// tag

#security

1 post
01
Security

Sopsy: Secrets in Git, Sealed by the Secure Enclave

A small Rust CLI that lets your team commit encrypted secrets straight into git, with the private key locked inside your Mac's Secure Enclave and released only by your fingerprint. Here's what it does, the excellent little bugs I stepped on getting there, and why I think it is a genuinely nice way to run secrets on a team.

2026.06.27