@arunjayaraj/secret-scanner-cli v1.0.0

Secret Scanner

A powerful tool to scan your codebase for potential secrets and sensitive information. It helps prevent accidental commits of sensitive data by detecting various types of secrets including:

• API Keys
• Passwords
• Database URLs
• JWT Tokens
• AWS Access Keys
• Stripe API Keys
• GitHub Tokens
• SSH Private Keys
• And more...

Installation

npm install -g secret-scanner

Usage

Scan Current Directory

npm scan

Scan Specific Directory

npm scan /path/to/directory

Use as a Pre-commit Hook

Add to your package.json:

{
  "scripts": {
    "precommit": "npm scan"
  }
}

Then install husky:

npm install husky --save-dev
npx husky install
npx husky add .husky/pre-commit "npm run precommit"

Features

• Fast parallel scanning using worker threads
• Detects multiple types of secrets
• Shows exact line numbers where secrets are found
• Configurable ignore paths
• Git integration
• Colored output for better readability

Detected Secret Types

• API Keys: Generic API keys and tokens
• Passwords: Password fields in code or config files
• Database URLs: Connection strings for various databases
• JWT Tokens: JSON Web Tokens
• AWS Access Keys: AWS access key IDs and secret access keys
• Stripe API Keys: Both test and live keys
• GitHub Tokens: Personal access tokens
• SSH Private Keys: RSA, DSA, EC, and OpenSSH keys
• Basic Auth: URLs with embedded credentials
• OAuth Tokens: Various OAuth token formats
• Generic Secrets: Other potential secret patterns

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

MIT