git-secret-hide man page
git-secret-hide — encrypts all added files with the inner keyring.
git secret hide [-c] [-F] [-P] [-v] [-d] [-m]
git-secret-hide creates an encrypted version (typically called filename.txt.secret) of each file added by git-secret-add command. Now anyone enabled via ´git secret tell´ can can decrypt these files. Under the hood, git-secret uses the keyring in .gitsecret/keys and user´s secret keys to decrypt the files.
It is recommended to encrypt (or re-encrypt) all the files in a git-secret repo each time git secret hide is run.
Otherwise the keychain (the one stored in .gitsecret/keys/*.gpg), may have changed since the last time the files were encrypted, and it´s possible to create a state where the users in the output of git secret whoknows may not be able to decrypt the some files in the repo, or may be able decrypt files they´re not supposed to be able to.
In other words, unless you re-encrypt all the files in a repo each time you ´hide´ any, it´s possible to make it so some files can no longer be decrypted by users who should be (and would appear) able to decrypt them, and vice-versa.
If you know what you are doing and wish to encrypt or re-encrypt only a subset of the files even after reading the above paragraphs, you can use the -F option to force git secret hide to skip any hidden files where the unencrypted versions aren´t present.
Also, it is possible to modify the names of the encrypted files by setting SECRETS_EXTENSION variable.
(See git-secret(7) http://git-secret.io/git-secret for information about renaming the .gitsecret folder using the SECRETS_DIR environment variable.
-v - verbose, shows extra information. -c - deletes encrypted files before creating new ones. -F - forces hide to continue if a file to encrypt is missing. -P - preserve permissions of unencrypted file in encrypted file. -d - deletes unencrypted files after encryption. -m - encrypt files only when modified. -h - shows help.
You can also enable verbosity using the SECRETS_VERBOSE environment variable, as documented at git-secret(7) http://git-secret.io/
Run man git-secret-hide to see this note.
git-secret-init(1) http://git-secret.io/git-secret-init, git-secret-tell(1) http://git-secret.io/git-secret-tell, git-secret-add(1) http://git-secret.io/git-secret-add, git-secret-reveal(1) http://git-secret.io/git-secret-reveal,
git-secret-add(1), git-secret-cat(1), git-secret-changes(1), git-secret-list(1), git-secret-reveal(1), git-secret-tell(1), git-secret-usage(1), git-secret-whoknows(1).