npm - api-key-guard - Versions diffs - 1.0.1 → 1.0.3 - Mend

api-key-guard 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -1,61 +1,84 @@
-# API Key Guard
-A comprehensive CLI tool for detecting, preventing, and managing API key leaks in your codebase with AI-powered README generation.
-## Quick Start
-```bash
-# Install the package
-npm install -g api-key-guard
-# Scan for API key leaks
-api-key-guard scan
-# Setup git hooks
-api-key-guard setup-hooks
-# Generate AI-powered README (requires GEMINI_API_KEY)
-export GEMINI_API_KEY=your_gemini_api_key_here
-api-key-guard readme
-```
-## Features
-- 🔍 **API Key Detection**: Scan your codebase for potential API key leaks
-- 🔗 **Git Hooks Integration**: Automatically check for leaks before commits
-- 🤖 **AI-Powered README**: Generate professional README files using Google's Gemini API
-- ⚙️ **Configurable**: Customize scanning patterns and ignore rules
-- 🛡️ **Security First**: Built with security best practices in mind
-## CLI Commands
-### `api-key-guard scan`
-Scan files for potential API key leaks.
-Options:
-- `-p, --path <path>`: Path to scan (default: current directory)
-- `-v, --verbose`: Show detailed output
-### `api-key-guard setup-hooks`
-Setup git hooks for automatic API key detection before commits.
-### `api-key-guard readme`
-Generate an AI-powered README.md file using Gemini API.
-Options:
-- `-f, --force`: Overwrite existing README.md without confirmation
-- `-o, --output <file>`: Output file path (default: README.md)
-## Environment Variables
-- `GEMINI_API_KEY`: Required for README generation. Get your API key from [Google AI Studio](https://makersuite.google.com/app/apikey)
-## Installation
-```bash
-npm install api-key-guard
-```
-## License
-MIT
+# 🔐 api-key-guard
+[![npm version](https://badge.fury.io/js/api-key-guard.svg)](https://www.npmjs.com/package/api-key-guard)
+[![npm downloads](https://img.shields.io/npm/dm/api-key-guard.svg)](https://www.npmjs.com/package/api-key-guard)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+## Project Title & Description
+**api-key-guard** is a comprehensive Node.js CLI tool designed to help developers and teams detect, prevent, and manage API key leaks within their codebases. It provides powerful scanning capabilities, integrates seamlessly with Git hooks, and even offers AI-powered assistance for project documentation, ensuring your secrets stay secret.
+## ⚠️ Problem Statement: The Silent Threat of API Key Leaks
+Accidentally committing API keys, private tokens, or sensitive credentials to a public or even private repository is a widespread and critical security vulnerability. A single leaked key can lead to:
+*   **Data Breaches:** Unauthorized access to sensitive user data.
+*   **Financial Loss:** Misuse of cloud resources, payment gateways, or premium services.
+*   **Reputational Damage:** Erosion of trust from customers and partners.
+*   **Service Interruptions:** Malicious actors disabling or disrupting your services.
+Traditional methods often rely on manual reviews or simplistic grep commands, which are prone to error and can't keep pace with rapid development cycles. **api-key-guard** provides an automated, intelligent solution to proactively safeguard your repositories against this silent, yet devastating, threat.
+## ✨ Features List
+**api-key-guard** comes packed with features to make API key management robust and effortless:
+*   🔍 **Advanced API Key Detection:**
+    *   Utilizes a combination of regex patterns and entropy analysis to identify a wide range of common API keys (AWS, Google Cloud, Stripe, GitHub, etc.) and high-entropy strings that might be custom secrets.
+    *   Scans various file types including JavaScript, TypeScript, Python, Ruby, JSON, YAML, Markdown, and more.
+*   🎣 **Seamless Git Hooks Integration:**
+    *   Set up pre-commit hooks to automatically scan staged files before every commit, preventing secrets from ever reaching your repository.
+    *   Provides clear feedback and blocks commits if a leak is detected.
+*   🚀 **Powerful CLI Commands:**
+    *   `scan`: On-demand scanning of entire directories or specific files.
+    *   `setup-hooks`: Automates the installation of Git pre-commit hooks.
+    *   `readme`: Leverages AI to generate comprehensive `README.md` files based on your project's structure and existing documentation.
+*   🤖 **AI-Powered README Generation:**
+    *   A unique feature that helps you quickly generate professional and informative `README.md` files, improving project documentation and onboarding.
+*   📁 **Multiple File Format Support:**
+    *   Intelligently parses and scans a broad spectrum of text-based file formats, ensuring no stone is left unturned.
+*   ⚙️ **Configurable Ignore Patterns:**
+    *   Define custom ignore rules in configuration files or via CLI flags to exclude specific files, directories (e.g., `node_modules`, `dist`), or even patterns of "false positive" keys, reducing noise.
+*   🌈 **Colorful and Clear Output:**
+    *   Leverages `chalk` to provide easy-to-read, color-coded output in the terminal, highlighting detected keys and scan results.
+## 🛠️ Installation
+**Prerequisites:**
+*   Node.js (v14 or higher)
+*   npm (v6 or higher)
+Install `api-key-guard` globally using npm:
+```bash
+npm install -g api-key-guard
+```
+Verify the installation by checking the version:
+```bash
+api-key-guard --version
+```
+## 🚀 CLI Usage Examples
+`api-key-guard` provides a simple yet powerful command-line interface.
+### 1. `api-key-guard scan` - Scan your codebase for API keys
+Scan a directory or specific files for potential API key leaks.
+#### Basic Scan of Current Directory:
+```bash
+api-key-guard scan .
+```
+#### Scan a Specific File:
+```bash
+api-key-guard scan src/utils/api.js
+```
+#### Scan a Specific Directory with

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "api-key-guard",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "A comprehensive tool to detect, prevent, and manage API key leaks in your codebase with AI-powered README generation",
   "main": "src/index.js",
   "bin": {

package/src/readmeGenerator.js CHANGED Viewed

@@ -97,7 +97,7 @@ async function generateWithGemini(apiKey, projectContext) {
   try {
     const response = await axios.post(
-      `https://generativelanguage.googleapis.com/v1beta/models/gemini-1.5-flash:generateContent?key=${apiKey}`,
+      `https://generativelanguage.googleapis.com/v1/models/gemini-2.5-flash:generateContent?key=${apiKey}`,
       {
         contents: [{
           parts: [{