Show HN: Keychase – A zero-config, offline Python secret scanner (opens in new tab)

(github.com)

1 pointsIflal12d ago3 comments

3 comments

Scanning deep git history sounds useful. Have you run into performance issues on larger repos? That’s usually where these tools start to struggle.

IflalOP12d ago

You hit the nail on the head; that is absolutely the biggest bottleneck.

Right now, I am using Python's multiprocessing to parallelize the commit traversal, and the scanner actively ignores standard binary and media file extensions to keep memory overhead in check. On mid-sized repositories, it holds up nicely. However, on massive monorepos with years of heavy history, it will definitely lag behind compiled Go tools.

To mitigate this for daily workflows, I added a --depth flag so developers can limit the scan to the last N commits (e.g., just checking their current feature branch history before pushing). Profiling and optimizing the traversal tree for massive repos is my next major architectural focus.

j / k navigate · click thread line to collapse

3 comments

chloeeekim12d ago

Scanning deep git history sounds useful. Have you run into performance issues on larger repos? That’s usually where these tools start to struggle.

IflalOP12d ago

You hit the nail on the head; that is absolutely the biggest bottleneck.

j / k navigate · click thread line to collapse