Home / getsops / sops
Repository Analysis

getsops/sops

Simple and flexible tool for managing secrets

0.7 Likely human-written View on GitHub
0.7
Adjusted Score
0.7
Raw Score
100%
Time Factor
2026-05-25
Last Push
21,936
Stars
Go
Language
30,232
Lines of Code
125
Files
19
Pattern Hits
2026-05-31
Scan Date

Score History

Severity Breakdown

CRITICAL 0HIGH 0MEDIUM 2LOW 17

Pattern Findings

19 matches across 5 categories. Click a row to expand file-level details.

Over-Commented Block13 hits · 13 pts
SeverityFileLineSnippet
LOWkms/keysource.go61 Role string
LOWshamir/shamir.go101
LOWshamir/shamir.go141func mult(a, b uint8) (out uint8) {
LOWshamir/shamir.go161 bitOfB := b >> i & 1
LOWazkv/keysource.go41// MasterKey is an Azure Key Vault Key used to Encrypt and Decrypt SOPS'
LOWage/keysource.go61
LOWversion/version.go101// RetrieveLatestReleaseVersion fetches the latest release version from GitHub.
LOWversion/version.go141// This function combines the advantages of both retrieval strategies: the resilience
LOWgcpkms/keysource.go21
LOWgcpkms/keysource.go61 ResourceID string
LOWgcpkms/mock_kms_server_test.go1// Copyright 2019 Google LLC
LOWhcvault/keysource.go121// SOPS' data key.
LOWpgp/keysource.go41 // pgpTTL is the duration after which a MasterKey requires rotation.
Slop Phrases2 hits · 4 pts
SeverityFileLineSnippet
MEDIUMversion/version.go143// However, it's worth noting that the API usage can be affected by GitHub's rate limiting.
LOW.github/workflows/release.yml70 # When bumping it, make sure to check out goreleaser's changelog first!
AI Slop Vocabulary1 hit · 2 pts
SeverityFileLineSnippet
MEDIUM.goreleaser.yaml319 The [SLSA provenance](https://slsa.dev/provenance/v0.2) of the binaries, packages, and SBOMs can be found within the
Unused Imports2 hits · 2 pts
SeverityFileLineSnippet
LOWexamples/per_file/main.py2
LOWexamples/all_in_one/main.py2
Fake / Example Data1 hit · 1 pts
SeverityFileLineSnippet
LOWstores/ini/store_test.go38 Value: "John Doe",