On Wed, Feb 15, 2017 at 10:36:32PM +0800, ryenus wrote: > This can be an optional feature, once enabled, git-add would check the > hunk(s) to stage for sensitive information, such as passwords, secret > tokens, then ask the user for confirmation. > > The implementation for secret detection could be regexp pattern(s), > and/or (trusted?) commands > > Alternative solutions might be hooks during commit, push or recieve, > but it should be the best to do this in the first place during git-add. There are already hooks for commit and receive to catch things locally and at publishing time, respectively. It's possible that an "add" hook could be more useful, but I'd be a lot more convinced if people were actively doing secret-detection in their commit hooks and had some specific complaint that could be addressed by having an "add" hook. -Peff