This project serves two purposes:
- A functional WMATA train tracking application
- A demonstration project for secret scanning and secure development practices
This repository demonstrates:
- Pre-commit hook implementation for secret detection
- CI/CD pipeline with security checks
- Common patterns of leaked secrets
- Best practices for secret management
- Tracks WMATA train positions
- Filters for yellow line trains to Huntington Station
- Provides both CLI and web interface
- Python 3.x
- pip (Python package manager)
- git
- Clone the repository:
git clone https://github.com/lemosdsec/wmata-trains
cd wmata-trains- Create and activate virtual environment:
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate- Install dependencies:
pip install -r requirements.txt- Install pre-commit hooks:
pip install pre-commit
pre-commit installThis project includes pre-commit hooks that:
- Scan for potential secrets using TruffleHog
- Check code style with Flake8
- Enforce file formatting standards
To manually run security checks:
pre-commit run --all-filesThe GitHub Actions pipeline includes:
- Automated secret scanning
- Dependency security checks
- Code quality verification
python simple.pypython trains.pyAccess the web interface at: http://localhost:5000
- Try committing a file with a fake AWS key:
# test_secrets.py
AWS_KEY = 'AKIA1234567890ABCDEF'- Observe how pre-commit hooks prevent the commit
- AWS Access Keys
- API Keys
- Private Keys
- Authentication Tokens
- Database Credentials
This is a demonstration project for educational purposes:
- Some secrets may be intentionally placed for demonstration
- Do NOT use any credentials found in this repository
- In real projects, always use secure secret management solutions
- Fork the repository
- Install pre-commit hooks
- Make your changes
- Ensure all security checks pass
- Submit a pull request
[Your License Here]