions as a library that transforms unstructured text into validated, type-safe objects by leveraging schema definitions and model-specific tool-calling capabilities. By acting as a validation middleware, the project ensures that language model outputs strictly conform to defined data structures. The library distinguishes itself through a robust validation-based retry loop that automatically re-submits failed responses with error feedback to iteratively correct schema complianc
Uses specialized data types to prevent sensitive values from appearing in logs while remaining available for processing.
The AWS Cloud Development Kit is an infrastructure-as-code framework that enables developers to define and provision cloud resources using familiar programming languages. By utilizing construct-based synthesis, it translates high-level, object-oriented code into declarative templates, allowing for the automated management of complex cloud environments through a centralized, code-driven control plane. The framework distinguishes itself through its ability to model infrastructure as a dependency-aware resource graph, ensuring that components are provisioned and updated in the correct order. It
Audits and masks sensitive information within log streams using configurable policies to ensure data privacy and compliance.
Encore is a distributed systems framework designed to unify backend development, infrastructure provisioning, and observability. It functions as an infrastructure-as-code platform that allows developers to define cloud resources, databases, and messaging topics directly within their application code. By analyzing these declarations at compile-time, the system automatically manages the deployment of cloud resources and security policies, ensuring parity between local development and production environments. The platform distinguishes itself through its integrated development experience, which
Filters sensitive information from logs to ensure security and data privacy.
Home Assistant is a local home automation platform and server that acts as an IoT device orchestrator. It integrates diverse smart home hardware by wrapping third-party APIs into a standardized logic layer and stores all system state and historical statistics on local hardware to eliminate cloud dependencies. The system functions as a Matter IoT controller and an MQTT home automation bridge, allowing for local interoperability between different manufacturers. It features a state-based entity model and an internal event bus that decouple physical device logic from system automation. The platf
Home Assistant centralizes passwords and API keys in a dedicated secrets file to prevent exposure.
Cog is a machine learning packaging tool and containerized model wrapper that bundles models and their dependencies into standardized Docker containers. It functions as an environment manager and inference server, ensuring consistent model execution across different hardware systems by resolving GPU drivers, system libraries, and Python dependencies. The project distinguishes itself by automatically generating RESTful HTTP servers and OpenAPI schemas based on defined model input and output types. It manages large model weights as external fixtures to optimize image size and utilizes a slot-ba
Provides automatic redaction of sensitive API tokens and credentials from logs to prevent accidental disclosure.
Signale is a formatted console logging library for Node.js applications. It serves as a pluggable logging framework and stream-based log router that allows users to record system events using customizable levels, colors, and output styles. The project distinguishes itself as an interactive console logger capable of overwriting previous messages to reduce terminal clutter during long-running tasks. It also functions as an application performance monitor, providing tools to measure and track execution time between specific code points to identify performance bottlenecks. The library covers a b
Implements interceptors to mask or redact sensitive data and credentials from log outputs.
Kreuzberg is a document extraction engine that converts PDFs, Office files, images, and over 90 other formats into clean, structured text and metadata. It is built around a compiled Rust core that can be used as a native library, a command-line tool, a REST API server, or a WebAssembly module for browser-based processing. The system is designed to run entirely on self-hosted infrastructure, with no data leaving the user's environment. What distinguishes Kreuzberg is its breadth of integration surfaces and its pipeline architecture. It exposes extraction capabilities through native bindings fo
Rewrites textual fields in extraction results by removing or masking patterns and NER-detected entities.
Unredacter ist ein Computer-Vision-Tool zur Textrekonstruktion und Bildforensik, das darauf ausgelegt ist, versteckte Zeichen aus verpixelten Bildern wiederherzustellen. Es fungiert als Werkzeug zur Umkehrung der Verpixelung, um Text innerhalb verdeckter visueller Blöcke zu identifizieren. Das System verwendet einen Prozess, bei dem verpixelte Bildblöcke mit gerenderten Kandidatenzeichen verglichen werden, die den typografischen Stilen des Zieltextes entsprechen. Dies ermöglicht die Rekonstruktion verdeckter Informationen durch automatisierte visuelle Analyse. Das Projekt deckt Funktionen für digitale forensische Analysen, Tests zur Bildschwärzung und Bewertungen von Informationslecks ab, um die Wirksamkeit bildbasierter Maskierungstechniken zu überprüfen.
Verifies if pixelation techniques effectively hide sensitive information or if the data can be recovered by attackers.
Enquirer ist eine Node.js-Bibliothek zum Erstellen interaktiver Befehlszeilenschnittstellen zur Erfassung strukturierter Benutzereingaben. Sie bietet eine Reihe von Terminal-Prompts, einschließlich Menüs, Formularen und Textfeldern, um Daten über Autocomplete, Multiselect und boolesche Bestätigungen zu sammeln. Das Projekt dient als anpassbares Framework, das die Erstellung benutzerdefinierter Prompt-Typen durch eine Basisklasse und die Erweiterung der Funktionalität über eine Plugin-Architektur ermöglicht. Die Bibliothek deckt eine breite Palette von Interaktionsmustern ab, wie das Erfassen numerischer und sensibler Daten, das Validieren von Benutzereingaben gegen benutzerdefinierte Regeln und das Ausführen von Prompt-Sequenzen zur Erfassung komplexen Feedbacks. Sie enthält zudem Funktionen zum Sortieren von Listen, Ausfüllen von Text-Snippets und Verwalten der Terminal-Formularerfassung.
Allows capturing passwords and secret keys by masking or hiding keystrokes in the terminal.
Elsa Core is a workflow engine framework designed for defining, executing, and managing long-running business processes. It functions as a distributed workflow orchestrator and event-driven trigger system, capable of operating as a multi-tenant platform with secure data isolation. The project distinguishes itself through a flexible approach to workflow definitions, supporting a visual drag-and-drop designer, programmatic C# definitions, and portable JSON specifications. It provides a highly extensible architecture allowing for the development of custom activities and the use of a dynamic expr
Protects sensitive workflow variables by marking them as secrets to prevent logging or display.
Der OpenTelemetry Collector ist ein herstellerunabhängiger Proxy und eine Observability-Daten-Pipeline, die Traces, Metriken und Logs empfängt, verarbeitet und exportiert. Er fungiert als Telemetrie-Ingestion-Gateway und Multi-Backend-Monitoring-Agent, der verschiedene Datenformate für eine konsistente Verarbeitung in eine standardisierte interne Repräsentation übersetzt. Das Projekt zeichnet sich durch ein Plugin-basiertes Komponentenmodell aus, das die Integration benutzerdefinierter Receiver, Prozessoren und Exporter ohne Änderungen am Kern-Codebase ermöglicht. Es nutzt ein konfigurierbares Pipeline-System, in dem Telemetriedaten eine Sequenz von Komponenten durchlaufen, um geroutet, repliziert oder transformiert zu werden, bevor sie an externe Monitoring-Backends gesendet werden. Der Collector umfasst Funktionen für das Telemetrie-Traffic-Management, wie z. B. das Batching von Datenpunkten zur Durchsatzoptimierung und speicherbewusstes Load-Shedding, um Systemabstürze bei Lastspitzen zu verhindern. Er bietet zudem sichere Datenübertragung über verschlüsselte Kanäle und unterstützt dynamische Konfigurationsauflösung zur Laufzeit. Vorkonfigurierte Distributionen sind verfügbar, um den manuellen Einrichtungsaufwand für spezifische Umgebungen zu reduzieren.
Hides sensitive data fields during serialization to prevent secrets from appearing in logs or dumps.
Acra is an Android crash reporting framework and diagnostic data collector designed to detect failures and capture device diagnostics, system logs, and application state. It serves as an embeddable library for capturing and processing crash reports, providing a pipeline to send this data to custom backends or via email. The project features a plugin-based sender architecture that allows reports to be routed through HTTP endpoints, email clients, or proprietary backend implementations. It includes a user-controlled reporting system with preference toggles and interactive dialogs to manage user
Implements privacy protection by removing sensitive preference keys matching regular expressions from crash reports.
Moleculer is a Node.js microservices framework designed for building distributed systems. It functions as a distributed service broker, task orchestrator, and service mesh framework, enabling a decentralized architecture with built-in service discovery and load balancing. The project differentiates itself through a pluggable transport layer supporting protocols such as NATS, Redis, TCP, and Kafka, as well as a dedicated microservices API gateway that maps external HTTP and WebSocket requests to internal service actions. It includes built-in fault tolerance mechanisms, including circuit breake
Prevents sensitive configuration keys from being leaked to the service registry or other network nodes.
Dieses Projekt ist ein öffentliches Transparenz-Logbuch für Copyright-Takedown- und Counter-Notices. Es fungiert als redigiertes Copyright-Register und führt eine chronologische Aufzeichnung rechtlicher Durchsetzungsanfragen, die bei einer Hosting-Plattform eingehen. Das Archiv nutzt ein Flat-File-Datenmodell und speichert Mitteilungen als Plain-Text-Dateien innerhalb einer Verzeichnishierarchie. Ein verteiltes Versionskontrollsystem bietet einen permanenten Audit-Trail und eine Versionshistorie für alle archivierten rechtlichen Mitteilungen. Das System konzentriert sich auf die Überwachung digitaler Rechte und die Transparenz bei der Durchsetzung des Urheberrechts, indem personenbezogene Daten vor der Veröffentlichung aus den Mitteilungen entfernt werden. Diese redigierten Datensätze sind nach Datum organisiert, um das chronologische Durchsuchen und die öffentliche Einsichtnahme in die Verwaltung rechtlicher Mitteilungen zu erleichtern.
Removes personally identifiable information from legal notices before publication to protect privacy.
Libation is a comprehensive audiobook management system designed to download, decrypt, and organize Audible audiobooks. It integrates account authentication, library synchronization, DRM removal, and format transcoding into a single desktop application with a plugin-free graphical interface and a built-in theme editor. The project distinguishes itself through a batch library synchronization engine that scans all configured Audible accounts in one pass, a metadata tag rewriting system that corrects chapter markers and cover art after decryption, and a template-based file naming engine that con
Detects downloaded books by their Audible ID within a user-defined directory structure.