Why Your API Keys Are Leaking in Git Repos episode artwork

EPISODE · May 25, 2026 · 10 MIN

Why Your API Keys Are Leaking in Git Repos

from The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers · host Fexingo

Episode 11 of The Developer Tools Podcast. Lucas and Luna dig into a persistent security problem: API keys and secrets accidentally committed to public and private Git repositories. They unpack a real 2024-2025 GitHub data leak study, explain how automated scanners find exposed credentials within minutes, and compare secret-scanning tools like GitGuardian, TruffleHog, and GitHub's built-in push protection. The hosts walk through why developers still leak secrets despite awareness campaigns, the role of pre-commit hooks and environment variables, and what a practical remediation workflow looks like. No panic, no FUD — just a grounded conversation about a boring, expensive vulnerability that every engineering team should have a plan for. If you build software or manage developers, this episode gives you one concrete thing to check on Monday morning. #API #Security #Git #SecretsManagement #DevTools #GitGuardian #TruffleHog #PreCommitHooks #DevSecOps #DataBreach #Automation #SoftwareEngineering #Infrastructure #BusinessAndTechnology #FexingoBusiness #BusinessPodcast #DeveloperTools #CyberSecurity Keep every episode free: buymeacoffee.com/fexingo

Episode 11 of The Developer Tools Podcast. Lucas and Luna dig into a persistent security problem: API keys and secrets accidentally committed to public and private Git repositories. They unpack a real 2024-2025 GitHub data leak study, explain how automated scanners find exposed credentials within minutes, and compare secret-scanning tools like GitGuardian, TruffleHog, and GitHub's built-in push protection. The hosts walk through why developers still leak secrets despite awareness campaigns, the role of pre-commit hooks and environment variables, and what a practical remediation workflow looks like. No panic, no FUD — just a grounded conversation about a boring, expensive vulnerability that every engineering team should have a plan for. If you build software or manage developers, this episode gives you one concrete thing to check on Monday morning. #API #Security #Git #SecretsManagement #DevTools #GitGuardian #TruffleHog #PreCommitHooks #DevSecOps #DataBreach #Automation #SoftwareEngineering #Infrastructure #BusinessAndTechnology #FexingoBusiness #BusinessPodcast #DeveloperTools #CyberSecurity Keep every episode free: buymeacoffee.com/fexingo

NOW PLAYING

Why Your API Keys Are Leaking in Git Repos

0:00 10:19

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers?

This episode is 10 minutes long.

When was this The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers episode published?

This episode was published on May 25, 2026.

What is this episode about?

Episode 11 of The Developer Tools Podcast. Lucas and Luna dig into a persistent security problem: API keys and secrets accidentally committed to public and private Git repositories. They unpack a real 2024-2025 GitHub data leak study, explain how...

Can I download this The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!