api-key-guard 1.0.0 → 1.0.2

package/README.md

@@ -1,61 +1,84 @@
-# API Key Guard
-
-A comprehensive CLI tool for detecting, preventing, and managing API key leaks in your codebase with AI-powered README generation.
-
-## Quick Start
-
-```bash
-# Install the package
-npm install -g api-key-guard
-
-# Scan for API key leaks
-api-key-guard scan
-
-# Setup git hooks
-api-key-guard setup-hooks
-
-# Generate AI-powered README (requires GEMINI_API_KEY)
-export GEMINI_API_KEY=your_gemini_api_key_here
-api-key-guard readme
-```
-
-## Features
-
-- 🔍 **API Key Detection**: Scan your codebase for potential API key leaks
-- 🔗 **Git Hooks Integration**: Automatically check for leaks before commits
-- 🤖 **AI-Powered README**: Generate professional README files using Google's Gemini API
-- ⚙️ **Configurable**: Customize scanning patterns and ignore rules
-- 🛡️ **Security First**: Built with security best practices in mind
-
-## CLI Commands
-
-### `api-key-guard scan`
-Scan files for potential API key leaks.
-
-Options:
-- `-p, --path <path>`: Path to scan (default: current directory)
-- `-v, --verbose`: Show detailed output
-
-### `api-key-guard setup-hooks`
-Setup git hooks for automatic API key detection before commits.
-
-### `api-key-guard readme`
-Generate an AI-powered README.md file using Gemini API.
-
-Options:
-- `-f, --force`: Overwrite existing README.md without confirmation
-- `-o, --output <file>`: Output file path (default: README.md)
-
-## Environment Variables
-
-- `GEMINI_API_KEY`: Required for README generation. Get your API key from [Google AI Studio](https://makersuite.google.com/app/apikey)
-
-## Installation
-
-```bash
-npm install api-key-guard
-```
-
-## License
-
-MIT
+# 🔐 api-key-guard
+
+[![npm version](https://badge.fury.io/js/api-key-guard.svg)](https://www.npmjs.com/package/api-key-guard)
+[![npm downloads](https://img.shields.io/npm/dm/api-key-guard.svg)](https://www.npmjs.com/package/api-key-guard)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+## Project Title & Description
+
+**api-key-guard** is a comprehensive Node.js CLI tool designed to help developers and teams detect, prevent, and manage API key leaks within their codebases. It provides powerful scanning capabilities, integrates seamlessly with Git hooks, and even offers AI-powered assistance for project documentation, ensuring your secrets stay secret.
+
+## ⚠️ Problem Statement: The Silent Threat of API Key Leaks
+
+Accidentally committing API keys, private tokens, or sensitive credentials to a public or even private repository is a widespread and critical security vulnerability. A single leaked key can lead to:
+
+*   **Data Breaches:** Unauthorized access to sensitive user data.
+*   **Financial Loss:** Misuse of cloud resources, payment gateways, or premium services.
+*   **Reputational Damage:** Erosion of trust from customers and partners.
+*   **Service Interruptions:** Malicious actors disabling or disrupting your services.
+
+Traditional methods often rely on manual reviews or simplistic grep commands, which are prone to error and can't keep pace with rapid development cycles. **api-key-guard** provides an automated, intelligent solution to proactively safeguard your repositories against this silent, yet devastating, threat.
+
+## ✨ Features List
+
+**api-key-guard** comes packed with features to make API key management robust and effortless:
+
+*   🔍 **Advanced API Key Detection:**
+    *   Utilizes a combination of regex patterns and entropy analysis to identify a wide range of common API keys (AWS, Google Cloud, Stripe, GitHub, etc.) and high-entropy strings that might be custom secrets.
+    *   Scans various file types including JavaScript, TypeScript, Python, Ruby, JSON, YAML, Markdown, and more.
+*   🎣 **Seamless Git Hooks Integration:**
+    *   Set up pre-commit hooks to automatically scan staged files before every commit, preventing secrets from ever reaching your repository.
+    *   Provides clear feedback and blocks commits if a leak is detected.
+*   🚀 **Powerful CLI Commands:**
+    *   `scan`: On-demand scanning of entire directories or specific files.
+    *   `setup-hooks`: Automates the installation of Git pre-commit hooks.
+    *   `readme`: Leverages AI to generate comprehensive `README.md` files based on your project's structure and existing documentation.
+*   🤖 **AI-Powered README Generation:**
+    *   A unique feature that helps you quickly generate professional and informative `README.md` files, improving project documentation and onboarding.
+*   📁 **Multiple File Format Support:**
+    *   Intelligently parses and scans a broad spectrum of text-based file formats, ensuring no stone is left unturned.
+*   ⚙️ **Configurable Ignore Patterns:**
+    *   Define custom ignore rules in configuration files or via CLI flags to exclude specific files, directories (e.g., `node_modules`, `dist`), or even patterns of "false positive" keys, reducing noise.
+*   🌈 **Colorful and Clear Output:**
+    *   Leverages `chalk` to provide easy-to-read, color-coded output in the terminal, highlighting detected keys and scan results.
+
+## 🛠️ Installation
+
+**Prerequisites:**
+
+*   Node.js (v14 or higher)
+*   npm (v6 or higher)
+
+Install `api-key-guard` globally using npm:
+
+```bash
+npm install -g api-key-guard
+```
+
+Verify the installation by checking the version:
+
+```bash
+api-key-guard --version
+```
+
+## 🚀 CLI Usage Examples
+
+`api-key-guard` provides a simple yet powerful command-line interface.
+
+### 1. `api-key-guard scan` - Scan your codebase for API keys
+
+Scan a directory or specific files for potential API key leaks.
+
+#### Basic Scan of Current Directory:
+
+```bash
+api-key-guard scan .
+```
+
+#### Scan a Specific File:
+
+```bash
+api-key-guard scan src/utils/api.js
+```
+
+#### Scan a Specific Directory with

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "api-key-guard",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "A comprehensive tool to detect, prevent, and manage API key leaks in your codebase with AI-powered README generation",
   "main": "src/index.js",
   "bin": {
@@ -28,4 +28,4 @@
   "engines": {
     "node": ">=14.0.0"
   }
-}
+}

package/src/readmeGenerator.js

@@ -97,7 +97,7 @@ async function generateWithGemini(apiKey, projectContext) {
   
   try {
     const response = await axios.post(
-      `https://generativelanguage.googleapis.com/v1beta/models/gemini-pro:generateContent?key=${apiKey}`,
+      `https://generativelanguage.googleapis.com/v1/models/gemini-2.5-flash:generateContent?key=${apiKey}`,
       {
         contents: [{
           parts: [{

package/TESTING.md

@@ -1,111 +0,0 @@
-# Testing the API Key Guard CLI
-
-## Demo Instructions
-
-This guide helps you test the API Key Guard CLI tool with the AI-powered README generator.
-
-### Step 1: Install Dependencies
-```bash
-cd api-key-guard
-npm install
-```
-
-### Step 2: Test Basic Commands
-
-#### Test the help system:
-```bash
-node bin/cli.js --help
-node bin/cli.js readme --help
-node bin/cli.js scan --help
-```
-
-#### Test the scanner:
-```bash
-node bin/cli.js scan
-node bin/cli.js scan --verbose
-```
-
-### Step 3: Test API Key Detection
-Create a test file with fake API keys:
-```javascript
-// test-keys.js
-const config = {
-  api_key: "sk-1234567890abcdef1234567890abcdef12345678",
-  aws_key: "AKIA1234567890ABCDEF",
-  github_token: "ghp_abcdefghijklmnopqrstuvwxyz1234567890"
-};
-```
-
-Then scan:
-```bash
-node bin/cli.js scan --verbose
-```
-
-### Step 4: Test README Generator
-
-#### Without API key (should show error):
-```bash
-node bin/cli.js readme --output test-readme.md
-```
-
-#### With API key (requires real Gemini API key):
-1. Get API key from [Google AI Studio](https://makersuite.google.com/app/apikey)
-2. Set environment variable:
-   ```bash
-   # Windows PowerShell
-   $env:GEMINI_API_KEY = "your_actual_api_key"
-   
-   # Then run
-   node bin/cli.js readme --force --output ai-generated-readme.md
-   ```
-
-### Step 5: Test Git Hooks
-```bash
-# Initialize git (if not already done)
-git init
-
-# Install hooks
-node bin/cli.js setup-hooks
-
-# Test the hook by trying to commit a file with API keys
-echo 'const key = "AKIA1234567890ABCDEF";' > bad-file.js
-git add bad-file.js
-git commit -m "test commit" # Should be blocked
-```
-
-## Expected Outputs
-
-### Successful README Generation
-When you have a valid API key, you should see:
-```
-🤖 Generating README with AI...
-📝 Analyzing project structure...
-🚀 Generating README with Gemini AI...
-💾 Writing README.md...
-✅ Successfully generated README.md!
-```
-
-### API Key Detection
-When scanning files with API keys:
-```
-🔍 Scanning for API key leaks...
-🚨 Found X potential API key leak(s):
-  📄 filename.js:line_number
-     Pattern: detected_pattern
-⚠️  Please review these findings and secure any exposed API keys!
-```
-
-### Error Handling
-Without API key:
-```
-Error generating README: GEMINI_API_KEY environment variable is required. Please set your Gemini API key.
-```
-
-## Cleanup After Testing
-```bash
-# Remove test files
-rm test-keys.js bad-file.js ai-generated-readme.md
-
-# Remove git hooks if needed
-rm .git/hooks/pre-commit
-```

package/USAGE.md

@@ -1,126 +0,0 @@
-# API Key Guard - Usage Guide
-
-## Quick Setup
-
-1. **Install the package:**
-   ```bash
-   npm install -g api-key-guard
-   ```
-
-2. **Get a Gemini API key:**
-   - Visit [Google AI Studio](https://makersuite.google.com/app/apikey)
-   - Create a new API key
-   - Copy the API key
-
-3. **Set up environment variable:**
-   ```bash
-   # Windows (PowerShell)
-   $env:GEMINI_API_KEY = "your_gemini_api_key_here"
-   
-   # Windows (Command Prompt)
-   set GEMINI_API_KEY=your_gemini_api_key_here
-   
-   # macOS/Linux
-   export GEMINI_API_KEY=your_gemini_api_key_here
-   ```
-
-## Using the AI-Powered README Generator
-
-### Basic Usage
-```bash
-# Generate README.md with AI
-api-key-guard readme
-```
-
-### With Options
-```bash
-# Force overwrite existing README.md
-api-key-guard readme --force
-
-# Output to a different file
-api-key-guard readme --output DOCUMENTATION.md
-
-# Combine options
-api-key-guard readme --force --output NEW_README.md
-```
-
-### What the AI Generates
-The README generator creates a comprehensive README.md that includes:
-
-- **Project title and description**
-- **Problem statement** explaining API key leak issues
-- **Features list** showcasing all capabilities
-- **Installation instructions** for npm
-- **CLI usage examples** for all commands
-- **Git hooks setup guide**
-- **Configuration options**
-- **Security best practices**
-- **Contributing guidelines**
-- **License information**
-
-## Other Commands
-
-### Scan for API Key Leaks
-```bash
-# Scan current directory
-api-key-guard scan
-
-# Scan specific path
-api-key-guard scan --path ./src
-
-# Verbose output
-api-key-guard scan --verbose
-```
-
-### Setup Git Hooks
-```bash
-# Install pre-commit hook
-api-key-guard setup-hooks
-```
-
-## Error Handling
-
-The tool provides clear error messages for common issues:
-
-- **Missing API key**: Clear instructions on how to set GEMINI_API_KEY
-- **Network issues**: Helpful network troubleshooting information
-- **Invalid API responses**: Detailed API error messages
-- **File permissions**: Clear permission error messages
-
-## Security Features
-
-- **No API key storage**: API keys are read from environment variables only
-- **Pattern-based detection**: Uses regex patterns to detect various API key formats
-- **Configurable ignore patterns**: Respects .gitignore-style patterns
-- **Git hook integration**: Prevents commits with detected API keys
-
-## Supported API Key Formats
-
-The scanner detects these common API key patterns:
-- Generic API keys (`api_key`, `secret_key`, `access_token`)
-- AWS Access Keys (`AKIA...`)
-- GitHub Personal Access Tokens (`ghp_...`)
-- Google API Keys (`AIza...`)
-- Bearer tokens
-- Custom patterns (configurable)
-
-## Configuration
-
-Create a `api-key-guard.config.json` file to customize:
-
-```json
-{
-  "ignorePatterns": [
-    "node_modules",
-    ".git", 
-    "dist",
-    "*.log"
-  ],
-  "customPatterns": [
-    {
-      "name": "Custom API Key",
-      "pattern": "custom_[0-9a-f]{32}"
-    }
-  ]
-}
-```

package/config/patterns.json

@@ -1,49 +0,0 @@
-{
-  "apiKeyPatterns": [
-    {
-      "name": "Generic API Key",
-      "pattern": "(?i)api[_-]?key[\\s]*[=:][\\s]*['\"]?([a-z0-9]{20,})",
-      "description": "Generic API key pattern"
-    },
-    {
-      "name": "Generic Secret Key",
-      "pattern": "(?i)secret[_-]?key[\\s]*[=:][\\s]*['\"]?([a-z0-9]{20,})",
-      "description": "Generic secret key pattern"
-    },
-    {
-      "name": "Access Token",
-      "pattern": "(?i)access[_-]?token[\\s]*[=:][\\s]*['\"]?([a-z0-9]{20,})",
-      "description": "Generic access token pattern"
-    },
-    {
-      "name": "AWS Access Key ID",
-      "pattern": "AKIA[0-9A-Z]{16}",
-      "description": "AWS Access Key ID"
-    },
-    {
-      "name": "GitHub Token",
-      "pattern": "ghp_[0-9a-zA-Z]{36}",
-      "description": "GitHub personal access token"
-    },
-    {
-      "name": "Google API Key",
-      "pattern": "AIza[0-9A-Za-z\\-_]{35}",
-      "description": "Google API key"
-    }
-  ],
-  "ignorePatterns": [
-    "node_modules",
-    ".git",
-    "dist",
-    "build",
-    "*.log",
-    "*.min.js",
-    "package-lock.json",
-    ".env.example"
-  ],
-  "fileExtensions": [
-    ".js", ".ts", ".jsx", ".tsx", ".json", ".md", ".txt", ".yml", ".yaml",
-    ".xml", ".html", ".css", ".scss", ".sass", ".less", ".env", ".config",
-    ".py", ".java", ".php", ".rb", ".go", ".rs", ".cpp", ".c", ".h"
-  ]
-}