@masyv/secretscan 0.1.0 → 0.1.1

package/core/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "secretscan"
-version = "0.1.0"
+version = "0.1.1"
 edition = "2021"
 description = "SecretScan — Real-time secret & credential detector for Claude Code. Blocks API keys, tokens, and private keys from entering your LLM context."
 license = "MIT"

package/core/src/main.rs

@@ -117,7 +117,29 @@ fn main() -> Result<()> {
             let text = read_input(&input)?;
             let min_sev = parse_severity(&severity);
 
-            let findings = patterns::scan_all(&text);
+            let all_findings = patterns::scan_all(&text);
+
+            // Filter out allowlisted fingerprints
+            let store = Store::open(&db_path).ok();
+            let findings: Vec<_> = all_findings
+                .into_iter()
+                .filter(|f| {
+                    store.as_ref()
+                        .map(|s| !s.is_allowed(&f.fingerprint).unwrap_or(false))
+                        .unwrap_or(true)
+                })
+                .collect();
+
+            // Record findings to DB
+            if let Some(ref s) = store {
+                for f in &findings {
+                    let _ = s.record_finding(f, None, "cli");
+                }
+                if !findings.is_empty() {
+                    let _ = s.record_scan("cli", None, text.len(), findings.len(), 0);
+                }
+            }
+
             let filtered: Vec<_> = findings
                 .iter()
                 .filter(|f| f.severity >= min_sev)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@masyv/secretscan",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "SecretScan — Real-time secret & credential detector for Claude Code. 47 patterns covering Anthropic, AWS, GitHub, Stripe, database URLs, JWTs and more.",
   "scripts": {
     "build": "./scripts/build.sh",