Rename project from secrets to ripsecrets to avoid name collisions wi…

…th other projects (#17)

.pre-commit-hooks.yaml

@@ -1,7 +1,7 @@
--   id: secrets
-    name: secrets
+-   id: ripsecrets
+    name: ripsecrets
     description: 'Prevent committing secret keys into your source code'
-    entry: secrets
+    entry: ripsecrets
     language: rust
     'types': [text]
     args: [--strict-ignore]

CHANGELOG.md

@@ -1,5 +1,7 @@
 ## 0.1.3 (Not yet released)
 
+- Renamed from `secrets` to `ripsecrets` to avoid name collisions with other
+  projects.
 - Added a new --strict-ignore option for pre-commit usage. When a pre-commit is
   invoked it includes a list of filenames. By default secrets will search
   referenced files regardless of the contents of .gitignore or .secretsignore.

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
-name = "secrets"
-version = "0.1.2"
+name = "ripsecrets"
+version = "0.1.3"
 edition = "2021"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

README.md

@@ -1,43 +1,43 @@
-# secrets
+# ripsecrets
 
-`secrets` is a command-line tool to prevent committing secret keys into your source code. `secrets` has a few features that distinguish it from other secret scanning tools:
+`ripsecrets` is a command-line tool to prevent committing secret keys into your source code. `ripsecrets` has a few features that distinguish it from other secret scanning tools:
 
 1. Focused on pre-commit. It's a lot cheaper to prevent secrets from getting committed in the first place than dealing with the consequences once a secret that has been committed to your repository has been detected.
 
-2. Extremely fast. Using a secret scanner shouldn't slow down your development workflow, so `secrets` is 95 times faster or more than other tools. Learn more about how it's designed for performance [here](#performance).
+2. Extremely fast. Using a secret scanner shouldn't slow down your development workflow, so `ripsecrets` is 95 times faster or more than other tools. Learn more about how it's designed for performance [here](#performance).
 
-3. Always local operation. Many other secret scanners try to verify that the secrets are valid, which is practice means sending strings from your source code to 3rd party services automatically. There's a security versus convienience tradeoff in that decision, but `secrets` is designed to be the best "local only" tool and will never send data off of your computer.
+3. Always local operation. Many other secret scanners try to verify that the secrets are valid, which is practice means sending strings from your source code to 3rd party services automatically. There's a security versus convienience tradeoff in that decision, but `ripsecrets` is designed to be the best "local only" tool and will never send data off of your computer.
 
-4. Low rate of false positives. While local-only tools are always going to have more false positives than one that verifies secrets, `secrets` uses a probability theory based approach in order to more accurately detect keys than other tools.
+4. Low rate of false positives. While local-only tools are always going to have more false positives than one that verifies secrets, `ripsecrets` uses a probability theory based approach in order to more accurately detect keys than other tools.
 
-5. Single binary with no dependencies. Installing `secrets` is as easy as copying the binary into your `bin` directory.
+5. Single binary with no dependencies. Installing `ripsecrets` is as easy as copying the binary into your `bin` directory.
 
 ## Usage
 
-By default running `secrets` will recursively search source files in your current directory for secrets.
+By default running `ripsecrets` will recursively search source files in your current directory for secrets.
 
 ```
-$ secrets
+$ ripsecrets
 ```
 
 For every secret it finds it will print out the file, line number, and the secret that was found. If it finds any secrets it will exit with a non-zero status code.
 
 You can optionally pass a list of files and directories to search as arguments.
 
 ```
-$ secrets file1 file2 dir1
+$ ripsecrets file1 file2 dir1
 ```
 
-This is most commonly used to search files that are about to be committed to source control for accidentically included secrets. You can install `secrets` as a pre-commit hook automatically in your current git repository using the following command:
+This is most commonly used to search files that are about to be committed to source control for accidentically included secrets. You can install `ripsecrets` as a pre-commit hook automatically in your current git repository using the following command:
 
 ```
-$ secrets --install-pre-commit
+$ ripsecrets --install-pre-commit
 ```
 
-If you would like to install `secrets` manually you can add the following command to yout `pre-commit` script:
+If you would like to install `ripsecrets` manually you can add the following command to yout `pre-commit` script:
 
 ```
-$ secrets --strict-ignore `git diff --cached --name-only --diff-filter=ACM`
+$ ripsecrets --strict-ignore `git diff --cached --name-only --diff-filter=ACM`
 ```
 
 Passing `--strict-ignore` ensures that your `.secretsignore` file is respected when running secrets as a pre-commit.
@@ -54,7 +54,7 @@ cargo install --git https://github.com/sirwart/secrets --branch main
 
 ### Using pre-commit
 
-`secrets` can work as a plugin for [pre-commit](https://pre-commit.com/) with
+`ripsecrets` can work as a plugin for [pre-commit](https://pre-commit.com/) with
 the following configuration.
 
 Note that this may require having Cargo and a Rust compiler already installed.
@@ -63,16 +63,16 @@ information.
 
 ```yaml
 repos:
--   repo: https://github.com/sirwart/secrets.git
+-   repo: https://github.com/sirwart/ripsecrets.git
     # Set your version, be sure to use the latest and update regularly or use 'main'
     rev: v0.1.3
     hooks:
-    -   id: secrets
+    -   id: ripsecrets
 ```
 
 ## Ignoring secrets
 
-`secrets` will respect your .gitignore files by default, but there might still be files you want to exclude from being scanned for secrets. To do that you can create a .secretsignore file, which supports similar syntax to a .gitignore file for ignoring files. In addition to excluding files, it also supports a `[secrets]` section that allows ignoring individual secrets.
+`ripsecrets` will respect your .gitignore files by default, but there might still be files you want to exclude from being scanned for secrets. To do that you can create a .secretsignore file, which supports similar syntax to a .gitignore file for ignoring files. In addition to excluding files, it also supports a `[secrets]` section that allows ignoring individual secrets.
 
 ```
 test/*
@@ -82,21 +82,21 @@ dummy
 pAznMW3DsrnVJ5TDWwBVCA
 ```
 
-In addition to the .secretsignore file, `secrets` is compatible with `detect-secrets` style allowlist comments on the same line as the detected secret:
+In addition to the .secretsignore file, `ripsecrets` is compatible with `detect-secrets` style allowlist comments on the same line as the detected secret:
 
 ```
 test_secret = "pAznMW3DsrnVJ5TDWwBVCA" # pragma: allowlist secret
 ```
 
 ## Performance
 
-The slowest part of secret scanning is looking for potential secrets in a large number of files. To do this quickly `secrets` does a couple of things:
+The slowest part of secret scanning is looking for potential secrets in a large number of files. To do this quickly `ripsecrets` does a couple of things:
 
 1. All the secret patterns are compiled into a single regex, so each file only needs to be processed once.
 
 2. This regex is fed to [ripgrep](https://github.com/BurntSushi/ripgrep), which is specially optimized to running a regex against a large number of files quickly.
 
-Additionally `secrets` is written in Rust, which means there's no interpreter startup time. To compare real world performance, here's the runtime of a few different scanning tools to search for secrets in the [Sentry repo](https://github.com/getsentry/sentry) on an M1 air laptop:
+Additionally `ripsecrets` is written in Rust, which means there's no interpreter startup time. To compare real world performance, here's the runtime of a few different scanning tools to search for secrets in the [Sentry repo](https://github.com/getsentry/sentry) on an M1 air laptop:
 
 | tool           | avg. runtime | vs. baseline |
 | -------------- | ------------ | ------------ |
@@ -108,7 +108,7 @@ Most of the time your pre-commit will be running on a small number of files, so
 
 ## Alternative tools
 
-Even if `secrets` is not the right tool for you, if you're working on a service that deals with user data you should strongly consider using a secret scanner. Here are some alterative tools worth considering:
+Even if `ripsecrets` is not the right tool for you, if you're working on a service that deals with user data you should strongly consider using a secret scanner. Here are some alterative tools worth considering:
 
 - [detect-secrets](https://github.com/Yelp/detect-secrets)
 - [trufflehog](https://github.com/trufflesecurity/trufflehog)

flake.nix

@@ -12,17 +12,17 @@
       in
         rec {
           # `nix build`
-          packages.secrets = naersk-lib.buildPackage {
-            pname = "secrets";
+          packages.ripsecrets = naersk-lib.buildPackage {
+            pname = "ripsecrets";
             root = ./.;
           };
-          defaultPackage = packages.secrets;
+          defaultPackage = packages.ripsecrets;
 
           # `nix run`
-          apps.secrets = flake-utils.lib.mkApp {
-            drv = packages.secrets;
+          apps.ripsecrets = flake-utils.lib.mkApp {
+            drv = packages.ripsecrets;
           };
-          defaultApp = apps.secrets;
+          defaultApp = apps.ripsecrets;
 
           # `nix develop`
           devShell = pkgs.mkShell {

src/main.rs

@@ -23,9 +23,9 @@ impl std::error::Error for UsageError {}
 impl fmt::Display for UsageError {
     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
         match self {
-            UsageError::PreCommit => write!(f, "Usage: secrets --install-pre-commit"),
-            UsageError::Version => write!(f, "Usage: secrets --version"),
-            UsageError::Help => write!(f, "Usage: secrets --help"),
+            UsageError::PreCommit => write!(f, "Usage: ripsecrets --install-pre-commit"),
+            UsageError::Version => write!(f, "Usage: ripsecrets --version"),
+            UsageError::Help => write!(f, "Usage: ripsecrets --help"),
         }
     }
 }
@@ -42,34 +42,34 @@ fn main_aux(args: &Vec<OsString>) -> Result<usize, Box<dyn Error>> {
         if args.len() > 2 {
             return Err(Box::new(UsageError::Version));
         }
-        println!("secrets {}", env!("CARGO_PKG_VERSION"));
+        println!("ripsecrets {}", env!("CARGO_PKG_VERSION"));
     } else if args.len() > 1 && args[1] == "--help" {
         if args.len() > 2 {
             return Err(Box::new(UsageError::Help));
         }
-        println!("secrets {}
+        println!("ripsecrets {}
 
-secrets searches files and directories recursively for secret API keys.
+ripsecrets searches files and directories recursively for secret API keys.
 It's primarily designed to be used as a pre-commit to prevent committing
 secrets into version control.
 
 USAGE:
-    secrets [--strict-ignore] [PATH ...]
-    secrets --install-pre-commit
-    secrets --help
-    secrets --version
+    ripsecrets [--strict-ignore] [PATH ...]
+    ripsecrets --install-pre-commit
+    ripsecrets --help
+    ripsecrets --version
 
 OPTIONS:
     --install-pre-commit
-        Installs secrets as part of your git pre-commit hook, creating one if
-        one doesn't already exist.
+        Installs ripsecrets as part of your git pre-commit hook, creating one
+        if one doesn't already exist.
 
     --strict-ignore
         If you pass a path as an argument that's ignored by .secretsignore it
         will be scanned by default. --strict-ignore will override this
         behavior and not search the paths passed as arguments that are excluded
-        by the .secretsignore file. This is useful when invoking secrets as a
-        pre-commit.", env!("CARGO_PKG_VERSION"))
+        by the .secretsignore file. This is useful when invoking ripsecrets as
+        a pre-commit.", env!("CARGO_PKG_VERSION"))
     } else {
         let mut strict_ignore = false;
         let mut paths = Vec::new();

src/pre_commit.rs

@@ -25,7 +25,7 @@ impl fmt::Display for PreCommitError {
     }
 }
 
-const PRE_COMMIT: &[u8] = b"secrets --strict-ignore `git diff --cached --name-only --diff-filter=ACM`\n";
+const PRE_COMMIT: &[u8] = b"ripsecrets --strict-ignore `git diff --cached --name-only --diff-filter=ACM`\n";
 
 pub fn install_pre_commit(repo_root: &Path) -> Result<(), Box<dyn Error>> {
     let git_root = Path::new(repo_root).join(".git");
@@ -37,7 +37,7 @@ pub fn install_pre_commit(repo_root: &Path) -> Result<(), Box<dyn Error>> {
 
     let pre_commit_dir = git_root.join("pre-commit.d");
     if pre_commit_dir.exists() {
-        let pre_commit_dir_fname = pre_commit_dir.join("secrets");
+        let pre_commit_dir_fname = pre_commit_dir.join("ripsecrets");
         if pre_commit_dir_fname.exists() {
             return Err(Box::new(PreCommitError::HookAlreadyInstalled));
         }