Cicd
Stop Committing Secrets: A Practical Guide to Pre-Commit Secret Detection
How to combine Gitleaks as a fast pre-commit hook with TruffleHog in CI/CD for verified secret scanning, plus strategies for handling false positives
Stop Committing Secrets: A Practical Guide to Pre-Commit Secret Detection
You’ve done it. Or someone on your team has. A .env file slips into a commit, an AWS key ends up in a config file, a GitLab token gets hardcoded in a script “just for testing”. A few minutes later it’s in your git history — forever.
This post covers the current best practice for catching secrets before they ever touch your repository, without drowning your team in false positives.
Mise — Simplify Your Dev Toolchain
How Mise replaces nvm, pyenv, and scattered version managers with a single config file for runtimes, tools, and environment variables
Working across large repositories that mix multiple technologies is common in modern software teams. Keeping everyone aligned on the same tool versions, environment variables, and runtimes has always been a friction point — until I started using Mise (mise-en-place).
It has since replaced several tools on my machine (goodbye nvm, reduced Homebrew usage) and become my go-to for managing development environments, both locally and in CI.
Using Go Modules Hosted in a Private GitLab Repository
Configure Go, GitLab CI job tokens, and .netrc to seamlessly consume private Go modules from internal GitLab repositories
When your Go project depends on an internal library living in a private GitLab repository, a plain go get will fail — GitLab doesn’t know who is asking, and Go doesn’t know the repository is private. Fortunately, a handful of configuration steps sorts everything out, both locally and in CI.