secret-guardian


Namesecret-guardian JSON
Version 0.1.0 PyPI version JSON
download
home_pagehttps://github.com/panyu1512/secret-guardian
SummaryA Python library for detecting hardcoded secrets and API keys in code repositories
upload_time2025-07-29 16:26:40
maintainerNone
docs_urlNone
authorpanyu1512
requires_python<4.0.0,>=3.8.1
licenseMIT
keywords security secrets api-keys code-scanning
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls. 
            # Secret Guardian

A Python library for detecting secrets and API keys 

## Development

This project uses [Poetry](https://python-poetry.org/) for dependency management and [Ruff](https://docs.astral.sh/ruff/) as linter and formatter.

## Features

- **Automatic detection** of multiple types of secrets and API keys
- **Built-in patterns** for AWS, GitHub, Google, Slack, JWT and more
- **Protection verification** with `.env` and `.gitignore` files
- **Customizable patterns** for specific use cases
- **CLI interface** for CI/CD integration
- **Detailed reports** in text or JSON format
- **Smart filtering** of false positives
- **Hardcoded secret detection** anywhere in source code

## Installation

```bash
pip install secret-guardian
```

## Usage

### As a Python library

```python
from secret_guardian import SecretScanner, SecretFoundError

# Scan a repository
scanner = SecretScanner("./my-project")

try:
    # Scan and raise exception if secrets are found
    matches = scanner.scan(raise_on_secrets=True)
    print("No secrets found")
except SecretFoundError as e:
    print(f"Found {len(e.secrets_found)} secrets")
    
    # Generate report
    report = scanner.generate_report(e.secrets_found)
    print(report)
```

### Command line interface

```bash
# Scan current repository
secret-guardian scan .

# Scan with custom options
secret-guardian scan ./my-project --no-env-check --output json

# View statistics
secret-guardian stats .

# List available patterns
secret-guardian patterns
```

## Detected Patterns

- **AWS**: Access Keys, Secret Keys
- **GitHub**: Personal Access Tokens, Classic Tokens
- **Google**: API Keys
- **Slack**: Bot Tokens, User Tokens
- **JWT**: JSON Web Tokens
- **Database**: Connection URLs
- **Private keys**: RSA, SSH
- **Generic API Keys**
- **Passwords**

## License

MIT License. See `LICENSE` for more details..

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/panyu1512/secret-guardian",
    "name": "secret-guardian",
    "maintainer": null,
    "docs_url": null,
    "requires_python": "<4.0.0,>=3.8.1",
    "maintainer_email": null,
    "keywords": "security, secrets, api-keys, code-scanning",
    "author": "panyu1512",
    "author_email": "kikeferreragius1997@gmail.com",
    "download_url": "https://files.pythonhosted.org/packages/e3/a6/cad6502c0a970ebac4d6af4279a3e9e284c429439f76923c4f8e4a37ea99/secret_guardian-0.1.0.tar.gz",
    "platform": null,
    "description": "# Secret Guardian\n\nA Python library for detecting secrets and API keys \n\n## Development\n\nThis project uses [Poetry](https://python-poetry.org/) for dependency management and [Ruff](https://docs.astral.sh/ruff/) as linter and formatter.\n\n## Features\n\n- **Automatic detection** of multiple types of secrets and API keys\n- **Built-in patterns** for AWS, GitHub, Google, Slack, JWT and more\n- **Protection verification** with `.env` and `.gitignore` files\n- **Customizable patterns** for specific use cases\n- **CLI interface** for CI/CD integration\n- **Detailed reports** in text or JSON format\n- **Smart filtering** of false positives\n- **Hardcoded secret detection** anywhere in source code\n\n## Installation\n\n```bash\npip install secret-guardian\n```\n\n## Usage\n\n### As a Python library\n\n```python\nfrom secret_guardian import SecretScanner, SecretFoundError\n\n# Scan a repository\nscanner = SecretScanner(\"./my-project\")\n\ntry:\n    # Scan and raise exception if secrets are found\n    matches = scanner.scan(raise_on_secrets=True)\n    print(\"No secrets found\")\nexcept SecretFoundError as e:\n    print(f\"Found {len(e.secrets_found)} secrets\")\n    \n    # Generate report\n    report = scanner.generate_report(e.secrets_found)\n    print(report)\n```\n\n### Command line interface\n\n```bash\n# Scan current repository\nsecret-guardian scan .\n\n# Scan with custom options\nsecret-guardian scan ./my-project --no-env-check --output json\n\n# View statistics\nsecret-guardian stats .\n\n# List available patterns\nsecret-guardian patterns\n```\n\n## Detected Patterns\n\n- **AWS**: Access Keys, Secret Keys\n- **GitHub**: Personal Access Tokens, Classic Tokens\n- **Google**: API Keys\n- **Slack**: Bot Tokens, User Tokens\n- **JWT**: JSON Web Tokens\n- **Database**: Connection URLs\n- **Private keys**: RSA, SSH\n- **Generic API Keys**\n- **Passwords**\n\n## License\n\nMIT License. See `LICENSE` for more details..",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "A Python library for detecting hardcoded secrets and API keys in code repositories",
    "version": "0.1.0",
    "project_urls": {
        "Homepage": "https://github.com/panyu1512/secret-guardian",
        "Repository": "https://github.com/panyu1512/secret-guardian"
    },
    "split_keywords": [
        "security",
        " secrets",
        " api-keys",
        " code-scanning"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "b12649f25b32299a92bd44f21e509af7d7a8c6c6568c6fce37f91a1218a57a63",
                "md5": "523bdce376006d4cc637f8172dd72d6b",
                "sha256": "8234343e52750cab79f519ecc504c65f0d680afa5b6751bf75e55d7fc144cbde"
            },
            "downloads": -1,
            "filename": "secret_guardian-0.1.0-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "523bdce376006d4cc637f8172dd72d6b",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": "<4.0.0,>=3.8.1",
            "size": 10309,
            "upload_time": "2025-07-29T16:26:38",
            "upload_time_iso_8601": "2025-07-29T16:26:38.274491Z",
            "url": "https://files.pythonhosted.org/packages/b1/26/49f25b32299a92bd44f21e509af7d7a8c6c6568c6fce37f91a1218a57a63/secret_guardian-0.1.0-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "e3a6cad6502c0a970ebac4d6af4279a3e9e284c429439f76923c4f8e4a37ea99",
                "md5": "89314a91d71e022a26bf46036943ed3c",
                "sha256": "ba7b2570c45661e6f2265a1ef5f61d06403c4df98a3efdb220ec1e75731e8937"
            },
            "downloads": -1,
            "filename": "secret_guardian-0.1.0.tar.gz",
            "has_sig": false,
            "md5_digest": "89314a91d71e022a26bf46036943ed3c",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": "<4.0.0,>=3.8.1",
            "size": 9393,
            "upload_time": "2025-07-29T16:26:40",
            "upload_time_iso_8601": "2025-07-29T16:26:40.070243Z",
            "url": "https://files.pythonhosted.org/packages/e3/a6/cad6502c0a970ebac4d6af4279a3e9e284c429439f76923c4f8e4a37ea99/secret_guardian-0.1.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2025-07-29 16:26:40",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "panyu1512",
    "github_project": "secret-guardian",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "lcname": "secret-guardian"
}
panyu1512
Elapsed time: 0.81686s