GitHub - Clean sensitive logs before you share them

by
ShareClean is a local-first Python CLI that cleans logs, stack traces, curl output, config snippets, URLs, and headers before you paste them into GitHub issues, tickets, Slack, or AI chats. It redacts passwords, API keys, tokens, cookies, connection-string credentials, emails, private IPs, and local paths while preserving debugging context. Unlike repository secret scanners, ShareClean protects text before it leaves your machine. No account, API key, telemetry, or network connection required.

Add a comment

Replies

Best
Maker
📌
Hi,I built ShareClean after noticing how often debugging output gets shared before anyone checks it for secrets. A common example is a database URL like this: DATABASE_URL=postgresql://app_user::5432/orders Deleting the full line removes useful debugging context. ShareClean instead produces: DATABASE_URL=postgresql://app_user:[REDACTED].internal:5432/orders The host, port, database name, and surrounding error remain available for troubleshooting while the password is removed. It works on logs, terminal output, stack traces, curl output, config snippets, URLs, and headers. It can also be used through shell pipelines: cat app.log | shareclean --report This is not meant to replace GitHub Secret Scanning, Gitleaks, or TruffleHog. Those scan repositories and history. ShareClean is for the earlier moment: the text you are about to paste somewhere else. Everything runs locally. No account, API key, telemetry, or network calls. I would love practical feedback on fake examples where ShareClean either misses a risky value or redacts too much useful debugging context.