{"id":48834985,"url":"https://github.com/vypher-io/cli","last_synced_at":"2026-04-14T23:00:39.835Z","repository":{"id":351404468,"uuid":"1043215038","full_name":"vypher-io/cli","owner":"vypher-io","description":"Fast, parallelized CLI for detecting PII and PHI in files. Built for Finance (PCI DSS) and Healthcare (HIPAA) compliance.","archived":false,"fork":false,"pushed_at":"2026-04-14T21:48:10.000Z","size":45,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-14T22:24:38.161Z","etag":null,"topics":["cli","compliance","data-privacy","devtools","go","golangci","hipaa","pci-dss","phi","pii","sarif","scanner","security"],"latest_commit_sha":null,"homepage":"https://vypher.io","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vypher-io.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-08-23T11:32:23.000Z","updated_at":"2026-04-14T21:47:37.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/vypher-io/cli","commit_stats":null,"previous_names":["vypher-io/cli"],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/vypher-io/cli","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vypher-io%2Fcli","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vypher-io%2Fcli/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vypher-io%2Fcli/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vypher-io%2Fcli/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vypher-io","download_url":"https://codeload.github.com/vypher-io/cli/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vypher-io%2Fcli/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31818840,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-14T18:05:02.291Z","status":"ssl_error","status_checked_at":"2026-04-14T18:05:01.765Z","response_time":153,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","compliance","data-privacy","devtools","go","golangci","hipaa","pci-dss","phi","pii","sarif","scanner","security"],"created_at":"2026-04-14T23:00:20.334Z","updated_at":"2026-04-14T23:00:39.826Z","avatar_url":"https://github.com/vypher-io.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Vypher CLI\n\nVypher is a command-line tool designed to scan directories for Personally Identifiable Information (PII) and Protected Health Information (PHI) within files. It focuses on identifying sensitive data related to finance and healthcare.\n\n## Installation\n\n**Via `go install`** (requires Go 1.20+):\n\n```bash\ngo install github.com/vypher-io/cli@latest\n```\n\n**Or build from source:**\n\n```bash\ngit clone https://github.com/vypher-io/cli.git\ncd cli\ngo build -o vypher\n```\n\n**macOS via Homebrew:**\n\n```bash\nbrew install vypher-io/tap/vypher\n```\n\n**Windows via Scoop:**\n\n```powershell\nscoop bucket add vypher-io https://github.com/vypher-io/scoop-bucket\nscoop install vypher\n```\n\n**Docker (no install required):**\n\n```bash\ndocker run --rm -v \"$(pwd)\":/scan pseudocoding/vypher scan --target /scan\n```\n\n## Testing\n\nTo run the unit tests for the project:\n\n```bash\ngo test ./...\n```\n\nFor verbose output:\n\n```bash\ngo test -v ./...\n```\n\nTo run tests with race condition detection:\n\n```bash\ngo test -race ./...\n```\n\n## Usage\n\n### Scanning a Directory\n\nTo scan the current directory:\n\n```bash\n./vypher scan\n```\n\nTo scan a specific directory:\n\n```bash\n./vypher scan --target /path/to/scan\n```\n\n### Output Formats\n\nVypher supports multiple output formats: **console** (default), **JSON**, and **SARIF**.\n\n**Console Output:**\n\n```bash\n./vypher scan -t ./src\n```\n\nFindings are reported with the file path and line number for each match:\n\n```\nFile: /path/to/src/users.go\n  - [Email] jo****om (Line: 42)\n  - [SSN] 12****89 (Line: 87)\n```\n\n**JSON Output:**\n\n```bash\n./vypher scan -t ./src -o json\n```\n\n**SARIF Output** (for GitHub Security, VS Code integration):\n\n```bash\n./vypher scan -t ./src -o sarif\n```\n\n### Excluding Files\n\nUse the `--exclude` flag with glob patterns to skip files or directories:\n\n```bash\n./vypher scan -t ./src --exclude \"*_test.go\" --exclude \"*.log\"\n```\n\n### Filtering by Rule Tags\n\nUse `--rules` to scan only for specific rule categories:\n\n```bash\n./vypher scan -t ./src --rules finance,phi\n```\n\n**Available tags:**\n\n| Tag | Patterns Included |\n|-----|-------------------|\n| `finance` | Credit Card, SSN, IBAN, Bitcoin, Ethereum, Solana |\n| `crypto` | Bitcoin, Ethereum, Solana |\n| `pii` | Credit Card, SSN, Email, Phone, DOB |\n| `healthcare` | MRN, ICD-10 |\n| `phi` | MRN, DOB, ICD-10 |\n| `communication` | Email, Phone |\n| `government` | SSN |\n\n**Examples:**\n\n```bash\n# Scan for finance-only patterns (cards, SSN, IBAN, crypto wallets)\n./vypher scan -t ./src --rules finance\n\n# Scan for crypto wallet addresses only\n./vypher scan -t ./src --rules crypto\n\n# Scan for healthcare data only (MRN, ICD-10, DOB)\n./vypher scan -t ./src --rules healthcare,phi\n\n# Scan for general PII (emails, phones, SSNs, cards, DOB)\n./vypher scan -t ./src --rules pii\n\n# Combine multiple tags\n./vypher scan -t ./src --rules finance,healthcare -o sarif --fail-on-match\n```\n\n### Limiting Scan Depth\n\nUse `--max-depth` to limit how deep the scanner recurses:\n\n```bash\n./vypher scan -t ./src --max-depth 3\n```\n\n### CI/CD Integration\n\nUse `--fail-on-match` to exit with code 1 when issues are found:\n\n```bash\n./vypher scan -t ./src --fail-on-match\n```\n\nThis is useful for enforcing compliance in CI/CD pipelines.\n\n### Configuration File\n\nCreate a `.vypher.yaml` file to define default scan settings:\n\n```yaml\nexclude:\n  - \"*_test.go\"\n  - \"*.log\"\nrules:\n  - finance\n  - phi\noutput: sarif\nmax_depth: 5\nfail_on_match: true\n```\n\nLoad it with the `--config` flag:\n\n```bash\n./vypher scan --config .vypher.yaml -t ./src\n```\n\nCLI flags always override config file values.\n\n### Default Ignored Directories\n\nBy default, Vypher ignores the following directories:\n- `.git`\n- `node_modules`\n- `vendor`\n- `.venv`\n- `__pycache__`\n- `dist`\n- `build`\n- `.next`\n- `.nuxt`\n- `out`\n\n### Default Ignored Files\n\nThe following files are skipped by default because they contain checksums, hashes, or other generated content that produce false positives:\n- `package-lock.json`\n- `yarn.lock`\n- `pnpm-lock.yaml`\n- `bun.lockb`\n- `go.sum`\n- `Cargo.lock`\n- `composer.lock`\n- `Gemfile.lock`\n- `poetry.lock`\n- `*.lock`\n\n## Detected Patterns\n\nVypher ships with 11 built-in detection patterns:\n\n| # | Pattern | Description | Tags | Validation |\n|---|---------|-------------|------|------------|\n| 1 | **Credit Card** | 13-16 digit card numbers | `finance`, `pii` | Luhn ✓, Proximity |\n| 2 | **SSN** | US Social Security Numbers (XXX-XX-XXXX) | `finance`, `pii`, `government` | Proximity |\n| 3 | **Email** | Email addresses | `pii`, `communication` | N/A |\n| 4 | **Phone** | US/International phone numbers | `pii`, `communication` | N/A |\n| 5 | **IBAN** | International Bank Account Numbers | `finance` | N/A |\n| 6 | **MRN** | Medical Record Numbers (6-12 digits) | `healthcare`, `phi` | N/A |\n| 7 | **DOB** | Date of Birth near keywords | `pii`, `phi` | N/A |\n| 8 | **ICD-10** | ICD-10 medical diagnosis codes | `healthcare`, `phi` | N/A |\n| 9 | **Bitcoin** | P2PKH, P2SH, Bech32 wallet addresses | `finance`, `crypto` | Proximity |\n| 10 | **Ethereum** | 0x-prefixed 40 hex char addresses | `finance`, `crypto` | Proximity |\n| 11 | **Solana** | Base58 32-44 char wallet addresses | `finance`, `crypto` | Proximity |\n\n### Credit Card Validation\n\nCredit card numbers detected by regex are validated using the **Luhn algorithm** to reduce false positives, as recommended by PCI DSS.\n\n### Keyword Proximity\n\nSSN and Credit Card matches are annotated with a **keyword proximity** indicator when relevant keywords (e.g., \"ssn\", \"social\", \"credit\", \"card\") are found within ±50 characters of the match. This helps distinguish high-confidence detections from potential false positives.\n\n## Performance\n\nVypher uses **parallel file scanning** with a worker pool automatically sized to the number of CPU cores. File collection (directory walk) is sequential, while file reading and pattern matching run concurrently for maximum throughput on large codebases.\n\n## Disclaimer\n\nThis tool uses regex-based pattern matching and may produce false positives. It is intended as an aid for developers and security professionals, not as a guaranteed solution for compliance.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvypher-io%2Fcli","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvypher-io%2Fcli","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvypher-io%2Fcli/lists"}