48 repositorios
Security features that mask or redact sensitive environment variables from logs and console output.
Distinguishing note: Focuses on security and data protection rather than general environment configuration.
Explore 48 awesome GitHub repositories matching security & cryptography · Sensitive Variable Redaction. Refine with filters or upvote what's useful.
Mise is a development environment orchestrator that manages software runtimes, environment variables, and task execution. It functions as a version manager and task runner, providing a unified interface to synchronize project-specific configurations and dependencies across different machines. By automating the installation and switching of tools, it ensures that development environments remain consistent and reproducible. The project distinguishes itself through a hierarchical configuration system that automatically discovers settings by traversing the directory tree. It uses shim-based comma
Protects sensitive information by masking private environment variables in logs and output.
Renovate is a GitOps-driven dependency management engine designed to automate the maintenance of software projects. It functions as an automated update tool that scans repository files to identify outdated dependencies, fetches the latest compatible versions from external sources, and generates pull requests to apply those updates. By integrating directly with code hosting platforms, it synchronizes project dependencies through declarative configuration files, ensuring that software components remain current and secure. The project distinguishes itself through its platform-agnostic architectu
Automatically masks sensitive credentials and tokens from log output to prevent accidental exposure during automated operations.
Letta is a framework for building, deploying, and managing autonomous AI agents that maintain persistent state across long-term interactions. It provides a comprehensive suite of primitives for defining agents with configurable personas, modular memory blocks, and tool-use capabilities, enabling them to retain user preferences and conversation history over extended sessions. The platform distinguishes itself through its advanced memory management and orchestration capabilities. It allows agents to autonomously update their own memory, perform retrieval-augmented generation, and coordinate com
Redacts sensitive credentials from agent logs and command history while injecting them at runtime.
Hurl is a command line HTTP testing tool and REST API test runner that uses a declarative, plain-text format to specify HTTP requests and responses. It functions as a client for continuous integration pipelines, allowing users to describe request sequences without a full programming language. The tool distinguishes itself by sequencing HTTP calls and verifying responses through matchers and variable capture. It maintains a stateful variable store, enabling data extracted from one response to influence subsequent requests within a workflow. The system covers API integration testing and REST w
Includes security features to mask secrets and private variables in output logs.
Gensim is a natural language processing toolkit designed for large-scale text analysis and the training of semantic vector embeddings. It provides a framework for identifying latent thematic structures within document collections and calculating semantic similarity between text segments using unsupervised statistical algorithms. The project is distinguished by its ability to handle datasets that exceed available system memory through incremental corpus streaming, which processes documents one at a time from disk. It utilizes sparse vector representations and dictionary-based token mapping to
Redacts or masks sensitive data in place across various file formats to ensure compliance.
Instructor is a framework designed for structured data extraction, validation, and language model integration. It functions as a library that transforms unstructured text into validated, type-safe objects by leveraging schema definitions and model-specific tool-calling capabilities. By acting as a validation middleware, the project ensures that language model outputs strictly conform to defined data structures. The library distinguishes itself through a robust validation-based retry loop that automatically re-submits failed responses with error feedback to iteratively correct schema complianc
Uses specialized data types to prevent sensitive values from appearing in logs while remaining available for processing.
The AWS Cloud Development Kit is an infrastructure-as-code framework that enables developers to define and provision cloud resources using familiar programming languages. By utilizing construct-based synthesis, it translates high-level, object-oriented code into declarative templates, allowing for the automated management of complex cloud environments through a centralized, code-driven control plane. The framework distinguishes itself through its ability to model infrastructure as a dependency-aware resource graph, ensuring that components are provisioned and updated in the correct order. It
Audits and masks sensitive information within log streams using configurable policies to ensure data privacy and compliance.
Encore is a distributed systems framework designed to unify backend development, infrastructure provisioning, and observability. It functions as an infrastructure-as-code platform that allows developers to define cloud resources, databases, and messaging topics directly within their application code. By analyzing these declarations at compile-time, the system automatically manages the deployment of cloud resources and security policies, ensuring parity between local development and production environments. The platform distinguishes itself through its integrated development experience, which
Filters sensitive information from logs to ensure security and data privacy.
Home Assistant is a local home automation platform and server that acts as an IoT device orchestrator. It integrates diverse smart home hardware by wrapping third-party APIs into a standardized logic layer and stores all system state and historical statistics on local hardware to eliminate cloud dependencies. The system functions as a Matter IoT controller and an MQTT home automation bridge, allowing for local interoperability between different manufacturers. It features a state-based entity model and an internal event bus that decouple physical device logic from system automation. The platf
Home Assistant centralizes passwords and API keys in a dedicated secrets file to prevent exposure.
Cog is a machine learning packaging tool and containerized model wrapper that bundles models and their dependencies into standardized Docker containers. It functions as an environment manager and inference server, ensuring consistent model execution across different hardware systems by resolving GPU drivers, system libraries, and Python dependencies. The project distinguishes itself by automatically generating RESTful HTTP servers and OpenAPI schemas based on defined model input and output types. It manages large model weights as external fixtures to optimize image size and utilizes a slot-ba
Provides automatic redaction of sensitive API tokens and credentials from logs to prevent accidental disclosure.
Signale es una biblioteca de registro de consola formateada para aplicaciones Node.js. Sirve como un framework de registro conectable y enrutador de logs basado en flujos que permite a los usuarios registrar eventos del sistema utilizando niveles, colores y estilos de salida personalizables. El proyecto se distingue como un registrador de consola interactivo capaz de sobrescribir mensajes anteriores para reducir el desorden en la terminal durante tareas de larga duración. También funciona como un monitor de rendimiento de aplicaciones, proporcionando herramientas para medir y rastrear el tiempo de ejecución entre puntos de código específicos para identificar cuellos de botella en el rendimiento. La biblioteca cubre una amplia gama de capacidades, incluyendo la personalización de la salida de consola a través de registradores personalizados y registro con alcance, así como características de seguridad para redactar información sensible de los flujos de logs. Los usuarios pueden extender la lógica de registro a través de plugins y enrutar datos de logs a múltiples destinos grabables simultáneamente.
Implements interceptors to mask or redact sensitive data and credentials from log outputs.
Kreuzberg is a document extraction engine that converts PDFs, Office files, images, and over 90 other formats into clean, structured text and metadata. It is built around a compiled Rust core that can be used as a native library, a command-line tool, a REST API server, or a WebAssembly module for browser-based processing. The system is designed to run entirely on self-hosted infrastructure, with no data leaving the user's environment. What distinguishes Kreuzberg is its breadth of integration surfaces and its pipeline architecture. It exposes extraction capabilities through native bindings fo
Rewrites textual fields in extraction results by removing or masking patterns and NER-detected entities.
Unredacter es un reconstructor de texto por visión artificial y utilidad de análisis forense de imágenes diseñado para recuperar caracteres ocultos de imágenes pixeladas. Funciona como una herramienta para revertir la pixelación e identificar texto dentro de bloques visuales oscurecidos. El sistema utiliza un proceso de comparación de bloques de imagen pixelados contra caracteres candidatos renderizados que coinciden con los estilos tipográficos del texto objetivo. Esto permite la reconstrucción de información oscurecida mediante análisis visual automatizado. El proyecto cubre capacidades para el análisis forense digital, pruebas de redacción de imágenes y evaluación de fugas de información para verificar la efectividad de las técnicas de enmascaramiento basadas en imágenes.
Verifies if pixelation techniques effectively hide sensitive information or if the data can be recovered by attackers.
Enquirer es una biblioteca de Node.js para crear interfaces de línea de comandos interactivas para recopilar datos estructurados del usuario. Proporciona un conjunto de prompts de terminal, incluyendo menús, formularios y campos de texto, para recopilar datos mediante autocompletado, selección múltiple y confirmaciones booleanas. El proyecto sirve como un framework personalizable que permite la creación de tipos de prompt personalizados a través de una clase base y la extensión de la funcionalidad mediante una arquitectura de plugins. La biblioteca cubre una amplia gama de patrones de interacción, como la captura de datos numéricos y sensibles, la validación de la entrada del usuario frente a reglas personalizadas y la ejecución de secuencias de prompts para recopilar comentarios complejos. También incluye capacidades para ordenar listas, rellenar fragmentos de texto y gestionar la recopilación de formularios en la terminal.
Allows capturing passwords and secret keys by masking or hiding keystrokes in the terminal.
Elsa Core is a workflow engine framework designed for defining, executing, and managing long-running business processes. It functions as a distributed workflow orchestrator and event-driven trigger system, capable of operating as a multi-tenant platform with secure data isolation. The project distinguishes itself through a flexible approach to workflow definitions, supporting a visual drag-and-drop designer, programmatic C# definitions, and portable JSON specifications. It provides a highly extensible architecture allowing for the development of custom activities and the use of a dynamic expr
Protects sensitive workflow variables by marking them as secrets to prevent logging or display.
El OpenTelemetry Collector es un proxy agnóstico y pipeline de datos de observabilidad que recibe, procesa y exporta trazas, métricas y registros. Funciona como una puerta de enlace de ingesta de telemetría y un agente de monitoreo multi-backend, traduciendo varios formatos de datos a una representación interna estandarizada para un procesamiento consistente. El proyecto se distingue por su modelo de componentes basado en plugins, lo que permite la integración de receptores, procesadores y exportadores personalizados sin modificar el código base principal. Utiliza un sistema de pipeline configurable donde la telemetría fluye a través de una secuencia de componentes para ser enrutada, replicada o transformada antes de ser enviada a backends de monitoreo externos. El colector incluye capacidades para la gestión del tráfico de telemetría, como el procesamiento por lotes de puntos de datos para optimizar el rendimiento y la implementación de limitación de carga consciente de la memoria para evitar fallos del sistema durante picos de alto volumen. También proporciona transmisión segura de datos a través de canales cifrados y admite la resolución de configuración dinámica para actualizar los ajustes en tiempo de ejecución. Hay distribuciones preconfiguradas disponibles para reducir la configuración manual en entornos específicos.
Hides sensitive data fields during serialization to prevent secrets from appearing in logs or dumps.
Acra is an Android crash reporting framework and diagnostic data collector designed to detect failures and capture device diagnostics, system logs, and application state. It serves as an embeddable library for capturing and processing crash reports, providing a pipeline to send this data to custom backends or via email. The project features a plugin-based sender architecture that allows reports to be routed through HTTP endpoints, email clients, or proprietary backend implementations. It includes a user-controlled reporting system with preference toggles and interactive dialogs to manage user
Implements privacy protection by removing sensitive preference keys matching regular expressions from crash reports.
Moleculer is a Node.js microservices framework designed for building distributed systems. It functions as a distributed service broker, task orchestrator, and service mesh framework, enabling a decentralized architecture with built-in service discovery and load balancing. The project differentiates itself through a pluggable transport layer supporting protocols such as NATS, Redis, TCP, and Kafka, as well as a dedicated microservices API gateway that maps external HTTP and WebSocket requests to internal service actions. It includes built-in fault tolerance mechanisms, including circuit breake
Prevents sensitive configuration keys from being leaked to the service registry or other network nodes.
Este proyecto es un registro público de transparencia de avisos de retirada por derechos de autor y contranotificaciones. Funciona como un registro de derechos de autor redactado, manteniendo un registro cronológico de las solicitudes de cumplimiento legal recibidas por una plataforma de alojamiento. El archivo utiliza un modelo de datos de archivos planos, almacenando los avisos como archivos de texto sin formato dentro de una jerarquía de directorios. Un sistema de control de versiones distribuido proporciona una pista de auditoría permanente y un historial de versiones para todos los avisos legales archivados. El sistema se centra en la supervisión de derechos digitales y la transparencia en la aplicación de derechos de autor eliminando la información de identificación personal de los avisos antes de su publicación. Estos registros redactados se organizan por fecha para facilitar la navegación cronológica y la inspección pública de la gestión de avisos legales.
Removes personally identifiable information from legal notices before publication to protect privacy.
Libation is a comprehensive audiobook management system designed to download, decrypt, and organize Audible audiobooks. It integrates account authentication, library synchronization, DRM removal, and format transcoding into a single desktop application with a plugin-free graphical interface and a built-in theme editor. The project distinguishes itself through a batch library synchronization engine that scans all configured Audible accounts in one pass, a metadata tag rewriting system that corrects chapter markers and cover art after decryption, and a template-based file naming engine that con
Detects downloaded books by their Audible ID within a user-defined directory structure.