{"id":51026916,"url":"https://github.com/gitstq/envguard","last_synced_at":"2026-06-21T20:02:31.954Z","repository":{"id":351924413,"uuid":"1212812676","full_name":"gitstq/envguard","owner":"gitstq","description":"Environment Variable Security Auditor - Detect sensitive info leaks in .env files with 52 built-in rules","archived":false,"fork":false,"pushed_at":"2026-04-17T03:18:57.000Z","size":65,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-17T05:22:04.841Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gitstq.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-16T18:57:21.000Z","updated_at":"2026-04-17T03:18:13.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/gitstq/envguard","commit_stats":null,"previous_names":["gitstq/envguard"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/gitstq/envguard","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gitstq%2Fenvguard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gitstq%2Fenvguard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gitstq%2Fenvguard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gitstq%2Fenvguard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gitstq","download_url":"https://codeload.github.com/gitstq/envguard/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gitstq%2Fenvguard/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34623906,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-21T02:00:05.568Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-06-21T20:02:31.858Z","updated_at":"2026-06-21T20:02:31.947Z","avatar_url":"https://github.com/gitstq.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# EnvGuard 🔒\n\n\u003cdiv align=\"center\"\u003e\n\n**Environment Variable Security Auditor**\n\n*A zero-dependency CLI tool to detect sensitive information leaks in .env files*\n\n[![Python](https://img.shields.io/badge/Python-3.8%2B-blue?logo=python\u0026logoColor=white)](https://www.python.org/)\n[![License](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)\n[![GitHub](https://img.shields.io/badge/GitHub-gitstq%2Fenvguard-blue?logo=github)](https://github.com/gitstq/envguard)\n\n[English](#english) | [简体中文](#简体中文) | [繁體中文](#繁體中文)\n\n\u003c/div\u003e\n\n---\n\n\u003ca name=\"english\"\u003e\u003c/a\u003e\n\n## 🇺🇸 English\n\n### 🎉 Introduction\n\n**EnvGuard** is a powerful, zero-dependency CLI tool that scans your `.env` files for sensitive information leaks. With **52 built-in security rules**, it detects API keys, tokens, passwords, and other secrets before they reach your repository.\n\n**Inspired by**: The common security mistake of committing `.env` files with real credentials. EnvGuard helps developers catch these issues early in the development cycle.\n\n### ✨ Key Features\n\n- 🔐 **52 Built-in Security Rules** - AWS, GitHub, Stripe, OpenAI, JWT, and more\n- 🚀 **Zero Dependencies** - Pure Python standard library, no pip install required\n- 📊 **Multiple Output Formats** - Terminal, JSON, Markdown, SARIF (GitHub Security)\n- 🔍 **Smart Pattern Detection** - Both key names and value patterns\n- ⚡ **Fast \u0026 Lightweight** - Scans hundreds of files in seconds\n- 🤖 **CI/CD Ready** - Exit codes and SARIF support for automation\n\n### 🚀 Quick Start\n\n```bash\n# Install\npip install envguard\n\n# Scan current directory\nenvguard scan\n\n# Scan specific file\nenvguard scan .env\n\n# Output as JSON\nenvguard scan -f json\n\n# Save report\nenvguard scan -o report.md -f markdown\n```\n\n### 📖 Usage\n\n#### Scan Command\n\n```bash\n# Basic scan\nenvguard scan\n\n# Scan specific directory\nenvguard scan ./myproject\n\n# Filter by severity\nenvguard scan --severity high\n\n# Multiple formats\nenvguard scan -f json      # JSON output\nenvguard scan -f markdown  # Markdown report\nenvguard scan -f sarif     # GitHub Security format\n```\n\n#### Other Commands\n\n```bash\n# List all security rules\nenvguard rules\n\n# Find all .env files\nenvguard find\n```\n\n### 💡 Design Philosophy\n\nEnvGuard follows the **security-first** principle:\n- **Zero trust** - Every `.env` variable is a potential risk\n- **False positives over false negatives** - Better to warn than to miss\n- **Developer-friendly** - Clear suggestions for every finding\n\n### 📦 Installation\n\n```bash\n# From PyPI\npip install envguard\n\n# From source\ngit clone https://github.com/gitstq/envguard.git\ncd envguard\npip install -e .\n```\n\n### 🤝 Contributing\n\nContributions are welcome! Please feel free to submit a Pull Request.\n\n1. Fork the repository\n2. Create your feature branch (`git checkout -b feature/AmazingFeature`)\n3. Commit your changes (`git commit -m 'feat: Add some AmazingFeature'`)\n4. Push to the branch (`git push origin feature/AmazingFeature`)\n5. Open a Pull Request\n\n### 📄 License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n---\n\n\u003ca name=\"简体中文\"\u003e\u003c/a\u003e\n\n## 🇨🇳 简体中文\n\n### 🎉 项目介绍\n\n**EnvGuard** 是一款强大的零依赖CLI工具，用于扫描 `.env` 文件中的敏感信息泄露。内置 **52条安全规则**，在敏感数据进入仓库前检测API密钥、令牌、密码等机密信息。\n\n**灵感来源**: 开发者常犯的安全错误——将包含真实凭据的 `.env` 文件提交到仓库。EnvGuard帮助开发者在开发周期早期发现这些问题。\n\n### ✨ 核心特性\n\n- 🔐 **52条内置安全规则** - 覆盖AWS、GitHub、Stripe、OpenAI、JWT等\n- 🚀 **零依赖** - 纯Python标准库，无需pip安装额外依赖\n- 📊 **多种输出格式** - 终端、JSON、Markdown、SARIF（GitHub安全）\n- 🔍 **智能模式检测** - 同时检测键名和值模式\n- ⚡ **快速轻量** - 秒级扫描数百个文件\n- 🤖 **CI/CD就绪** - 支持退出码和SARIF格式自动化\n\n### 🚀 快速开始\n\n```bash\n# 安装\npip install envguard\n\n# 扫描当前目录\nenvguard scan\n\n# 扫描指定文件\nenvguard scan .env\n\n# JSON格式输出\nenvguard scan -f json\n\n# 保存报告\nenvguard scan -o report.md -f markdown\n```\n\n### 📖 详细使用\n\n#### 扫描命令\n\n```bash\n# 基础扫描\nenvguard scan\n\n# 扫描指定目录\nenvguard scan ./myproject\n\n# 按严重程度过滤\nenvguard scan --severity high\n\n# 多种格式\nenvguard scan -f json      # JSON输出\nenvguard scan -f markdown  # Markdown报告\nenvguard scan -f sarif     # GitHub安全格式\n```\n\n#### 其他命令\n\n```bash\n# 列出所有安全规则\nenvguard rules\n\n# 查找所有.env文件\nenvguard find\n```\n\n### 💡 设计思路\n\nEnvGuard遵循**安全优先**原则:\n- **零信任** - 每个 `.env` 变量都是潜在风险\n- **宁可误报不可漏报** - 警告总比遗漏好\n- **开发者友好** - 每个发现都有清晰建议\n\n### 📦 安装方式\n\n```bash\n# 从PyPI安装\npip install envguard\n\n# 从源码安装\ngit clone https://github.com/gitstq/envguard.git\ncd envguard\npip install -e .\n```\n\n### 🤝 贡献指南\n\n欢迎贡献代码！\n\n1. Fork本仓库\n2. 创建特性分支 (`git checkout -b feature/AmazingFeature`)\n3. 提交更改 (`git commit -m 'feat: 添加某个很棒的特性'`)\n4. 推送到分支 (`git push origin feature/AmazingFeature`)\n5. 提交Pull Request\n\n### 📄 开源协议\n\n本项目采用MIT协议 - 详见 [LICENSE](LICENSE) 文件。\n\n---\n\n\u003ca name=\"繁體中文\"\u003e\u003c/a\u003e\n\n## 🇹🇼 繁體中文\n\n### 🎉 專案介紹\n\n**EnvGuard** 是一款強大的零依賴CLI工具，用於掃描 `.env` 檔案中的敏感資訊外洩。內建 **52條安全規則**，在敏感資料進入倉庫前檢測API金鑰、令牌、密碼等機密資訊。\n\n**靈感來源**: 開發者常犯的安全錯誤——將包含真實憑證的 `.env` 檔案提交到倉庫。EnvGuard幫助開發者在開發週期早期發現這些問題。\n\n### ✨ 核心特性\n\n- 🔐 **52條內建安全規則** - 覆蓋AWS、GitHub、Stripe、OpenAI、JWT等\n- 🚀 **零依賴** - 純Python標準庫，無需pip安裝額外依賴\n- 📊 **多種輸出格式** - 終端、JSON、Markdown、SARIF（GitHub安全）\n- 🔍 **智慧模式檢測** - 同時檢測鍵名和值模式\n- ⚡ **快速輕量** - 秒級掃描數百個檔案\n- 🤖 **CI/CD就緒** - 支援退出碼和SARIF格式自動化\n\n### 🚀 快速開始\n\n```bash\n# 安裝\npip install envguard\n\n# 掃描當前目錄\nenvguard scan\n\n# 掃描指定檔案\nenvguard scan .env\n\n# JSON格式輸出\nenvguard scan -f json\n\n# 儲存報告\nenvguard scan -o report.md -f markdown\n```\n\n### 📖 詳細使用\n\n#### 掃描命令\n\n```bash\n# 基礎掃描\nenvguard scan\n\n# 掃描指定目錄\nenvguard scan ./myproject\n\n# 按嚴重程度過濾\nenvguard scan --severity high\n\n# 多種格式\nenvguard scan -f json      # JSON輸出\nenvguard scan -f markdown  # Markdown報告\nenvguard scan -f sarif     # GitHub安全格式\n```\n\n#### 其他命令\n\n```bash\n# 列出所有安全規則\nenvguard rules\n\n# 查找所有.env檔案\nenvguard find\n```\n\n### 💡 設計思路\n\nEnvGuard遵循**安全優先**原則:\n- **零信任** - 每個 `.env` 變數都是潛在風險\n- **寧可誤報不可漏報** - 警告總比遺漏好\n- **開發者友善** - 每個發現都有清晰建議\n\n### 📦 安裝方式\n\n```bash\n# 從PyPI安裝\npip install envguard\n\n# 從原始碼安裝\ngit clone https://github.com/gitstq/envguard.git\ncd envguard\npip install -e .\n```\n\n### 🤝 貢獻指南\n\n歡迎貢獻程式碼！\n\n1. Fork本倉庫\n2. 建立特性分支 (`git checkout -b feature/AmazingFeature`)\n3. 提交變更 (`git commit -m 'feat: 新增某個很棒的功能'`)\n4. 推送到分支 (`git push origin feature/AmazingFeature`)\n5. 提交Pull Request\n\n### 📄 開源協議\n\n本專案採用MIT協議 - 詳見 [LICENSE](LICENSE) 檔案。\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\n**Made with ❤️ by [gitstq](https://github.com/gitstq)**\n\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgitstq%2Fenvguard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgitstq%2Fenvguard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgitstq%2Fenvguard/lists"}