@open_harness/secretlens 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +56 -6
  2. package/package.json +5 -5
package/README.md CHANGED
@@ -1,8 +1,8 @@
1
1
  # @open_harness/secretlens
2
2
 
3
- Secret and credential detector for any codebase. Scans source files for hardcoded AWS keys, GitHub tokens, PEM private keys, JWTs, and generic credential assignments. Single native binary, zero runtime dependencies, works in any language ecosystem.
3
+ Secret and credential detector for any codebase. Scans source files for hardcoded AWS keys, GitHub tokens, PEM private keys, JWTs, and generic credential assignments. Single native binary, zero runtime dependencies.
4
4
 
5
- Part of the [open-harness](https://github.com/artiko00/open-harness) monorepo.
5
+ Part of the [open-harness](https://github.com/artiko00/open-harness) monorepo. [Español abajo](#español).
6
6
 
7
7
  ## Install
8
8
 
@@ -10,7 +10,7 @@ Part of the [open-harness](https://github.com/artiko00/open-harness) monorepo.
10
10
  npm install --save-dev @open_harness/secretlens
11
11
  ```
12
12
 
13
- The right native binary for your platform (Linux x64, macOS arm64, macOS x64, Windows x64) is downloaded automatically via `optionalDependencies`.
13
+ The right native binary for your platform (Linux x64, macOS arm64, macOS x64, Windows x64) is fetched automatically via `optionalDependencies`.
14
14
 
15
15
  ## Usage
16
16
 
@@ -52,15 +52,15 @@ Place a `secretlens.json` at the repo root:
52
52
  - `allowlist` skips any line containing the listed strings (case-insensitive) — useful to suppress false positives in docs or examples.
53
53
  - `exclude` skips matching directories entirely.
54
54
 
55
- ## Husky / lefthook / CI integration
55
+ ## Integrations
56
56
 
57
57
  ```bash
58
- # .husky/pre-commit
58
+ # Husky pre-commit
59
59
  npx secretlens check --fail
60
60
  ```
61
61
 
62
62
  ```yaml
63
- # .github/workflows/security.yml
63
+ # GitHub Actions
64
64
  - name: Scan for hardcoded secrets
65
65
  run: npx @open_harness/secretlens check --fail
66
66
  ```
@@ -72,6 +72,56 @@ npx secretlens check --fail
72
72
  | `0` | No secrets detected (or `--fail` not passed) |
73
73
  | `1` | Secrets found and `--fail` was passed, or config error |
74
74
 
75
+ ---
76
+
77
+ ## Español
78
+
79
+ Detector de secretos y credenciales para cualquier base de código. Escanea archivos buscando claves AWS, tokens de GitHub, claves privadas PEM, JWTs y asignaciones genéricas de credenciales hardcodeadas. Un solo binario nativo, cero dependencias.
80
+
81
+ Parte del monorepo [open-harness](https://github.com/artiko00/open-harness).
82
+
83
+ ### Instalación
84
+
85
+ ```bash
86
+ npm install --save-dev @open_harness/secretlens
87
+ ```
88
+
89
+ El binario para tu plataforma se descarga automáticamente via `optionalDependencies`.
90
+
91
+ ### Uso
92
+
93
+ ```bash
94
+ npx secretlens check # escanea el directorio actual
95
+ npx secretlens check --fail # exit 1 si encuentra secretos (git hooks / CI)
96
+ npx secretlens check --dir ./src # escanea un directorio específico
97
+ npx secretlens check --no-color # salida sin colores
98
+ npx secretlens init # genera un secretlens.json por defecto
99
+ npx secretlens version # imprime la versión
100
+ ```
101
+
102
+ ### Patrones integrados
103
+
104
+ Los 8 patrones built-in cubren claves AWS, tokens GitHub (clásicos y fine-grained), claves privadas PEM, JWTs y asignaciones genéricas tipo `secret=…`, `password=…`, `api_key=…`, `token=…`, `bearer …`. Ver la tabla arriba para severidades exactas.
105
+
106
+ ### Configuración
107
+
108
+ Colocá un `secretlens.json` en la raíz del repo (ver ejemplo arriba).
109
+
110
+ - `patterns: []` usa los 8 patrones built-in. Sobrescribí el array para agregar regexes propias.
111
+ - `allowlist` salta cualquier línea que contenga los strings indicados (case-insensitive) — útil para suprimir falsos positivos en docs o ejemplos.
112
+ - `exclude` ignora completamente los directorios que matcheen.
113
+
114
+ ### Integraciones
115
+
116
+ Sirve con Husky, lefthook o GitHub Actions con los mismos snippets de la sección en inglés.
117
+
118
+ ### Códigos de salida
119
+
120
+ | Código | Significado |
121
+ |---|---|
122
+ | `0` | No se detectaron secretos (o no se pasó `--fail`) |
123
+ | `1` | Hubo secretos con `--fail`, o error de configuración |
124
+
75
125
  ## License
76
126
 
77
127
  MIT — see the [main repository](https://github.com/artiko00/open-harness).
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@open_harness/secretlens",
3
- "version": "0.1.0",
3
+ "version": "0.1.1",
4
4
  "description": "Secret and credential detector for any language — works with Husky, CI, and any git hook system",
5
5
  "keywords": [
6
6
  "security",
@@ -19,10 +19,10 @@
19
19
  "test": "node bin/secretlens.js version"
20
20
  },
21
21
  "optionalDependencies": {
22
- "@open_harness/secretlens-linux-x64": "0.1.0",
23
- "@open_harness/secretlens-darwin-arm64": "0.1.0",
24
- "@open_harness/secretlens-darwin-x64": "0.1.0",
25
- "@open_harness/secretlens-win32-x64": "0.1.0"
22
+ "@open_harness/secretlens-linux-x64": "0.1.1",
23
+ "@open_harness/secretlens-darwin-arm64": "0.1.1",
24
+ "@open_harness/secretlens-darwin-x64": "0.1.1",
25
+ "@open_harness/secretlens-win32-x64": "0.1.1"
26
26
  },
27
27
  "engines": {
28
28
  "node": ">=16"