Yelp's detect-secrets is described as 'detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base' and is an app in the Development category. There are eight alternatives to Yelp's detect-secrets for Mac, Windows, Linux, Self-Hosted solutions and SaaS. The best alternative is truffleHog, which is both free and Open Source. Other great apps like Yelp's detect-secrets are Repo-supervisor (Free, Open Source), repo-security-scanner (Free, Open Source), Gitrob (Free, Open Source) and AWS Lab's git-secrets (Free, Open Source).
It happens sometimes that you can commit secrets or passwords to your repository by accident. The recommended best practice is not commit the secrets, that's obvious. But not always that obvious when you have a big merge waiting to be reviewed.
GitGuardian is a cybersecurity startup solving the issue of secrets sprawling through source code, a widespread problem that leads to some credentials ending up in compromised places or even in the public space.