{"id":15024013,"url":"https://github.com/sap/vs-code-extension-for-project-credential-digger","last_synced_at":"2025-06-22T03:34:40.314Z","repository":{"id":176621745,"uuid":"623967119","full_name":"SAP/vs-code-extension-for-project-credential-digger","owner":"SAP","description":"VS Code extension for project Credential Digger https://github.com/SAP/credential-digger","archived":false,"fork":false,"pushed_at":"2024-08-19T09:33:18.000Z","size":30575,"stargazers_count":3,"open_issues_count":7,"forks_count":2,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-01-30T00:51:12.010Z","etag":null,"topics":["api-key","code-scan","credential-digger","github-scan","github-security","password","secret","secret-scan","security"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SAP.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-05T13:16:31.000Z","updated_at":"2024-06-24T13:52:26.000Z","dependencies_parsed_at":null,"dependency_job_id":"61c29193-a1bc-4d93-a3a8-53de40b78524","html_url":"https://github.com/SAP/vs-code-extension-for-project-credential-digger","commit_stats":{"total_commits":138,"total_committers":6,"mean_commits":23.0,"dds":"0.35507246376811596","last_synced_commit":"f934dc0cce5b9f58b82b14799a70d22ad07cb487"},"previous_names":["sap/vs-code-extension-for-project-credential-digger"],"tags_count":8,"template":false,"template_full_name":"SAP/repository-template","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SAP%2Fvs-code-extension-for-project-credential-digger","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SAP%2Fvs-code-extension-for-project-credential-digger/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SAP%2Fvs-code-extension-for-project-credential-digger/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SAP%2Fvs-code-extension-for-project-credential-digger/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SAP","download_url":"https://codeload.github.com/SAP/vs-code-extension-for-project-credential-digger/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":237191514,"owners_count":19269722,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-key","code-scan","credential-digger","github-scan","github-security","password","secret","secret-scan","security"],"created_at":"2024-09-24T19:59:42.380Z","updated_at":"2025-02-04T20:31:31.701Z","avatar_url":"https://github.com/SAP.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![REUSE status](https://api.reuse.software/badge/github.com/SAP/vs-code-extension-for-project-credential-digger)](https://api.reuse.software/info/github.com/SAP/vs-code-extension-for-project-credential-digger)\n\n# VS Code extension for project \"Credential Digger\"\n\n## Description\n\nVS Code extension for project \"Credential Digger\" is a free IDE extension that let you detect secrets and credentials in your code before they get leaked! Like a spell checker, the extension scans your files using the [Credential Digger](https://github.com/SAP/credential-digger) and highlights the secrets as you write code, so you can fix them before the code is even committed.\n\n### How it works\n\n\u003cu\u003eOpen\u003c/u\u003e any source file, or edit an existing one and \u003cu\u003esave\u003c/u\u003e, then you will start seeing the issues reported by the extension.\nThe issues are highlighted in your code as warnings, and also are listed in the `Problems` panel.\n\n![on-the-fly](images/cd-how-it-works.png)\n\n### Features\n\nThe tool provides the following support:\n\n-   Connects to an instance of the Credential Digger running either\n    -   locally\n    -   in a docker container\n    -   in a web server\n-   Pushes the regular expressions rules to the Credential Digger via the command `Credential Digger: Add Rules`\n-   Triggers the scan when opening/saving a file\n-   Forces a scan of a file via the command `Credential Digger: Scan`\n-   Highlights the findings in the code and displays them in the `Problems` panel as warnings\n-   Proposes three \"quick fix\" functionalities to address the secrets found in the code:\n\n    -   \u003cu\u003eQuick Fix 1:\u003c/u\u003e **Remove Secret** - Instantly remove the secret from your code, making cleanup tasks and revision simpler.\n    -   \u003cu\u003eQuick Fix 2:\u003c/u\u003e **Create Environment Variable** - With this feature, you can effortlessly store found secrets in a dedicated file and set up dependencies. This will be done automatically if your coding language is amongst Python, PHP, JavaScript, C#, or Java Maven. If your language is outside these five, you will receive AI-assisted advice to guide your manual setup.\n    -   \u003cu\u003eQuick Fix 3:\u003c/u\u003e **Secret Storage Options** - This feature provides three secret storage options, namely, BTP Secret Store, AWS Secret Manager, and Vault.\n\n        -   For BTP Secret Store, the documentation is written mostly by us with a portion that is AI-generated.\n        -   For AWS Secret Manager and Vault, the entire set of instructions is AI-generated to provide a comprehensive, dynamic and user-specific guide for securely storing secrets and integrating them into your project.\n\n        (To fully benefit from the \u003cu\u003eAI functionality\u003c/u\u003e, you need to configure some settings. Go to 'Configuration' section to have more information.)\n\nThese features aim to streamline your coding workflow, making it more efficient and secure.\n\n## Requirements\n\n-   Credential Digger \u003e= v4.11.1\n\n## Download and Installation\n\nThe extension could be installed directly from the [VS Code Marketplace](https://marketplace.visualstudio.com/items?itemName=SAPOSS.vs-code-extension-for-project-credential-digger)\n\n## Configuration\n\n### Credential Digger instance\n\nThe extension relies on an existing instance of the Credential Digger, hence you need to configure the extension based on the chosen mode\n\n![settings](images/cd-settings.png)\n\n#### Local\n\nNavigate to the extension settings first. Go to the `Type` section and select the `binary` option. Then, from the `Binary` section, click on `Edit in settings.json`.\n\n![local](images/cd-binary.png)\n\nNext, provide the required information as shown in the following example:\n\n```\n\"credentialDigger.credentialDiggerRunner.type\": \"binary\",\n\"credentialDigger.credentialDiggerRunner.binary\": {\n    \"path\": \"/bin/credentialdigger\",\n    \"databaseConfig\": {\n        \"type\": \"postgres\",\n        \"postgres\": {\n            \"envFile\": \"/tmp/test/postgres/.env\"\n        }\n    }\n}\n```\n\n#### Docker\n\nNavigate to the extension settings first. Go to the `Type` section and select the `docker` option. Then, from the `Docker` section, click on `Edit in settings.json`.\n\n![docker-edit](images/cd-docker.png)\n\nNext, provide the required information as shown in the following example:\n\n```\n\"credentialDigger.credentialDiggerRunner.type\": \"docker\",\n\"credentialDigger.credentialDiggerRunner.docker\": {\n    \"containerId\": \"378ffa800494\",\n    \"databaseConfig\": {\n        \"type\": \"sqlite\",\n        \"sqlite\": {\n            \"filename\": \"/data/db/data.db\"\n        }\n    }\n}\n```\n\n#### Web Server\n\nNavigate to the extension settings first. Go to the `Type` section and select the `webserver` option. Then, from the `Webserver` section, click on `Edit in settings.json`.\n\n![webserver-type](images/cd-webserver.png)\n\nNext, provide the required information as shown in the following example:\n\n```\n\"credentialDigger.credentialDiggerRunner.type\": \"webserver\",\n\"credentialDigger.credentialDiggerRunner.webserver\": {\n    \"host\": \"http://localhost:5000\",\n    \"envFile\": \"/tmp/test/sqlite/.env\"\n}\n```\n\n### Add rules\n\nIf your Credential digger instance does not have scanning rules or you want to provide your customized set then you can first enter the path to your rules file into the `Rules` section and then push them by running this command `Credential Digger: Add Rules`\n\n![add-rules](images/cd-add-rules.png)\n\n### Exclude files\n\nIf you would like to exclude some files from being scanned you need to configure the extension by providing the patterns to filter out\n\nClick on `Add Item`:\n\n![exclude-files](images/cd-filter.png)\n\nThen, enter each pattern individually:\n\n![exclude-files-add](images/cd-filter-add.png)\n\n### OpenAI\n\nTo fully benefit from the AI functionality, you need to configure two fields.\n(Your code will not be transmitted to an AI, only the file extension, like '.js' or '.java' will be used on the prompt.)\n\nYou have two AI modes at your disposal:\n\n-   **BTP OpenAI**: This option is for a Multi-tenant BTP service proxy for third-party LLM APIs. The extension use Azure OpenAI gpt-4 model.\n    -   Navigate to the `Openai Call Mode` section. From the dropdown menu, choose `BTP OpenAI`.\n    -   Then navigate to the `Openai Key Path` section. Here, enter a path that leads to your key within a .json file.\n\n![btp-openai](images/cd-btp.png)\n\n-   **OpenAI**: This option is for OpenAI (https://platform.openai.com/)\n    -   Navigate to the `Openai Call Mode` section. From the dropdown menu, choose `OpenAI`.\n    -   Then navigate to the `Openai Key Path` section. Here, enter the path that directs to a .txt file. Make sure this file contains only the key you've copied and pasted.\n\n![openai](images/cd-ai.png)\n\n## Support, Feedback, Contributing\n\nThis project is open to feature requests/suggestions, bug reports etc. via [GitHub issues](https://github.com/SAP/vs-code-extension-for-project-credential-digger/issues). Contribution and feedback are encouraged and always welcome. For more information about how to contribute, the project structure, as well as additional contribution information, see our [Contribution Guidelines](CONTRIBUTING.md).\n\n## Code of Conduct\n\nWe as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone. By participating in this project, you agree to abide by its [Code of Conduct](CODE_OF_CONDUCT.md) at all times.\n\n## Licensing\n\nCopyright 2023 SAP SE or an SAP affiliate company and vs-code-extension-for-project-credential-digger contributors. Please see our [LICENSE](LICENSE) for copyright and license information. Detailed information including third-party components and their licensing/copyright information is available [via the REUSE tool](https://api.reuse.software/info/github.com/SAP/vs-code-extension-for-project-credential-digger).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsap%2Fvs-code-extension-for-project-credential-digger","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsap%2Fvs-code-extension-for-project-credential-digger","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsap%2Fvs-code-extension-for-project-credential-digger/lists"}