skip to navigation
skip to content

lucido 0.1

An automatic sensitive data scrubber and restorer.

Latest Version: 0.3


Ever wanted to release a project to the open source community, if only it weren’t for the hassle of having to strip out sensitive data like API keys every time you commit?

Or maybe you’ve had to rewrite your version control history because you accidentally committed something that the rest of the world wasn’t supposed to see?

lucido (pronounced loo-CHEE-dough) is a simple script designed to make these problems a thing of the past. On its own, it can strip and restore sensitive data with ease. Within a git repository, lucido prevents you from committing your sensitive data, and automatically restores it for you after any merges.


From the command line:

pip install lucido

If lucido is already installed, you can upgrade to the latest version with:

pip install --upgrade lucido

Getting Started

You’ll want to create a file named luci.yml. (If you’re doing this within a git repository, make sure luci.yml is at the root of the repository.) It should contain, at the very least, a sensitive key, which will take a list of values that should be scrubbed by lucido. It can also contain an exclude key, which can take a list of directories which should not be scrubbed.

Here’s an example:

- .git
- qqhPKzffeZu0
- ALpeJmcMs7TG
- z-1JWjRdbXzN
- 3r_h1q_1TEs3


If you plan to use lucido within a git repository, you’ll only need to run the following:

luci -i

This will create git hooks for you so that scrubbing/restoring is done automatically. (Technically, scrubbing is not automatic, as pre-commit hooks should not change the content of the files that are to be committed. But if sensitive data is found, the commit will fail and you’ll be given a helpful message about how to scrub the data.)

If you’re not using lucido within a git repository, you’ll want to run these commands:

# check for sensitive data
luci -c
# if present, scrub the sensitive data
luci -s
# at a later time, restore the sensitive data
luci -r


-c, --check: Checks for sensitive data in the current working directory.
-i, --init: Creates git hooks and adds luci.yml to .gitignore if run within a git repository.
-s, --scrub: Scrubs sensitive data in the current working directory.
-r, --restore: Restores sensitive data in the current working directory.

Git Hooks

When initialized in a git repository, lucido adds the following git hooks:

  • pre-commit: Before committing, lucido will check the repository for sensitive data. If sensitive data is present, the commit will not be created.
  • post-commit, post-merge: After committing or merging in new changes, lucido will restore the sensitive data in your repository so that your code will work as expected.

Version Information

Current stable release is v0.1, last updated on October 23, 2012.


Feel free to file any issues on the project’s bug tracker.

Or, if you’re in a more philanthropic mood, consider leaving a Gittip.



  • Initial release
File Type Py Version Uploaded on Size
lucido-0.1.tar.gz (md5) Source 2012-10-23 6KB