Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/willfarrell/secret-patterns
RegExp patterns for code secrets
https://github.com/willfarrell/secret-patterns
Last synced: about 1 month ago
JSON representation
RegExp patterns for code secrets
- Host: GitHub
- URL: https://github.com/willfarrell/secret-patterns
- Owner: willfarrell
- License: mit
- Created: 2019-02-23T19:16:09.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2019-02-23T23:09:26.000Z (over 5 years ago)
- Last Synced: 2024-07-21T06:44:12.120Z (about 2 months ago)
- Language: Shell
- Size: 24.4 KB
- Stars: 4
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# secret-patterns
RegExp patterns for code secrets. This project is meant to be used by popular repository scanners
that search for embedded secrets.## Scanners
- [git-secrets](https://github.com/awslabs/git-secrets)
- [gitHound](https://github.com/ezekg/git-hound)
- [truffleHog](https://github.com/dxa4481/truffleHog)## Getting Started
### `common`
Collection variables containing popular snippets used in patterns. You can use `${quote}` in the `patterns.json` as a short hand.
### `patterns.json`
Collection of Regexp patterns for various types of secrets
### `allowed.json`
Collection of allowed strings. ie fake/examples secrets## Testings
Just run `npm test`. This will also run the build script prior to testing.## Build
Just run `npm run build`.## Contributing
Please read [CONTRIBUTING.md](https://www.contributor-covenant.org/version/1/4/code-of-conduct.html) for details on our code of conduct, and the process for submitting pull requests to us.
## Versioning
We use [SemVer](http://semver.org/) for versioning. For the versions available, see the [tags on this repository](https://github.com/willfarrell/secret-patterns/tags).
## Authors
* **will Farrell** - *Initial work* - [willfarrell](https://github.com/willfarrell)
See also the list of [contributors](https://github.com/willfarrell/secret-patterns/contributors) who participated in this project.
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details
## Acknowledgments
* [dxa4481/truffleHog](https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json)
* [awslabs/git-secrets](https://github.com/awslabs/git-secrets/blob/master/git-secrets#L233)TODO:
- [ ] [`.pgpass / pgpass.conf`](https://www.postgresql.org/docs/9.3/libpq-pgpass.html) pattern `"PostgreSQL PGPASS File": "[^:]+:[0-9]{2,6}:[a-z][a-z0-9_]+:[^:]+:[^:]+",`
- [ ] list of files that should be ignored/skipped
- [ ] make npm package
- [ ] add docs on how to curl file one needs w/ version tag