Yesterday I told myself: "Just 30 minutes. Add gitleaks as a pre-commit hook across all four projects so I never leak a secret again." Six hours later, I had four merged PRs, four updated production CIs, two new memory notes, one deleted workflow file, and a much smaller ego. Here's what the hook actually exposed. 1. OriginBrief was using pnpm. The CI was running npm install . The first project went smoothly until Vercel's preview deploy failed with ERR_PNPM_OUTDATED_LOCKFILE . Turns out my CI had been quietly running the wrong package manager for who knows how long. It worked because the lockfile happened to be compatible — until I added one new dependency. The fix took five commits. The lesson took one minute. 2. StandupFlow's README had merge conflict markers from day 1. <<<<<<< HEAD . Right there at line 1. For 35 days. It got merged on March 28 with the conflict markers still in the file.…