getdoorman 1.2.0 → 1.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/simple-checks.js +18 -4
package/package.json
CHANGED
package/src/simple-checks.js
CHANGED
|
@@ -17,17 +17,24 @@ const CHECKS = [
|
|
|
17
17
|
{ name: 'AWS Secret Key', regex: /(?:aws_secret|secret_access_key)\s*[:=]\s*['"][A-Za-z0-9/+=]{40}['"]/ },
|
|
18
18
|
{ name: 'Google API Key', regex: /AIza[0-9A-Za-z_-]{35}/ },
|
|
19
19
|
{ name: 'Google OAuth Secret', regex: /GOCSPX-[a-zA-Z0-9_-]{28}/ },
|
|
20
|
+
{ name: 'Vercel Token', regex: /vercel_[a-zA-Z0-9]{24,}/ },
|
|
21
|
+
{ name: 'Netlify Token', regex: /nfp_[a-zA-Z0-9]{40,}/ },
|
|
20
22
|
// AI providers
|
|
21
23
|
{ name: 'OpenAI API Key', regex: /sk-(?:proj-)?[a-zA-Z0-9]{32,}/ },
|
|
22
24
|
{ name: 'Anthropic API Key', regex: /sk-ant-[a-zA-Z0-9-]{20,}/ },
|
|
23
25
|
{ name: 'Groq API Key', regex: /gsk_[a-zA-Z0-9]{48,}/ },
|
|
24
|
-
{ name: 'Cohere API Key', regex: /[a-zA-Z0-9]{40}/ && false }, // too broad, skip
|
|
25
26
|
{ name: 'Replicate API Token', regex: /r8_[a-zA-Z0-9]{38}/ },
|
|
26
27
|
{ name: 'Hugging Face Token', regex: /hf_[a-zA-Z0-9]{34}/ },
|
|
28
|
+
{ name: 'Together AI Key', regex: /tog_[a-zA-Z0-9]{40,}/ },
|
|
29
|
+
{ name: 'Pinecone API Key', regex: /pcsk_[a-zA-Z0-9]{50,}/ },
|
|
27
30
|
// Payment
|
|
28
31
|
{ name: 'Stripe Secret Key', regex: /sk_live_[0-9a-zA-Z]{24,}/ },
|
|
29
32
|
{ name: 'Stripe Publishable (live)', regex: /pk_live_[0-9a-zA-Z]{24,}/ },
|
|
30
|
-
// Auth
|
|
33
|
+
// Auth
|
|
34
|
+
{ name: 'Clerk Secret Key', regex: /sk_live_[a-zA-Z0-9]{27,}/ },
|
|
35
|
+
{ name: 'Clerk Publishable Key', regex: /pk_live_[a-zA-Z0-9]{27,}/ },
|
|
36
|
+
{ name: 'Auth0 Client Secret', regex: /(?:auth0|AUTH0).*secret.*['"][a-zA-Z0-9_-]{32,}['"]/ },
|
|
37
|
+
// Dev tools
|
|
31
38
|
{ name: 'GitHub Token', regex: /ghp_[0-9a-zA-Z]{36}/ },
|
|
32
39
|
{ name: 'GitHub OAuth Secret', regex: /gho_[0-9a-zA-Z]{36}/ },
|
|
33
40
|
{ name: 'GitLab Token', regex: /glpat-[0-9a-zA-Z_-]{20,}/ },
|
|
@@ -36,15 +43,22 @@ const CHECKS = [
|
|
|
36
43
|
{ name: 'Discord Bot Token', regex: /[MN][A-Za-z0-9]{23,}\.[A-Za-z0-9_-]{6}\.[A-Za-z0-9_-]{27}/ },
|
|
37
44
|
{ name: 'Twilio Auth Token', regex: /(?:twilio|TWILIO).*[0-9a-f]{32}/ },
|
|
38
45
|
{ name: 'SendGrid API Key', regex: /SG\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9_-]{43}/ },
|
|
46
|
+
{ name: 'Resend API Key', regex: /re_[a-zA-Z0-9]{30,}/ },
|
|
39
47
|
{ name: 'Mailgun API Key', regex: /key-[0-9a-zA-Z]{32}/ },
|
|
48
|
+
{ name: 'Postmark Token', regex: /(?:postmark|POSTMARK).*['"][0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}['"]/ },
|
|
40
49
|
// Database
|
|
41
50
|
{ name: 'Supabase Service Key', regex: /eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\.[a-zA-Z0-9_-]{50,}/ },
|
|
42
51
|
{ name: 'Firebase Private Key', regex: /-----BEGIN RSA PRIVATE KEY-----/ },
|
|
43
52
|
{ name: 'MongoDB Connection String', regex: /mongodb\+srv:\/\/[^:]+:[^@]+@/ },
|
|
44
53
|
{ name: 'Postgres Connection String', regex: /postgres(?:ql)?:\/\/[^:]+:[^@]+@/ },
|
|
45
|
-
|
|
54
|
+
{ name: 'PlanetScale Connection', regex: /mysql:\/\/[^:]+:[^@]+@aws\.connect\.psdb\.cloud/ },
|
|
55
|
+
{ name: 'Neon Postgres', regex: /postgres(?:ql)?:\/\/[^:]+:[^@]+@[^/]*neon\.tech/ },
|
|
56
|
+
{ name: 'Turso Database Token', regex: /eyJhbGciOiJFZERTQS[a-zA-Z0-9_-]{50,}/ },
|
|
57
|
+
{ name: 'Upstash Redis Token', regex: /AX[a-zA-Z0-9]{34,}/ },
|
|
58
|
+
{ name: 'Redis Connection String', regex: /redis:\/\/[^:]+:[^@]+@/ },
|
|
59
|
+
// SSH & certificates
|
|
46
60
|
{ name: 'SSH Private Key', regex: /-----BEGIN (?:RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----/ },
|
|
47
|
-
]
|
|
61
|
+
];
|
|
48
62
|
const findings = [];
|
|
49
63
|
for (const [fp, content] of files) {
|
|
50
64
|
if (fp.endsWith('.example') || fp.endsWith('.sample') || fp.endsWith('.template')) continue;
|