Automic VaultAutomic Vault

brew

Install squealer with Homebrew

Scans Git repositories or filesystems for secrets in commit histories. Version 1.2.12 via Homebrew; verified from local package data.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install squealer

local Homebrew formula metadata

overview

Package summary

Scans Git repositories or filesystems for secrets in commit histories

Commands and aliases

  • squealer

history

Project history and usage

Squealer is a Go command-line secret scanner for Git repositories and filesystems, aimed at finding leaked credentials in current files and commit history.

Project history

The GitHub repository was created in 2021. The official README presents Squealer as a local or CI-oriented scanner with built-in regular-expression checks for common credential types and support for custom rule configuration.

Adoption history

The README documents installation by shell script, Docker images for multiple CPU architectures, use as a Go library, and releases distributed from GitHub. The input facts identify a Homebrew formula, putting it in the package-manager lane alongside other lightweight security CLIs.

How it is used

Squealer can scan a remote Git repository, a local repository, or a plain directory with --no-git. It can output default, JSON, or SARIF-like formats, redact findings, scan all commits, and accept a user-supplied config file with rules, ignored paths, ignored extensions, and exceptions.

Why package nerds care

Package nerds care because Squealer is the kind of small security binary that can be dropped into local hooks, CI jobs, and package-manager installs without adopting a larger platform.

Timeline

  • 2021: GitHub repository created.
  • 2024: v1.2.x releases were published.
  • 2025: v1.2.12 release published.

Related projects

  • git-secrets, trufflehog, gitleaks, GitHub secret scanning, CI security checks.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
squealercliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.2.12
manager updated
local dataok
upstreamcurrent
latest detectedv1.2.12

https://github.com/owenrumney/squealer

  • infoNo package-manager update timestamp was available.low confidence

install metadata

Package metadata

Package keybrew:squealer
Version1.2.12
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/squealer
Homepagehttps://github.com/owenrumney/squealer
Repositoryhttps://github.com/owenrumney/squealer
Upstream docshttps://github.com/owenrumney/squealer#readme
LicenseApache-2.0
Source archivehttps://github.com/owenrumney/squealer/archive/refs/tags/v1.2.12.tar.gz
Build dependenciesgo
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namesquealer
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • package relationship graph
  • package version freshness
  • package-page enrichment