Automic VaultAutomic Vault

brew

Install git-hound with Homebrew, Nix

Git plugin that prevents sensitive data from being committed. Version 1.0.0 via Homebrew; verified from local package data.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install git-hound

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#git-hound

nixpkgs package indexes · pkgs/by-name/gi/git-hound/package.nix · source: api.github.com

overview

Package summary

Git plugin that prevents sensitive data from being committed

Commands and aliases

  • git-hound

history

Project history and usage

git-hound is a Git plugin for preventing sensitive data from entering commits. It checks staged diffs against user-provided PCRE regular expressions before commit operations proceed.

Project history

The repository was created in November 2015 as a Go command-line plugin. Its README presents Hound as a small Git extension with precompiled release binaries, Go installation, and Homebrew installation paths.

Adoption history

git-hound fits the mid-2010s rise of local secret-scanning tools, when teams began adding pre-commit checks for passwords, database settings, tokens, and machine-specific paths. Its adoption stayed niche compared with larger scanners, but the repository attracted several hundred stars and was packaged for Homebrew and Nix.

How it is used

Practitioners run `git hound commit` to sniff staged changes before invoking `git commit`, or `git hound sniff` to scan a commit, a manual diff, a whole codebase, or repository history. The `.githound.yml` file separates warning patterns, failure patterns, and skipped filenames.

Why package nerds care

The package is interesting because it exposes Git's plugin naming convention: installing `git-hound` makes `git hound` available. It is also a compact example of pre-commit security tooling before secret scanning became a standard hosted-platform feature.

Timeline

  • 2015: GitHub repository created for the Go implementation.
  • 2016: Several 0.5.x releases publish packaged binaries.
  • 2017: 0.6.x releases continue the pre-1.0 line.
  • 2020: 1.0.0 release published.

Related projects

  • git-hound is related to Git hooks, pre-commit frameworks, and secret scanners such as git-secrets and truffleHog, all of which try to catch sensitive strings before or after they enter Git history.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 13 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
.githound.yml

executables

Installed executables

CommandKindExposureNote
git-houndcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.0.0
manager updated
local dataok
upstreamcurrent
latest detected1.0.0

https://github.com/ezekg/git-hound

  • infoNo package-manager update timestamp was available.low confidence

install metadata

Package metadata

Package keybrew:git-hound
Version1.0.0
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/git-hound
Homepagehttps://github.com/ezekg/git-hound
Repositoryhttps://github.com/ezekg/git-hound
Upstream docshttps://github.com/ezekg/git-hound#readme
LicenseMIT
Source archivehttps://github.com/ezekg/git-hound/archive/refs/tags/1.0.0.tar.gz
Build dependenciesgo
Bottleavailable (on arm64_big_sur, arm64_linux, arm64_monterey, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, big_sur, catalina, monterey, sonoma, ventura, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namegit-hound
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

git-hound

nix profile install nixpkgs#git-hound
  • normalized package name match
  • Matched by: Git Hound
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/gi/git-hound/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment