DEV Community

Phùng Bá Luân
Phùng Bá Luân

Posted on

1

Why I Built commit-ai: A Story About Git Security and Team Safety

Two Months Ago: A Costly Mistake

Two months ago, my friend made a mistake that many of us could easily make — he accidentally pushed AWS credentials to GitHub in a public repository. Within hours, his AWS account was compromised, leading to unauthorized usage and a significant bill. This incident made me realize we needed better safeguards.


Introducing commit-ai

To prevent such incidents, I created commit-ai, a simple CLI tool designed to be your last line of defense against accidental credential exposure.


What is commit-ai?

commit-ai leverages GPT-4 to:

  1. Scan your changes for sensitive information before committing.
  2. Generate meaningful commit messages.
  3. Provide quick code reviews.

How It Works

When you run commit-ai, it:

  • Analyzes your git diff for changes.
  • Checks for sensitive data like API keys, tokens, and credentials.
  • Blocks commits if anything suspicious is detected.
  • Generates a conventional commit message summarizing your changes.

Why I Need Your Help

I built commit-ai to make development safer for everyone. It’s open source because I want it to grow with real-world use cases and feedback from developers like you.

If You Find It Useful:

  • Try it out.
  • Share your feedback.
  • Consider starring the repository.
  • Share it with your team.
  • Contribute to the source code

What’s Next?

I’m actively working on:

  • Supporting different commit message formats.
  • Adding more security checks.
  • Enhancing code review capabilities.

Installation

Get started by visiting the GitHub repository:

👉 GitHub: commit-ai

Do your career a big favor. Join DEV. (The website you're on right now)

It takes one minute, it's free, and is worth it for your career.

Get started

Community matters

Top comments (0)

Image of AssemblyAI

Automatic Speech Recognition with AssemblyAI

Experience near-human accuracy, low-latency performance, and advanced Speech AI capabilities with AssemblyAI's Speech-to-Text API. Sign up today and get $50 in API credit. No credit card required.

Try the API

👋 Kindness is contagious

Engage with a sea of insights in this enlightening article, highly esteemed within the encouraging DEV Community. Programmers of every skill level are invited to participate and enrich our shared knowledge.

A simple "thank you" can uplift someone's spirits. Express your appreciation in the comments section!

On DEV, sharing knowledge smooths our journey and strengthens our community bonds. Found this useful? A brief thank you to the author can mean a lot.

Okay