Exposed secrets on GitHub and PyPI are more prevalent than you think. GitGuardian's latest report reveals shocking numbers. Dive into the details here

SparkoSol

Usman Liaqat

Data Privacy

Community Picks is a section on daily.dev where our community members share the most interesting and valuable content they've discovered online. From insightful articles to handy tools, every post is a gem curated by our dedicated coomunity. To contribute to Community Picks, you need to have at least 250 reputation points, ensuring that only active and trusted members can share their finds.

Community Picks

GitGuardian's 2024 report highlights the presence of exposed secrets in PyPI, the Python Package Index. Open-source packages hosted in PyPI play a significant role in production today, helping developers avoid reinventing the wheel. GitGuardian has identified common secrets like OpenAI API keys, Google API keys, and Google Cloud keys. It is crucial to avoid storing secrets in plain text in source code and to revoke leaked secrets to prevent unauthorized access. Implementing automations for secrets management is recommended.

Python's PyPI Reveals Its Secrets