Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/willfarrell/secret-patterns

RegExp patterns for code secrets
https://github.com/willfarrell/secret-patterns

Last synced: about 1 month ago
JSON representation

RegExp patterns for code secrets

Host: GitHub
URL: https://github.com/willfarrell/secret-patterns
Owner: willfarrell
License: mit
Created: 2019-02-23T19:16:09.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2019-02-23T23:09:26.000Z (over 5 years ago)
Last Synced: 2024-07-21T06:44:12.120Z (about 2 months ago)
Language: Shell
Size: 24.4 KB
Stars: 4
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # secret-patterns

RegExp patterns for code secrets. This project is meant to be used by popular repository scanners 

that search for embedded secrets.

## Scanners

- [git-secrets](https://github.com/awslabs/git-secrets)

- [gitHound](https://github.com/ezekg/git-hound)

- [truffleHog](https://github.com/dxa4481/truffleHog)

## Getting Started

### `common`

Collection variables containing popular snippets used in patterns. You can use `${quote}` in the `patterns.json` as a short hand.

### `patterns.json`

Collection of Regexp patterns for various types of secrets

### `allowed.json`

Collection of allowed strings. ie fake/examples secrets

## Testings

Just run `npm test`. This will also run the build script prior to testing.

## Build

Just run `npm run build`.

## Contributing

Please read [CONTRIBUTING.md](https://www.contributor-covenant.org/version/1/4/code-of-conduct.html) for details on our code of conduct, and the process for submitting pull requests to us.

## Versioning

We use [SemVer](http://semver.org/) for versioning. For the versions available, see the [tags on this repository](https://github.com/willfarrell/secret-patterns/tags). 

## Authors

* **will Farrell** - *Initial work* - [willfarrell](https://github.com/willfarrell)

See also the list of [contributors](https://github.com/willfarrell/secret-patterns/contributors) who participated in this project.

## License

This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details

## Acknowledgments

* [dxa4481/truffleHog](https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json)

* [awslabs/git-secrets](https://github.com/awslabs/git-secrets/blob/master/git-secrets#L233)

TODO:

- [ ] [`.pgpass / pgpass.conf`](https://www.postgresql.org/docs/9.3/libpq-pgpass.html) pattern `"PostgreSQL PGPASS File": "[^:]+:[0-9]{2,6}:[a-z][a-z0-9_]+:[^:]+:[^:]+",`

- [ ] list of files that should be ignored/skipped

- [ ] make npm package

- [ ] add docs on how to curl file one needs w/ version tag