I got secrets in my history. Any way to remove them?
I know about the regexes, but I’m guessing they are only to prevent the secrets from being imported.
Have a look at the search command search | Atuin Docs, in particular the --delete switch allows to remove the entries matching your query
3 Likes
thanks @mariosangiorgio!
This will also be possible from the UI in the next release
3 Likes
Thanks everyone, I was able to do:
atuin search | gitleaks detect --pipe -r report.json
cat report.json | jq -r '.[] | " atuin search --delete " + .Secret' | sort -u
shred --remove report.json
and
cat ~/.local/share/zsh/history | gitleaks detect --pipe -r report.json
cat report.json | jq -r '.[] | " sed -i '\''/" + .Secret + "/d'\'' ~/.local/share/zsh/history"' | sort -u
shred --remove report.json
FWIW I had to add --limit 10000000 --filter-mode global to ensure I got everything. But thanks for that - TIL that gitleaks is a thing! ;]
1 Like
If this is something you run into a bunch, Atuin has a few features that may help
- The secrets filter. This is a set of regex, which are used to filter out history to save. By default it has a few API keys formats: Config | Atuin Docs
I’d actually love contributions there! New cases should be very easy to add
- The history filter. This is a configurable list of regex to ignore. Kinda like the above, but you can configure it per-client
2 Likes
detect-secrets is useful too. It found many things that gitleaks didn’t like basic auth passwords.
atuin search --limit 1000000000 --filter-mode global > atuin.txt
detect-secrets scan --all-files atuin.txt > detect-secrets.txt
detect-secrets audit --report detect-secrets.txt > report.json
cat report.json | jq -r '.results.[] | " atuin search --delete " + .secrets'
shred --remove detect-secrets.txt report.json atuin.txt