jesteria
commented
5 years ago @thcrock Now a year later, I can't think of any reason not to open-source this repository; (and, I'm not sure I really had anything in mind at the time, either).
There are perhaps still configuration elements that should be split out, but nothing sensitive, as far as I can tell.
trufflehog turned up mostly false positives -- AWS-affiliated domains and IP addresses, Git commit hashes, example passwords ("PASSWORD") ….
There is an occurrence of an AWS account number, (part of one of those domains) -- I'm not sure that that's so bad, but perhaps we could try to obscure it in history.
And, otherwise, if you guys have any ideas for manually checking the repository, I'm all ears.
cc @rayidghani @nanounanue @jtwalsh0
appy-reviews was initiated as a private repository out of an excess of caution.
It should be open-source; but, we'll want to ensure that it contains nothing sensitive or "secret" (passwords, etc.) – either in its current code (
HEAD) or in any of its history.