DEV Community

Phùng Bá Luân
Phùng Bá Luân

Posted on

1

Why I Built commit-ai: A Story About Git Security and Team Safety

Two Months Ago: A Costly Mistake

Two months ago, my friend made a mistake that many of us could easily make — he accidentally pushed AWS credentials to GitHub in a public repository. Within hours, his AWS account was compromised, leading to unauthorized usage and a significant bill. This incident made me realize we needed better safeguards.


Introducing commit-ai

To prevent such incidents, I created commit-ai, a simple CLI tool designed to be your last line of defense against accidental credential exposure.


What is commit-ai?

commit-ai leverages GPT-4 to:

  1. Scan your changes for sensitive information before committing.
  2. Generate meaningful commit messages.
  3. Provide quick code reviews.

How It Works

When you run commit-ai, it:

  • Analyzes your git diff for changes.
  • Checks for sensitive data like API keys, tokens, and credentials.
  • Blocks commits if anything suspicious is detected.
  • Generates a conventional commit message summarizing your changes.

Why I Need Your Help

I built commit-ai to make development safer for everyone. It’s open source because I want it to grow with real-world use cases and feedback from developers like you.

If You Find It Useful:

  • Try it out.
  • Share your feedback.
  • Consider starring the repository.
  • Share it with your team.
  • Contribute to the source code

What’s Next?

I’m actively working on:

  • Supporting different commit message formats.
  • Adding more security checks.
  • Enhancing code review capabilities.

Installation

Get started by visiting the GitHub repository:

👉 GitHub: commit-ai

Image of Datadog

How to Diagram Your Cloud Architecture

Cloud architecture diagrams provide critical visibility into the resources in your environment and how they’re connected. In our latest eBook, AWS Solution Architects Jason Mimick and James Wenzel walk through best practices on how to build effective and professional diagrams.

Download the Free eBook

Top comments (0)

Image of Timescale

Timescale – the developer's data platform for modern apps, built on PostgreSQL

Timescale Cloud is PostgreSQL optimized for speed, scale, and performance. Over 3 million IoT, AI, crypto, and dev tool apps are powered by Timescale. Try it free today! No credit card required.

Try free

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay