I am just glad some thought is being put into it. Thanks for the efforts.

I keep thinking about people putting secrets up in github. You can not really get rid of something that is out there, like you said.

But people do make a request to github to remove it. And if no one has put in the effort to copy it and republish it, it is not as "out there" as if it were still on github.

Thinking on old BBS boards on the internet. Most people will use Internet Archive to search for old dead sites. If it is not on there, it is not as "out there" as if it were on the Internet Archive.

I am thinking it is not quite as black as white as it seems. There is some kind of entropy effect.

Thinking on pre-internet newspapers. If you posted something in a fan zine in the 70s, it might have faded from existence due to lost copies, or it might be in some collector's stockpile. It might even be scanned into the Internet Archive. Or not.

No great solutions come to mind. But there does seem to be some "small" value in being able to say, delete this as it was a mistake.

Maybe, also, more education, or a warning about "beware, be extra careful, this is going to be around for all to see for a long time, possibly forever".

> I keep thinking about people putting secrets up in github.

You gave me an idea. For Radicle, we implemented a `git-remote-helper` (Git recognizes `rad://`-URIs and then wakes up the helper to handle the rest). This helper could well look at the blobs being pushed and detect secrets. Then error out and request a retry with `--force` if the user is sure.

To implement something like this, we'd not want to reinvent the wheel, so we'd want to consume some description of patterns that we should look for. And obviously we're not going to ask GitHub or some web server.

So, is there such library? In a format that is simple-ish to implement filtering for but also catches a good amount of secrets?