{"id":37036083,"url":"https://github.com/rlaf99/git-taut","last_synced_at":"2026-01-14T04:17:04.176Z","repository":{"id":319295648,"uuid":"982654946","full_name":"rlaf99/git-taut","owner":"rlaf99","description":"Transparent git content encryption through remote helper","archived":false,"fork":false,"pushed_at":"2025-12-19T09:44:25.000Z","size":1103,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-12-22T03:30:27.038Z","etag":null,"topics":["aes-encryption","encryption","git","git-remote-helper","git-taut"],"latest_commit_sha":null,"homepage":"https://rlaf99.github.io/git-taut/","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rlaf99.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-05-13T08:02:55.000Z","updated_at":"2025-12-19T09:44:30.000Z","dependencies_parsed_at":null,"dependency_job_id":"2c18adac-ef43-4c1c-8191-9714463c69a5","html_url":"https://github.com/rlaf99/git-taut","commit_stats":null,"previous_names":["rlaf99/git-taut"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/rlaf99/git-taut","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rlaf99%2Fgit-taut","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rlaf99%2Fgit-taut/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rlaf99%2Fgit-taut/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rlaf99%2Fgit-taut/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rlaf99","download_url":"https://codeload.github.com/rlaf99/git-taut/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rlaf99%2Fgit-taut/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28409292,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aes-encryption","encryption","git","git-remote-helper","git-taut"],"created_at":"2026-01-14T04:17:03.448Z","updated_at":"2026-01-14T04:17:04.167Z","avatar_url":"https://github.com/rlaf99.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"[中文](./README.zh-cn.md)\n\n## git-taut (preview)\n\n[git-taut] encrypts content in a Git repository through [Git Remote Helper](gitremote-helpers). \nThe main scenario in mind when designing it is to enable storing confidential information in Git without revealing the content if you push it to remote.\n\nUnder the hood, **git-taut** mirrors the commit history of the original repository into a shadow repository called a **taut site** which resides in the original repository. \nIn a taut site, files as well as their names are encrypted as specified (through `.gitattributes`). \nYou push **taut sites** to remote and keep the original repository local to yourself.\nThe remote repository contains encrypted content and is called **tautened repository**.\n\nAn example **tautened repository** is available at [git-taut-example-tautened], whereas the corresponding original repository is at [git-taut-example-original].\n\nThe function of **git-taut** is provided to Git through a [Git Remote Helper](gitremote-helpers), thus most of the operations are transparent to Git.\n\nThe encryption uses [the cipher scheme](./docs/CipherScheme.md). \nAdditionally, [delta-encoding](./docs/DeltaEnconding.md) and [content-compression](./docs/ContentCompression.md) are exploited.\n\n## How to use\n\n**git-taut** comes with two command line executables: `git-taut` and `git-remote-taut`, \nthe former for managing **taut sites**, whereas the latter for working with Git as a remote helper.\n\n### Cloning from a tautened repository\n\nSuppose you have an already tautened repository,\nto regain the original repository out of it, \nall you have to do is clone it with its url prefixed with `taut::`:\n\n```\ngit clone taut::url/to/tautened regained\n```\n\nGit then automatically invokes `git-remote-taut` to handle the underlying details.\n\n\u003e If you want to start a new repository, just clone from an empty **tautened repository**.\n\n### Adding a tautened repository\n\nIt is also possible to use `git-taut` to add a **tautened repository** to a local repository:\n\n```\ngit taut add name url/to/tautened\n```\n\nThe above adds a new **taut site** for the local repository corresponding to remote whose name is `name` and url is `taut::url/to/tautened`.\n\n\u003e You can add an empty **tautened repository** as **taut site**, then populate it by pushing the local Git content to it.\n\n### Setting username and password\n\nSetting up a **taut site** requires you to provide username (optional) and password.\nThe username is optional, and used as salt when generating encryption keys.\n\n`git-taut` utilizes Git credential helper for retrieving them.\nThe prompt will show the location of the *taut site* as URL.\n\n### Deciding what files to encrypt\n\n`git-taut` relies on [gitattributes] to tell what should be encrypted.\nDirectories and files with `taut` attribute set will be encrypted by `git-taut`.\n\n`git-check-attr` can be used to check whehter `taut` attribute is set for a path:\n\n```\ngit check-attr some/path\n```\n\nIf `taut` attribute is set, then the output shows\n\n```\n\"some/path\": taut: set\n```\n\n#### Example 1: Encrypting files with extension `.a_file`\n\nIf a `.gitattribute` contains the following setting, \nthen files with extension `.a_file` in this directory as well as sub-directories will be encrypted.\n\n```\n*.a_file taut\n```\n\nThe above set `taut` attribute on all files with extension `.a_file`.\n\n#### Example 2: Ecrypting files under directory `a_dir`\n\nTo encrypt all files under folder `a_dir`, ensure corresponding `.gitattribute` has the following setting\n\n```\na_dir/** taut\n```\n\nThe above sets `taut` attribute on all content under `a_dir`. However, it does not cause the name of `a_dir` to be encrypted. \nUse the following setting To achieve it\n\n```\na_dir taut\n```\n\nThe above set `taut` attribute on `a_dir` itself.\n\n\n## How to install\n\n**git-taut** is available on the following platforms\n\n- Windows x64\n- Linux x64\n- macOS arm64\n\nCurrently, only development preview is available, see the [Development setup](#development-setup) section below.\n\n## Development setup\n\n### Build and install **git-taut** executables locally\n\nClone the source, and run `dotnet pack` in the root directory.\nThe NuGet packages for `git-taut` and `git-remote-taut` are produced at `nupkg` directory.\nThey can be installed through `dotnet-cli`:\n\n```\ndotnet tool install --global --source nupkg --prerelease git-taut\ndotnet tool install --global --source nupkg --prerelease git-remote-taut\n```\n\n### Development version of `Lg2.native` NuGet package\n\n`Lg2.native` provides [libgit2] binaries for .NET and published at \u003chttps://www.nuget.org/packages/Lg2.native\u003e.\nHowever, development version of `Lg2.native` can be published at \u003chttps://github.com/rlaf99/libgit2/pkgs/nuget/Lg2.native\u003e.\n\nFor development version, the nuget resitry has to be added before installing `Lg2.native`\n\n```\ndotnet nuget add source --username [GitHubUsername] --password [GitHubAccessToken] --store-password-in-clear-text --name github_rlaf99 https://nuget.pkg.github.com/rlaf99/index.json\n```\n\nIt should be sufficient for the `[GitHubAccessToken]` to only have package read permission.\n\n[gitattributes]: https://git-scm.com/docs/gitattributes\n[gitremote-helpers]: https://git-scm.com/docs/gitremote-helpers\n[libgit2]: https://github.com/rlaf99/libgit2/\n[git-taut]: https://github.com/rlaf99/git-taut\n[git-taut-example-tautened]: https://github.com/rlaf99/git-taut-example-tautened\n[git-taut-example-original]: https://github.com/rlaf99/git-taut-example-original","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frlaf99%2Fgit-taut","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frlaf99%2Fgit-taut","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frlaf99%2Fgit-taut/lists"}