secretless-ai 0.4.0 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/backends/env.d.ts +11 -0
- package/dist/backends/env.d.ts.map +1 -0
- package/dist/backends/env.js +26 -0
- package/dist/backends/env.js.map +1 -0
- package/dist/backends/local.d.ts +18 -0
- package/dist/backends/local.d.ts.map +1 -0
- package/dist/backends/local.js +133 -0
- package/dist/backends/local.js.map +1 -0
- package/dist/backends/types.d.ts +40 -0
- package/dist/backends/types.d.ts.map +1 -0
- package/dist/backends/types.js +3 -0
- package/dist/backends/types.js.map +1 -0
- package/dist/backends/vault.d.ts +28 -0
- package/dist/backends/vault.d.ts.map +1 -0
- package/dist/backends/vault.js +157 -0
- package/dist/backends/vault.js.map +1 -0
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -1
- package/dist/index.js.map +1 -1
- package/dist/init.d.ts.map +1 -1
- package/dist/init.js +26 -0
- package/dist/init.js.map +1 -1
- package/dist/patterns.d.ts +10 -0
- package/dist/patterns.d.ts.map +1 -1
- package/dist/patterns.js +93 -13
- package/dist/patterns.js.map +1 -1
- package/dist/scan.js +2 -2
- package/dist/scan.js.map +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import type { SecretBackend, BackendHealth } from './types';
|
|
2
|
+
/**
|
|
3
|
+
* Environment variable backend — resolves secrets from process.env.
|
|
4
|
+
* The simplest backend. Zero dependencies. Always available.
|
|
5
|
+
*/
|
|
6
|
+
export declare class EnvBackend implements SecretBackend {
|
|
7
|
+
readonly name = "env";
|
|
8
|
+
resolve(path: string): Promise<Record<string, string>>;
|
|
9
|
+
healthCheck(): Promise<BackendHealth>;
|
|
10
|
+
}
|
|
11
|
+
//# sourceMappingURL=env.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/backends/env.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAE5D;;;GAGG;AACH,qBAAa,UAAW,YAAW,aAAa;IAC9C,QAAQ,CAAC,IAAI,SAAS;IAEhB,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAYtD,WAAW,IAAI,OAAO,CAAC,aAAa,CAAC;CAG5C"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.EnvBackend = void 0;
|
|
4
|
+
/**
|
|
5
|
+
* Environment variable backend — resolves secrets from process.env.
|
|
6
|
+
* The simplest backend. Zero dependencies. Always available.
|
|
7
|
+
*/
|
|
8
|
+
class EnvBackend {
|
|
9
|
+
constructor() {
|
|
10
|
+
this.name = 'env';
|
|
11
|
+
}
|
|
12
|
+
async resolve(path) {
|
|
13
|
+
// Path format: "ENV_VAR_NAME" or "prefix/ENV_VAR_NAME"
|
|
14
|
+
const varName = path.includes('/') ? path.split('/').pop() : path;
|
|
15
|
+
const value = process.env[varName];
|
|
16
|
+
if (value === undefined) {
|
|
17
|
+
return {};
|
|
18
|
+
}
|
|
19
|
+
return { [varName]: value };
|
|
20
|
+
}
|
|
21
|
+
async healthCheck() {
|
|
22
|
+
return { healthy: true, latencyMs: 0, message: 'Environment variables always available' };
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
exports.EnvBackend = EnvBackend;
|
|
26
|
+
//# sourceMappingURL=env.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"env.js","sourceRoot":"","sources":["../../src/backends/env.ts"],"names":[],"mappings":";;;AAEA;;;GAGG;AACH,MAAa,UAAU;IAAvB;QACW,SAAI,GAAG,KAAK,CAAC;IAiBxB,CAAC;IAfC,KAAK,CAAC,OAAO,CAAC,IAAY;QACxB,uDAAuD;QACvD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAG,CAAC,CAAC,CAAC,IAAI,CAAC;QACnE,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAEnC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,CAAC;IAC9B,CAAC;IAED,KAAK,CAAC,WAAW;QACf,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAC5F,CAAC;CACF;AAlBD,gCAkBC"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import type { SecretBackend, BackendHealth } from './types';
|
|
2
|
+
/**
|
|
3
|
+
* Local encrypted store backend — resolves secrets from a local AES-256-GCM encrypted file.
|
|
4
|
+
* Used for development/local setups. Zero network dependencies.
|
|
5
|
+
*/
|
|
6
|
+
export declare class LocalBackend implements SecretBackend {
|
|
7
|
+
readonly name = "local";
|
|
8
|
+
private readonly storeDir;
|
|
9
|
+
private readonly encryptionKey;
|
|
10
|
+
constructor(config?: Record<string, unknown>);
|
|
11
|
+
resolve(secretPath: string): Promise<Record<string, string>>;
|
|
12
|
+
healthCheck(): Promise<BackendHealth>;
|
|
13
|
+
/** Store a secret locally */
|
|
14
|
+
store(key: string, value: string): Promise<void>;
|
|
15
|
+
private encrypt;
|
|
16
|
+
private decrypt;
|
|
17
|
+
}
|
|
18
|
+
//# sourceMappingURL=local.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"local.d.ts","sourceRoot":"","sources":["../../src/backends/local.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAU5D;;;GAGG;AACH,qBAAa,YAAa,YAAW,aAAa;IAChD,QAAQ,CAAC,IAAI,WAAW;IACxB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;gBAE3B,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAStC,OAAO,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAsB5D,WAAW,IAAI,OAAO,CAAC,aAAa,CAAC;IAW3C,6BAA6B;IACvB,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgCtD,OAAO,CAAC,OAAO;IASf,OAAO,CAAC,OAAO;CAQhB"}
|
|
@@ -0,0 +1,133 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.LocalBackend = void 0;
|
|
37
|
+
const fs = __importStar(require("fs"));
|
|
38
|
+
const path = __importStar(require("path"));
|
|
39
|
+
const crypto = __importStar(require("crypto"));
|
|
40
|
+
const STORE_FILE = 'secrets.enc';
|
|
41
|
+
const META_FILE = 'secrets.meta.json';
|
|
42
|
+
/**
|
|
43
|
+
* Local encrypted store backend — resolves secrets from a local AES-256-GCM encrypted file.
|
|
44
|
+
* Used for development/local setups. Zero network dependencies.
|
|
45
|
+
*/
|
|
46
|
+
class LocalBackend {
|
|
47
|
+
constructor(config) {
|
|
48
|
+
this.name = 'local';
|
|
49
|
+
const home = process.env.HOME ?? process.env.USERPROFILE ?? '/tmp';
|
|
50
|
+
this.storeDir = config?.storeDir ?? path.join(home, '.secretless-ai', 'store');
|
|
51
|
+
// Derive key from machine-specific data (not perfect, but better than plaintext)
|
|
52
|
+
const keyMaterial = config?.key ?? `${home}-secretless-${process.env.USER ?? 'default'}`;
|
|
53
|
+
this.encryptionKey = crypto.createHash('sha256').update(keyMaterial).digest();
|
|
54
|
+
}
|
|
55
|
+
async resolve(secretPath) {
|
|
56
|
+
const storePath = path.join(this.storeDir, STORE_FILE);
|
|
57
|
+
if (!fs.existsSync(storePath))
|
|
58
|
+
return {};
|
|
59
|
+
try {
|
|
60
|
+
const encrypted = fs.readFileSync(storePath);
|
|
61
|
+
const decrypted = this.decrypt(encrypted);
|
|
62
|
+
const store = JSON.parse(decrypted);
|
|
63
|
+
// Path can be a key name or a glob pattern
|
|
64
|
+
const results = {};
|
|
65
|
+
for (const [key, value] of Object.entries(store)) {
|
|
66
|
+
if (key === secretPath || key.startsWith(secretPath + '/')) {
|
|
67
|
+
results[key] = value;
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
return results;
|
|
71
|
+
}
|
|
72
|
+
catch {
|
|
73
|
+
return {};
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
async healthCheck() {
|
|
77
|
+
const start = Date.now();
|
|
78
|
+
const storePath = path.join(this.storeDir, STORE_FILE);
|
|
79
|
+
const exists = fs.existsSync(storePath);
|
|
80
|
+
return {
|
|
81
|
+
healthy: exists,
|
|
82
|
+
latencyMs: Date.now() - start,
|
|
83
|
+
message: exists ? 'Local store available' : 'No local store found',
|
|
84
|
+
};
|
|
85
|
+
}
|
|
86
|
+
/** Store a secret locally */
|
|
87
|
+
async store(key, value) {
|
|
88
|
+
fs.mkdirSync(this.storeDir, { recursive: true, mode: 0o700 });
|
|
89
|
+
const storePath = path.join(this.storeDir, STORE_FILE);
|
|
90
|
+
let store = {};
|
|
91
|
+
if (fs.existsSync(storePath)) {
|
|
92
|
+
try {
|
|
93
|
+
const encrypted = fs.readFileSync(storePath);
|
|
94
|
+
store = JSON.parse(this.decrypt(encrypted));
|
|
95
|
+
}
|
|
96
|
+
catch {
|
|
97
|
+
// Corrupted store — start fresh
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
store[key] = value;
|
|
101
|
+
const encrypted = this.encrypt(JSON.stringify(store));
|
|
102
|
+
fs.writeFileSync(storePath, encrypted, { mode: 0o600 });
|
|
103
|
+
// Update metadata
|
|
104
|
+
const metaPath = path.join(this.storeDir, META_FILE);
|
|
105
|
+
let meta = { version: '1', entries: {} };
|
|
106
|
+
try {
|
|
107
|
+
if (fs.existsSync(metaPath)) {
|
|
108
|
+
meta = JSON.parse(fs.readFileSync(metaPath, 'utf-8'));
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
catch { /* ignore */ }
|
|
112
|
+
meta.entries[key] = { createdAt: new Date().toISOString() };
|
|
113
|
+
fs.writeFileSync(metaPath, JSON.stringify(meta, null, 2), { mode: 0o600 });
|
|
114
|
+
}
|
|
115
|
+
encrypt(plaintext) {
|
|
116
|
+
const iv = crypto.randomBytes(16);
|
|
117
|
+
const cipher = crypto.createCipheriv('aes-256-gcm', this.encryptionKey, iv);
|
|
118
|
+
const encrypted = Buffer.concat([cipher.update(plaintext, 'utf-8'), cipher.final()]);
|
|
119
|
+
const tag = cipher.getAuthTag();
|
|
120
|
+
// Format: [iv(16)][tag(16)][ciphertext]
|
|
121
|
+
return Buffer.concat([iv, tag, encrypted]);
|
|
122
|
+
}
|
|
123
|
+
decrypt(data) {
|
|
124
|
+
const iv = data.subarray(0, 16);
|
|
125
|
+
const tag = data.subarray(16, 32);
|
|
126
|
+
const ciphertext = data.subarray(32);
|
|
127
|
+
const decipher = crypto.createDecipheriv('aes-256-gcm', this.encryptionKey, iv);
|
|
128
|
+
decipher.setAuthTag(tag);
|
|
129
|
+
return decipher.update(ciphertext) + decipher.final('utf-8');
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
exports.LocalBackend = LocalBackend;
|
|
133
|
+
//# sourceMappingURL=local.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"local.js","sourceRoot":"","sources":["../../src/backends/local.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAC7B,+CAAiC;AAGjC,MAAM,UAAU,GAAG,aAAa,CAAC;AACjC,MAAM,SAAS,GAAG,mBAAmB,CAAC;AAOtC;;;GAGG;AACH,MAAa,YAAY;IAKvB,YAAY,MAAgC;QAJnC,SAAI,GAAG,OAAO,CAAC;QAKtB,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,MAAM,CAAC;QACnE,IAAI,CAAC,QAAQ,GAAI,MAAM,EAAE,QAAmB,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,gBAAgB,EAAE,OAAO,CAAC,CAAC;QAE3F,iFAAiF;QACjF,MAAM,WAAW,GAAI,MAAM,EAAE,GAAc,IAAI,GAAG,IAAI,eAAe,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,SAAS,EAAE,CAAC;QACrG,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,MAAM,EAAE,CAAC;IAChF,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,UAAkB;QAC9B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QACvD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO,EAAE,CAAC;QAEzC,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;YAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YAEpC,2CAA2C;YAC3C,MAAM,OAAO,GAA2B,EAAE,CAAC;YAC3C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACjD,IAAI,GAAG,KAAK,UAAU,IAAI,GAAG,CAAC,UAAU,CAAC,UAAU,GAAG,GAAG,CAAC,EAAE,CAAC;oBAC3D,OAAO,CAAC,GAAG,CAAC,GAAG,KAAe,CAAC;gBACjC,CAAC;YACH,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW;QACf,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QACvD,MAAM,MAAM,GAAG,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QACxC,OAAO;YACL,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC7B,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,sBAAsB;SACnE,CAAC;IACJ,CAAC;IAED,6BAA6B;IAC7B,KAAK,CAAC,KAAK,CAAC,GAAW,EAAE,KAAa;QACpC,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAE9D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QACvD,IAAI,KAAK,GAA2B,EAAE,CAAC;QAEvC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;gBAC7C,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC;YAC9C,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,KAAK,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACnB,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QACtD,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAExD,kBAAkB;QAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QACrD,IAAI,IAAI,GAAc,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;QACpD,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC5B,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;QAExB,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;QAC5D,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC7E,CAAC;IAEO,OAAO,CAAC,SAAiB;QAC/B,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAC5E,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACrF,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAChC,wCAAwC;QACxC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;IAC7C,CAAC;IAEO,OAAO,CAAC,IAAY;QAC1B,MAAM,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAChC,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAClC,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAChF,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACzB,OAAO,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC/D,CAAC;CACF;AAjGD,oCAiGC"}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Pluggable secret backend interface.
|
|
3
|
+
* Each backend resolves secrets from a different source.
|
|
4
|
+
* Zero mandatory deps — backend SDKs are optional peer dependencies.
|
|
5
|
+
*/
|
|
6
|
+
export interface SecretBackend {
|
|
7
|
+
/** Backend name (e.g., "vault", "aws-sm", "env") */
|
|
8
|
+
readonly name: string;
|
|
9
|
+
/** Resolve one or more secrets by path/name. Returns key-value pairs. */
|
|
10
|
+
resolve(path: string): Promise<Record<string, string>>;
|
|
11
|
+
/** Check if the backend is available and authenticated */
|
|
12
|
+
healthCheck(): Promise<BackendHealth>;
|
|
13
|
+
}
|
|
14
|
+
export interface BackendHealth {
|
|
15
|
+
healthy: boolean;
|
|
16
|
+
latencyMs: number;
|
|
17
|
+
message?: string;
|
|
18
|
+
}
|
|
19
|
+
/** Backend configuration from secretless config file */
|
|
20
|
+
export interface BackendConfig {
|
|
21
|
+
/** Backend type */
|
|
22
|
+
type: BackendType;
|
|
23
|
+
/** Backend-specific config */
|
|
24
|
+
config?: Record<string, unknown>;
|
|
25
|
+
/** Priority (lower = preferred, default: 100) */
|
|
26
|
+
priority?: number;
|
|
27
|
+
/** Path prefix this backend handles (e.g., "vault/", "aws/") */
|
|
28
|
+
prefix?: string;
|
|
29
|
+
}
|
|
30
|
+
export type BackendType = 'env' | 'local' | 'vault' | 'aws-sm' | '1password';
|
|
31
|
+
/** Access audit entry */
|
|
32
|
+
export interface AccessAuditEntry {
|
|
33
|
+
timestamp: string;
|
|
34
|
+
backend: string;
|
|
35
|
+
path: string;
|
|
36
|
+
action: 'resolve' | 'healthCheck' | 'migrate';
|
|
37
|
+
success: boolean;
|
|
38
|
+
latencyMs: number;
|
|
39
|
+
}
|
|
40
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/backends/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B,oDAAoD;IACpD,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAEtB,yEAAyE;IACzE,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAEvD,0DAA0D;IAC1D,WAAW,IAAI,OAAO,CAAC,aAAa,CAAC,CAAC;CACvC;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wDAAwD;AACxD,MAAM,WAAW,aAAa;IAC5B,mBAAmB;IACnB,IAAI,EAAE,WAAW,CAAC;IAClB,8BAA8B;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,iDAAiD;IACjD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gEAAgE;IAChE,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,MAAM,WAAW,GAAG,KAAK,GAAG,OAAO,GAAG,OAAO,GAAG,QAAQ,GAAG,WAAW,CAAC;AAE7E,yBAAyB;AACzB,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,SAAS,GAAG,aAAa,GAAG,SAAS,CAAC;IAC9C,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/backends/types.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import type { SecretBackend, BackendHealth } from './types';
|
|
2
|
+
/**
|
|
3
|
+
* HashiCorp Vault / OpenBao backend — AppRole auth, KV v2.
|
|
4
|
+
* Zero mandatory dependencies. Uses raw HTTP.
|
|
5
|
+
*
|
|
6
|
+
* Config:
|
|
7
|
+
* addr: Vault address (default: VAULT_ADDR env or http://127.0.0.1:8200)
|
|
8
|
+
* token: Vault token (default: VAULT_TOKEN env)
|
|
9
|
+
* roleId: AppRole role ID (alternative to token)
|
|
10
|
+
* secretId: AppRole secret ID
|
|
11
|
+
* namespace: Vault namespace (enterprise)
|
|
12
|
+
* mountPath: KV v2 mount path (default: "secret")
|
|
13
|
+
*/
|
|
14
|
+
export declare class VaultBackend implements SecretBackend {
|
|
15
|
+
readonly name = "vault";
|
|
16
|
+
private readonly addr;
|
|
17
|
+
private readonly mountPath;
|
|
18
|
+
private readonly namespace;
|
|
19
|
+
private token;
|
|
20
|
+
private readonly roleId?;
|
|
21
|
+
private readonly secretId?;
|
|
22
|
+
constructor(config?: Record<string, unknown>);
|
|
23
|
+
resolve(secretPath: string): Promise<Record<string, string>>;
|
|
24
|
+
healthCheck(): Promise<BackendHealth>;
|
|
25
|
+
private ensureAuthenticated;
|
|
26
|
+
private request;
|
|
27
|
+
}
|
|
28
|
+
//# sourceMappingURL=vault.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"vault.d.ts","sourceRoot":"","sources":["../../src/backends/vault.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAE5D;;;;;;;;;;;GAWG;AACH,qBAAa,YAAa,YAAW,aAAa;IAChD,QAAQ,CAAC,IAAI,WAAW;IACxB,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAS;IAC9B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAS;gBAEvB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAStC,OAAO,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAwB5D,WAAW,IAAI,OAAO,CAAC,aAAa,CAAC;YAmB7B,mBAAmB;IAejC,OAAO,CAAC,OAAO;CAyChB"}
|
|
@@ -0,0 +1,157 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.VaultBackend = void 0;
|
|
37
|
+
const https = __importStar(require("https"));
|
|
38
|
+
const http = __importStar(require("http"));
|
|
39
|
+
/**
|
|
40
|
+
* HashiCorp Vault / OpenBao backend — AppRole auth, KV v2.
|
|
41
|
+
* Zero mandatory dependencies. Uses raw HTTP.
|
|
42
|
+
*
|
|
43
|
+
* Config:
|
|
44
|
+
* addr: Vault address (default: VAULT_ADDR env or http://127.0.0.1:8200)
|
|
45
|
+
* token: Vault token (default: VAULT_TOKEN env)
|
|
46
|
+
* roleId: AppRole role ID (alternative to token)
|
|
47
|
+
* secretId: AppRole secret ID
|
|
48
|
+
* namespace: Vault namespace (enterprise)
|
|
49
|
+
* mountPath: KV v2 mount path (default: "secret")
|
|
50
|
+
*/
|
|
51
|
+
class VaultBackend {
|
|
52
|
+
constructor(config) {
|
|
53
|
+
this.name = 'vault';
|
|
54
|
+
this.addr = config?.addr ?? process.env.VAULT_ADDR ?? 'http://127.0.0.1:8200';
|
|
55
|
+
this.token = config?.token ?? process.env.VAULT_TOKEN ?? '';
|
|
56
|
+
this.mountPath = config?.mountPath ?? 'secret';
|
|
57
|
+
this.namespace = config?.namespace ?? process.env.VAULT_NAMESPACE ?? '';
|
|
58
|
+
this.roleId = config?.roleId;
|
|
59
|
+
this.secretId = config?.secretId;
|
|
60
|
+
}
|
|
61
|
+
async resolve(secretPath) {
|
|
62
|
+
await this.ensureAuthenticated();
|
|
63
|
+
// KV v2 read: GET /v1/{mount}/data/{path}
|
|
64
|
+
const apiPath = `/v1/${this.mountPath}/data/${secretPath}`;
|
|
65
|
+
try {
|
|
66
|
+
const response = await this.request('GET', apiPath);
|
|
67
|
+
const data = JSON.parse(response);
|
|
68
|
+
if (data?.data?.data) {
|
|
69
|
+
// KV v2 wraps data in data.data
|
|
70
|
+
const result = {};
|
|
71
|
+
for (const [key, value] of Object.entries(data.data.data)) {
|
|
72
|
+
result[key] = String(value);
|
|
73
|
+
}
|
|
74
|
+
return result;
|
|
75
|
+
}
|
|
76
|
+
return {};
|
|
77
|
+
}
|
|
78
|
+
catch {
|
|
79
|
+
return {};
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
async healthCheck() {
|
|
83
|
+
const start = Date.now();
|
|
84
|
+
try {
|
|
85
|
+
const response = await this.request('GET', '/v1/sys/health');
|
|
86
|
+
const data = JSON.parse(response);
|
|
87
|
+
return {
|
|
88
|
+
healthy: data.sealed === false,
|
|
89
|
+
latencyMs: Date.now() - start,
|
|
90
|
+
message: data.sealed ? 'Vault is sealed' : `Vault ${data.version} (${data.cluster_name ?? 'standalone'})`,
|
|
91
|
+
};
|
|
92
|
+
}
|
|
93
|
+
catch (err) {
|
|
94
|
+
return {
|
|
95
|
+
healthy: false,
|
|
96
|
+
latencyMs: Date.now() - start,
|
|
97
|
+
message: `Cannot reach Vault at ${this.addr}: ${err instanceof Error ? err.message : String(err)}`,
|
|
98
|
+
};
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
async ensureAuthenticated() {
|
|
102
|
+
if (this.token)
|
|
103
|
+
return;
|
|
104
|
+
// Try AppRole auth
|
|
105
|
+
if (this.roleId && this.secretId) {
|
|
106
|
+
const body = JSON.stringify({ role_id: this.roleId, secret_id: this.secretId });
|
|
107
|
+
const response = await this.request('POST', '/v1/auth/approle/login', body);
|
|
108
|
+
const data = JSON.parse(response);
|
|
109
|
+
this.token = data?.auth?.client_token ?? '';
|
|
110
|
+
return;
|
|
111
|
+
}
|
|
112
|
+
throw new Error('No Vault authentication configured. Set VAULT_TOKEN or provide roleId/secretId.');
|
|
113
|
+
}
|
|
114
|
+
request(method, apiPath, body) {
|
|
115
|
+
return new Promise((resolve, reject) => {
|
|
116
|
+
const url = new URL(apiPath, this.addr);
|
|
117
|
+
const isHttps = url.protocol === 'https:';
|
|
118
|
+
const mod = isHttps ? https : http;
|
|
119
|
+
const headers = {};
|
|
120
|
+
if (this.token)
|
|
121
|
+
headers['X-Vault-Token'] = this.token;
|
|
122
|
+
if (this.namespace)
|
|
123
|
+
headers['X-Vault-Namespace'] = this.namespace;
|
|
124
|
+
if (body) {
|
|
125
|
+
headers['Content-Type'] = 'application/json';
|
|
126
|
+
headers['Content-Length'] = String(Buffer.byteLength(body));
|
|
127
|
+
}
|
|
128
|
+
const options = {
|
|
129
|
+
hostname: url.hostname,
|
|
130
|
+
port: url.port || (isHttps ? 443 : 8200),
|
|
131
|
+
path: url.pathname,
|
|
132
|
+
method,
|
|
133
|
+
headers,
|
|
134
|
+
timeout: 10000,
|
|
135
|
+
};
|
|
136
|
+
const req = mod.request(options, (res) => {
|
|
137
|
+
let data = '';
|
|
138
|
+
res.on('data', (chunk) => { data += chunk; });
|
|
139
|
+
res.on('end', () => {
|
|
140
|
+
if (res.statusCode && res.statusCode >= 400) {
|
|
141
|
+
reject(new Error(`Vault ${res.statusCode}: ${data.slice(0, 200)}`));
|
|
142
|
+
}
|
|
143
|
+
else {
|
|
144
|
+
resolve(data);
|
|
145
|
+
}
|
|
146
|
+
});
|
|
147
|
+
});
|
|
148
|
+
req.on('error', reject);
|
|
149
|
+
req.on('timeout', () => { req.destroy(); reject(new Error('Vault request timeout')); });
|
|
150
|
+
if (body)
|
|
151
|
+
req.write(body);
|
|
152
|
+
req.end();
|
|
153
|
+
});
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
exports.VaultBackend = VaultBackend;
|
|
157
|
+
//# sourceMappingURL=vault.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"vault.js","sourceRoot":"","sources":["../../src/backends/vault.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6CAA+B;AAC/B,2CAA6B;AAG7B;;;;;;;;;;;GAWG;AACH,MAAa,YAAY;IASvB,YAAY,MAAgC;QARnC,SAAI,GAAG,OAAO,CAAC;QAStB,IAAI,CAAC,IAAI,GAAI,MAAM,EAAE,IAAe,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,uBAAuB,CAAC;QAC1F,IAAI,CAAC,KAAK,GAAI,MAAM,EAAE,KAAgB,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;QACxE,IAAI,CAAC,SAAS,GAAI,MAAM,EAAE,SAAoB,IAAI,QAAQ,CAAC;QAC3D,IAAI,CAAC,SAAS,GAAI,MAAM,EAAE,SAAoB,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC;QACpF,IAAI,CAAC,MAAM,GAAG,MAAM,EAAE,MAAgB,CAAC;QACvC,IAAI,CAAC,QAAQ,GAAG,MAAM,EAAE,QAAkB,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,UAAkB;QAC9B,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAEjC,0CAA0C;QAC1C,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,SAAS,SAAS,UAAU,EAAE,CAAC;QAE3D,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;YACpD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAElC,IAAI,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBACrB,gCAAgC;gBAChC,MAAM,MAAM,GAA2B,EAAE,CAAC;gBAC1C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1D,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC9B,CAAC;gBACD,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,OAAO,EAAE,CAAC;QACZ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW;QACf,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAC;YAC7D,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAClC,OAAO;gBACL,OAAO,EAAE,IAAI,CAAC,MAAM,KAAK,KAAK;gBAC9B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;gBAC7B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,OAAO,KAAK,IAAI,CAAC,YAAY,IAAI,YAAY,GAAG;aAC1G,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;gBAC7B,OAAO,EAAE,yBAAyB,IAAI,CAAC,IAAI,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;aACnG,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,mBAAmB;QAC/B,IAAI,IAAI,CAAC,KAAK;YAAE,OAAO;QAEvB,mBAAmB;QACnB,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;YAChF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,wBAAwB,EAAE,IAAI,CAAC,CAAC;YAC5E,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAClC,IAAI,CAAC,KAAK,GAAG,IAAI,EAAE,IAAI,EAAE,YAAY,IAAI,EAAE,CAAC;YAC5C,OAAO;QACT,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,iFAAiF,CAAC,CAAC;IACrG,CAAC;IAEO,OAAO,CAAC,MAAc,EAAE,OAAe,EAAE,IAAa;QAC5D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YACxC,MAAM,OAAO,GAAG,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC;YAC1C,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;YAEnC,MAAM,OAAO,GAA2B,EAAE,CAAC;YAC3C,IAAI,IAAI,CAAC,KAAK;gBAAE,OAAO,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC;YACtD,IAAI,IAAI,CAAC,SAAS;gBAAE,OAAO,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;YAClE,IAAI,IAAI,EAAE,CAAC;gBACT,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;gBAC7C,OAAO,CAAC,gBAAgB,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;YAC9D,CAAC;YAED,MAAM,OAAO,GAAG;gBACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,IAAI,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;gBACxC,IAAI,EAAE,GAAG,CAAC,QAAQ;gBAClB,MAAM;gBACN,OAAO;gBACP,OAAO,EAAE,KAAK;aACf,CAAC;YAEF,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBACvC,IAAI,IAAI,GAAG,EAAE,CAAC;gBACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,GAAG,IAAI,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC9C,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;oBACjB,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,EAAE,CAAC;wBAC5C,MAAM,CAAC,IAAI,KAAK,CAAC,SAAS,GAAG,CAAC,UAAU,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;oBACtE,CAAC;yBAAM,CAAC;wBACN,OAAO,CAAC,IAAI,CAAC,CAAC;oBAChB,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACxB,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACxF,IAAI,IAAI;gBAAE,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAC1B,GAAG,CAAC,GAAG,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AArHD,oCAqHC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ export { scan, type ScanFinding, type ScanOptions } from './scan';
|
|
|
3
3
|
export { status, type StatusResult } from './status';
|
|
4
4
|
export { verify, type VerifyResult } from './verify';
|
|
5
5
|
export { detectAITools, toolDisplayName, type AITool } from './detect';
|
|
6
|
-
export { CREDENTIAL_PATTERNS, SECRET_FILE_PATTERNS, CONFIG_FILES, type CredentialPattern } from './patterns';
|
|
6
|
+
export { CREDENTIAL_PATTERNS, SECRET_FILE_PATTERNS, CONFIG_FILES, CREDENTIAL_PREFIX_QUICK_CHECK, type CredentialPattern } from './patterns';
|
|
7
7
|
export { cleanTranscripts, discoverTranscripts, type CleanResult, type CleanOptions, type TranscriptFinding } from './transcript';
|
|
8
8
|
export { startWatch, stopWatch, isWatchRunning } from './watch';
|
|
9
9
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAC9B,OAAO,EAAE,IAAI,EAAE,KAAK,WAAW,EAAE,KAAK,WAAW,EAAE,MAAM,QAAQ,CAAC;AAClE,OAAO,EAAE,MAAM,EAAE,KAAK,YAAY,EAAE,MAAM,UAAU,CAAC;AACrD,OAAO,EAAE,MAAM,EAAE,KAAK,YAAY,EAAE,MAAM,UAAU,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,KAAK,MAAM,EAAE,MAAM,UAAU,CAAC;AACvE,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,YAAY,EAAE,KAAK,iBAAiB,EAAE,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAC9B,OAAO,EAAE,IAAI,EAAE,KAAK,WAAW,EAAE,KAAK,WAAW,EAAE,MAAM,QAAQ,CAAC;AAClE,OAAO,EAAE,MAAM,EAAE,KAAK,YAAY,EAAE,MAAM,UAAU,CAAC;AACrD,OAAO,EAAE,MAAM,EAAE,KAAK,YAAY,EAAE,MAAM,UAAU,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,KAAK,MAAM,EAAE,MAAM,UAAU,CAAC;AACvE,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,YAAY,EAAE,6BAA6B,EAAE,KAAK,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAC5I,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,KAAK,WAAW,EAAE,KAAK,YAAY,EAAE,KAAK,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAClI,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.isWatchRunning = exports.stopWatch = exports.startWatch = exports.discoverTranscripts = exports.cleanTranscripts = exports.CONFIG_FILES = exports.SECRET_FILE_PATTERNS = exports.CREDENTIAL_PATTERNS = exports.toolDisplayName = exports.detectAITools = exports.verify = exports.status = exports.scan = exports.init = void 0;
|
|
3
|
+
exports.isWatchRunning = exports.stopWatch = exports.startWatch = exports.discoverTranscripts = exports.cleanTranscripts = exports.CREDENTIAL_PREFIX_QUICK_CHECK = exports.CONFIG_FILES = exports.SECRET_FILE_PATTERNS = exports.CREDENTIAL_PATTERNS = exports.toolDisplayName = exports.detectAITools = exports.verify = exports.status = exports.scan = exports.init = void 0;
|
|
4
4
|
var init_1 = require("./init");
|
|
5
5
|
Object.defineProperty(exports, "init", { enumerable: true, get: function () { return init_1.init; } });
|
|
6
6
|
var scan_1 = require("./scan");
|
|
@@ -16,6 +16,7 @@ var patterns_1 = require("./patterns");
|
|
|
16
16
|
Object.defineProperty(exports, "CREDENTIAL_PATTERNS", { enumerable: true, get: function () { return patterns_1.CREDENTIAL_PATTERNS; } });
|
|
17
17
|
Object.defineProperty(exports, "SECRET_FILE_PATTERNS", { enumerable: true, get: function () { return patterns_1.SECRET_FILE_PATTERNS; } });
|
|
18
18
|
Object.defineProperty(exports, "CONFIG_FILES", { enumerable: true, get: function () { return patterns_1.CONFIG_FILES; } });
|
|
19
|
+
Object.defineProperty(exports, "CREDENTIAL_PREFIX_QUICK_CHECK", { enumerable: true, get: function () { return patterns_1.CREDENTIAL_PREFIX_QUICK_CHECK; } });
|
|
19
20
|
var transcript_1 = require("./transcript");
|
|
20
21
|
Object.defineProperty(exports, "cleanTranscripts", { enumerable: true, get: function () { return transcript_1.cleanTranscripts; } });
|
|
21
22
|
Object.defineProperty(exports, "discoverTranscripts", { enumerable: true, get: function () { return transcript_1.discoverTranscripts; } });
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,+BAA8B;AAArB,4FAAA,IAAI,OAAA;AACb,+BAAkE;AAAzD,4FAAA,IAAI,OAAA;AACb,mCAAqD;AAA5C,gGAAA,MAAM,OAAA;AACf,mCAAqD;AAA5C,gGAAA,MAAM,OAAA;AACf,mCAAuE;AAA9D,uGAAA,aAAa,OAAA;AAAE,yGAAA,eAAe,OAAA;AACvC,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,+BAA8B;AAArB,4FAAA,IAAI,OAAA;AACb,+BAAkE;AAAzD,4FAAA,IAAI,OAAA;AACb,mCAAqD;AAA5C,gGAAA,MAAM,OAAA;AACf,mCAAqD;AAA5C,gGAAA,MAAM,OAAA;AACf,mCAAuE;AAA9D,uGAAA,aAAa,OAAA;AAAE,yGAAA,eAAe,OAAA;AACvC,uCAA4I;AAAnI,+GAAA,mBAAmB,OAAA;AAAE,gHAAA,oBAAoB,OAAA;AAAE,wGAAA,YAAY,OAAA;AAAE,yHAAA,6BAA6B,OAAA;AAC/F,2CAAkI;AAAzH,8GAAA,gBAAgB,OAAA;AAAE,iHAAA,mBAAmB,OAAA;AAC9C,iCAAgE;AAAvD,mGAAA,UAAU,OAAA;AAAE,kGAAA,SAAS,OAAA;AAAE,uGAAA,cAAc,OAAA"}
|
package/dist/init.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EAAkC,KAAK,MAAM,EAAE,MAAM,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EAAkC,KAAK,MAAM,EAAE,MAAM,UAAU,CAAC;AA4CvE,UAAU,UAAU;IAClB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,wBAAgB,IAAI,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,CAoDnD"}
|
package/dist/init.js
CHANGED
|
@@ -44,6 +44,7 @@ const detect_1 = require("./detect");
|
|
|
44
44
|
const patterns_1 = require("./patterns");
|
|
45
45
|
/** Known API services with their auth header formats */
|
|
46
46
|
const SERVICE_HINTS = {
|
|
47
|
+
// Existing services
|
|
47
48
|
ANTHROPIC_API_KEY: { service: 'Anthropic Messages API', authHeader: 'x-api-key: $ANTHROPIC_API_KEY' },
|
|
48
49
|
OPENAI_API_KEY: { service: 'OpenAI API', authHeader: 'Authorization: Bearer $OPENAI_API_KEY' },
|
|
49
50
|
GAMMA_API_KEY: { service: 'Gamma API', authHeader: 'X-API-KEY: $GAMMA_API_KEY' },
|
|
@@ -55,6 +56,31 @@ const SERVICE_HINTS = {
|
|
|
55
56
|
SENDGRID_API_KEY: { service: 'SendGrid API', authHeader: 'Authorization: Bearer $SENDGRID_API_KEY' },
|
|
56
57
|
SUPABASE_SERVICE_ROLE_KEY: { service: 'Supabase', authHeader: 'apikey: $SUPABASE_SERVICE_ROLE_KEY' },
|
|
57
58
|
AZURE_API_KEY: { service: 'Azure', authHeader: 'api-key: $AZURE_API_KEY' },
|
|
59
|
+
// AI/ML
|
|
60
|
+
GROQ_API_KEY: { service: 'Groq API', authHeader: 'Authorization: Bearer $GROQ_API_KEY' },
|
|
61
|
+
OPENROUTER_API_KEY: { service: 'OpenRouter API', authHeader: 'Authorization: Bearer $OPENROUTER_API_KEY' },
|
|
62
|
+
REPLICATE_API_TOKEN: { service: 'Replicate API', authHeader: 'Authorization: Token $REPLICATE_API_TOKEN' },
|
|
63
|
+
HUGGING_FACE_HUB_TOKEN: { service: 'Hugging Face', authHeader: 'Authorization: Bearer $HUGGING_FACE_HUB_TOKEN' },
|
|
64
|
+
PERPLEXITY_API_KEY: { service: 'Perplexity API', authHeader: 'Authorization: Bearer $PERPLEXITY_API_KEY' },
|
|
65
|
+
FIREWORKS_API_KEY: { service: 'Fireworks AI', authHeader: 'Authorization: Bearer $FIREWORKS_API_KEY' },
|
|
66
|
+
// Developer platforms
|
|
67
|
+
GITLAB_TOKEN: { service: 'GitLab API', authHeader: 'PRIVATE-TOKEN: $GITLAB_TOKEN' },
|
|
68
|
+
NPM_TOKEN: { service: 'npm Registry', authHeader: '//registry.npmjs.org/:_authToken=$NPM_TOKEN' },
|
|
69
|
+
// Cloud providers
|
|
70
|
+
DIGITALOCEAN_TOKEN: { service: 'DigitalOcean API', authHeader: 'Authorization: Bearer $DIGITALOCEAN_TOKEN' },
|
|
71
|
+
HEROKU_API_KEY: { service: 'Heroku API', authHeader: 'Authorization: Bearer $HEROKU_API_KEY' },
|
|
72
|
+
NETLIFY_AUTH_TOKEN: { service: 'Netlify API', authHeader: 'Authorization: Bearer $NETLIFY_AUTH_TOKEN' },
|
|
73
|
+
FLY_API_TOKEN: { service: 'Fly.io API', authHeader: 'Authorization: Bearer $FLY_API_TOKEN' },
|
|
74
|
+
// Monitoring
|
|
75
|
+
SENTRY_AUTH_TOKEN: { service: 'Sentry API', authHeader: 'Authorization: Bearer $SENTRY_AUTH_TOKEN' },
|
|
76
|
+
NEW_RELIC_API_KEY: { service: 'New Relic API', authHeader: 'API-Key: $NEW_RELIC_API_KEY' },
|
|
77
|
+
LINEAR_API_KEY: { service: 'Linear API', authHeader: 'Authorization: $LINEAR_API_KEY' },
|
|
78
|
+
// Communication
|
|
79
|
+
TELEGRAM_BOT_TOKEN: { service: 'Telegram Bot API', authHeader: 'URL path: /bot$TELEGRAM_BOT_TOKEN/' },
|
|
80
|
+
TWILIO_API_KEY: { service: 'Twilio API', authHeader: 'Basic auth with $TWILIO_API_KEY:$TWILIO_API_SECRET' },
|
|
81
|
+
// Database
|
|
82
|
+
MONGODB_URI: { service: 'MongoDB', authHeader: '(connection string)' },
|
|
83
|
+
DATABASE_URL: { service: 'Database', authHeader: '(connection string)' },
|
|
58
84
|
};
|
|
59
85
|
/**
|
|
60
86
|
* Initialize Secretless protections for the project.
|
package/dist/init.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkCH,oBAoDC;AApFD,uCAAyB;AACzB,2CAA6B;AAC7B,qCAAuE;AACvE,yCAAqF;AAErF,wDAAwD;AACxD,MAAM,aAAa,GAA4D;IAC7E,iBAAiB,EAAE,EAAE,OAAO,EAAE,wBAAwB,EAAE,UAAU,EAAE,+BAA+B,EAAE;IACrG,cAAc,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,uCAAuC,EAAE;IAC9F,aAAa,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,2BAA2B,EAAE;IAChF,iBAAiB,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,gCAAgC,EAAE;IACnF,YAAY,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,qCAAqC,EAAE;IAC1F,WAAW,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,oCAAoC,EAAE;IACvF,cAAc,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,mCAAmC,EAAE;IAC1F,iBAAiB,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,0CAA0C,EAAE;IACpG,gBAAgB,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,yCAAyC,EAAE;IACpG,yBAAyB,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,oCAAoC,EAAE;IACpG,aAAa,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,yBAAyB,EAAE;CAC3E,CAAC;AAUF;;;GAGG;AACH,SAAgB,IAAI,CAAC,UAAkB;IACrC,MAAM,MAAM,GAAe;QACzB,aAAa,EAAE,EAAE;QACjB,eAAe,EAAE,EAAE;QACnB,YAAY,EAAE,EAAE;QAChB,aAAa,EAAE,EAAE;QACjB,YAAY,EAAE,CAAC;KAChB,CAAC;IAEF,kBAAkB;IAClB,MAAM,QAAQ,GAAG,IAAA,sBAAa,EAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,CAAC,aAAa,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAEjD,2EAA2E;IAC3E,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,IAAI,EAAE,aAAa;YACnB,SAAS,EAAE,SAAS;YACpB,YAAY,EAAE,uBAAuB;YACrC,cAAc,EAAE,IAAI;SACrB,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,MAAM,CAAC,YAAY,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IAE5C,+BAA+B;IAC/B,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;YAClB,KAAK,aAAa;gBAChB,mBAAmB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACxC,MAAM;YACR,KAAK,QAAQ;gBACX,eAAe,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACpC,MAAM;YACR,KAAK,SAAS;gBACZ,gBAAgB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACrC,MAAM;YACR,KAAK,UAAU;gBACb,iBAAiB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACtC,MAAM;YACR,KAAK,OAAO;gBACV,cAAc,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACnC,MAAM;YACR,KAAK,OAAO;gBACV,cAAc,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACnC,MAAM;QACV,CAAC;QACD,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAE/E,SAAS,mBAAmB,CAAC,UAAkB,EAAE,MAAkB;IACjE,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAE/C,2BAA2B;IAC3B,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE5C,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;IAC5D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,wBAAwB,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACxE,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;IAChE,CAAC;IAED,0DAA0D;IAC1D,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAG,YAAY,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAElD,mBAAmB;IACnB,IAAI,CAAC,QAAQ,CAAC,KAAK;QAAE,QAAQ,CAAC,KAAK,GAAG,EAAE,CAAC;IACzC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,UAAU;QAAE,QAAQ,CAAC,KAAK,CAAC,UAAU,GAAG,EAAE,CAAC;IAE/D,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAC/C,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,EAAO,EAAE,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,kBAAkB,CAAC,CAAC,CACjF,CAAC;IAEF,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC;YAC7B,OAAO,EAAE,gCAAgC;YACzC,KAAK,EAAE,CAAC;oBACN,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,yDAAyD;iBACnE,CAAC;SACH,CAAC,CAAC;QACH,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;IACrD,CAAC;IAED,4DAA4D;IAC5D,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI;QAAE,QAAQ,CAAC,KAAK,CAAC,IAAI,GAAG,EAAE,CAAC;IAEnD,MAAM,iBAAiB,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAChD,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,EAAO,EAAE,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC,CAC9E,CAAC;IAEF,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;YACvB,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC;oBACN,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,oDAAoD;iBAC9D,CAAC;SACH,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,IAAI,CAAC,QAAQ,CAAC,WAAW;QAAE,QAAQ,CAAC,WAAW,GAAG,EAAE,CAAC;IACrD,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI;QAAE,QAAQ,CAAC,WAAW,CAAC,IAAI,GAAG,EAAE,CAAC;IAE/D,MAAM,SAAS,GAAG;QAChB,aAAa;QACb,aAAa;QACb,aAAa;QACb,aAAa;QACb,aAAa;QACb,iBAAiB;QACjB,gBAAgB;QAChB,wBAAwB;QACxB,cAAc;QACd,iBAAiB;QACjB,iBAAiB;QACjB,sBAAsB;QACtB,wBAAwB;QACxB,uBAAuB;KACxB,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9C,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED,aAAa,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IAEtC,8CAA8C;IAC9C,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;IACxD,yBAAyB,CAAC,YAAY,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;AACjE,CAAC;AAED,+EAA+E;AAC/E,uBAAuB;AACvB,+EAA+E;AAE/E,SAAS,eAAe,CAAC,UAAkB,EAAE,MAAkB;IAC7D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;IACxD,yBAAyB,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;AACzD,CAAC;AAED,+EAA+E;AAC/E,+BAA+B;AAC/B,+EAA+E;AAE/E,SAAS,gBAAgB,CAAC,UAAkB,EAAE,MAAkB;IAC9D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IACnD,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE7C,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,yBAAyB,CAAC,CAAC;IACzE,yBAAyB,CAAC,gBAAgB,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;AACjE,CAAC;AAED,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E,SAAS,iBAAiB,CAAC,UAAkB,EAAE,MAAkB;IAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC;IAC1D,yBAAyB,CAAC,SAAS,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;AAC3D,CAAC;AAED,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E,SAAS,cAAc,CAAC,UAAkB,EAAE,MAAkB;IAC5D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IACvD,yBAAyB,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AACxD,CAAC;AAED,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E,SAAS,cAAc,CAAC,UAAkB,EAAE,MAAkB;IAC5D,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEvF,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QACvC,MAAM,cAAc,GAAG;YACrB,EAAE;YACF,8CAA8C;YAC9C,MAAM;YACN,QAAQ;YACR,OAAO;YACP,OAAO;YACP,OAAO;YACP,OAAO;YACP,WAAW;YACX,UAAU;YACV,OAAO;YACP,OAAO;YACP,UAAU;YACV,cAAc;SACf,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEb,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,QAAQ,GAAG,cAAc,GAAG,IAAI,CAAC,CAAC;QAC/D,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC5C,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;AACH,CAAC;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E,MAAM,iBAAiB,GAAG,6BAA6B,CAAC;AAExD,SAAS,2BAA2B;IAClC,yCAAyC;IACzC,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,CAAC;QAChD,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3D,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,GAAG,EAAE,CAAC;IAClB,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,GAAG,uGAAuG,CAAC;QACnH,QAAQ,IAAI,4EAA4E,CAAC;QACzF,KAAK,MAAM,MAAM,IAAI,aAAa,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;YACnC,QAAQ,IAAI,QAAQ,MAAM,QAAQ,IAAI,CAAC,OAAO,QAAQ,IAAI,CAAC,UAAU,QAAQ,CAAC;QAChF,CAAC;IACH,CAAC;IAED,OAAO;EACP,iBAAiB;;;;EAIjB,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;CAwBT,CAAC;AACF,CAAC;AAED,SAAS,yBAAyB,CAAC,QAAgB,EAAE,IAAY,EAAE,MAAkB;IACnF,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEnF,IAAI,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,qBAAqB;IAC/B,CAAC;IAED,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,GAAG,2BAA2B,EAAE,CAAC,CAAC;IACrE,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC;IACpE,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC;IACnE,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB;IAC/B,0CAA0C;IAC1C,MAAM,YAAY,GAAG;QACnB,MAAM,EAAE,YAAY,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,cAAc;QAC3E,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;QACtC,aAAa,EAAE,kBAAkB,EAAE,OAAO;QAC1C,qBAAqB,EAAE,kBAAkB;QACzC,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,SAAS;QACrB,UAAU,EAAE,yBAAyB;KACtC,CAAC;IAEF,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA0CP,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;QACnB,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1C,6BAA6B;YAC7B,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACpB,OAAO,WAAW,CAAC,uCAAuC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC;YACxH,CAAC;YACD,OAAO,WAAW,CAAC,yBAAyB,CAAC,0CAA0C,CAAC,8BAA8B,CAAC,OAAO,CAAC;QACjI,CAAC;QACD,sBAAsB;QACtB,OAAO,WAAW,CAAC,uCAAuC,CAAC,8BAA8B,CAAC,OAAO,CAAC;IACpG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;;;;;;;;CAQd,CAAC;AACF,CAAC;AAED,SAAS,SAAS,CAAC,UAAkB;IACnC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,UAAU,IAAI,uBAAY,EAAE,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,SAAS;QAEvC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACnC,IAAI,IAAI,CAAC,IAAI,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI;gBAAE,SAAS,CAAC,oBAAoB;YAEhE,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACnD,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,IAAI,IAAI,CAAC,MAAM,GAAG,IAAI;oBAAE,SAAS,CAAC,mBAAmB;gBACrD,KAAK,MAAM,OAAO,IAAI,8BAAmB,EAAE,CAAC;oBAC1C,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC7B,KAAK,EAAE,CAAC;wBACR,MAAM,CAAC,uBAAuB;oBAChC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CAAC,QAAgB;IACpC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1C,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB,EAAE,IAAS;IAChD,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AACnE,CAAC"}
|
|
1
|
+
{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4DH,oBAoDC;AA9GD,uCAAyB;AACzB,2CAA6B;AAC7B,qCAAuE;AACvE,yCAAqF;AAErF,wDAAwD;AACxD,MAAM,aAAa,GAA4D;IAC7E,oBAAoB;IACpB,iBAAiB,EAAE,EAAE,OAAO,EAAE,wBAAwB,EAAE,UAAU,EAAE,+BAA+B,EAAE;IACrG,cAAc,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,uCAAuC,EAAE;IAC9F,aAAa,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,2BAA2B,EAAE;IAChF,iBAAiB,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,gCAAgC,EAAE;IACnF,YAAY,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,qCAAqC,EAAE;IAC1F,WAAW,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,oCAAoC,EAAE;IACvF,cAAc,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,mCAAmC,EAAE;IAC1F,iBAAiB,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,0CAA0C,EAAE;IACpG,gBAAgB,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,yCAAyC,EAAE;IACpG,yBAAyB,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,oCAAoC,EAAE;IACpG,aAAa,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,yBAAyB,EAAE;IAC1E,QAAQ;IACR,YAAY,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,qCAAqC,EAAE;IACxF,kBAAkB,EAAE,EAAE,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,2CAA2C,EAAE;IAC1G,mBAAmB,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,2CAA2C,EAAE;IAC1G,sBAAsB,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,+CAA+C,EAAE;IAChH,kBAAkB,EAAE,EAAE,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,2CAA2C,EAAE;IAC1G,iBAAiB,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,0CAA0C,EAAE;IACtG,sBAAsB;IACtB,YAAY,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,8BAA8B,EAAE;IACnF,SAAS,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,6CAA6C,EAAE;IACjG,kBAAkB;IAClB,kBAAkB,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE,UAAU,EAAE,2CAA2C,EAAE;IAC5G,cAAc,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,uCAAuC,EAAE;IAC9F,kBAAkB,EAAE,EAAE,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,2CAA2C,EAAE;IACvG,aAAa,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,sCAAsC,EAAE;IAC5F,aAAa;IACb,iBAAiB,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,0CAA0C,EAAE;IACpG,iBAAiB,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,6BAA6B,EAAE;IAC1F,cAAc,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,gCAAgC,EAAE;IACvF,gBAAgB;IAChB,kBAAkB,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE,UAAU,EAAE,oCAAoC,EAAE;IACrG,cAAc,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,oDAAoD,EAAE;IAC3G,WAAW;IACX,WAAW,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,qBAAqB,EAAE;IACtE,YAAY,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,qBAAqB,EAAE;CACzE,CAAC;AAUF;;;GAGG;AACH,SAAgB,IAAI,CAAC,UAAkB;IACrC,MAAM,MAAM,GAAe;QACzB,aAAa,EAAE,EAAE;QACjB,eAAe,EAAE,EAAE;QACnB,YAAY,EAAE,EAAE;QAChB,aAAa,EAAE,EAAE;QACjB,YAAY,EAAE,CAAC;KAChB,CAAC;IAEF,kBAAkB;IAClB,MAAM,QAAQ,GAAG,IAAA,sBAAa,EAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,CAAC,aAAa,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAEjD,2EAA2E;IAC3E,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,IAAI,EAAE,aAAa;YACnB,SAAS,EAAE,SAAS;YACpB,YAAY,EAAE,uBAAuB;YACrC,cAAc,EAAE,IAAI;SACrB,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,MAAM,CAAC,YAAY,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IAE5C,+BAA+B;IAC/B,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;YAClB,KAAK,aAAa;gBAChB,mBAAmB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACxC,MAAM;YACR,KAAK,QAAQ;gBACX,eAAe,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACpC,MAAM;YACR,KAAK,SAAS;gBACZ,gBAAgB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACrC,MAAM;YACR,KAAK,UAAU;gBACb,iBAAiB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACtC,MAAM;YACR,KAAK,OAAO;gBACV,cAAc,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACnC,MAAM;YACR,KAAK,OAAO;gBACV,cAAc,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACnC,MAAM;QACV,CAAC;QACD,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAE/E,SAAS,mBAAmB,CAAC,UAAkB,EAAE,MAAkB;IACjE,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAE/C,2BAA2B;IAC3B,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE5C,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;IAC5D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,wBAAwB,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACxE,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;IAChE,CAAC;IAED,0DAA0D;IAC1D,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAG,YAAY,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAElD,mBAAmB;IACnB,IAAI,CAAC,QAAQ,CAAC,KAAK;QAAE,QAAQ,CAAC,KAAK,GAAG,EAAE,CAAC;IACzC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,UAAU;QAAE,QAAQ,CAAC,KAAK,CAAC,UAAU,GAAG,EAAE,CAAC;IAE/D,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAC/C,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,EAAO,EAAE,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,kBAAkB,CAAC,CAAC,CACjF,CAAC;IAEF,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC;YAC7B,OAAO,EAAE,gCAAgC;YACzC,KAAK,EAAE,CAAC;oBACN,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,yDAAyD;iBACnE,CAAC;SACH,CAAC,CAAC;QACH,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;IACrD,CAAC;IAED,4DAA4D;IAC5D,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI;QAAE,QAAQ,CAAC,KAAK,CAAC,IAAI,GAAG,EAAE,CAAC;IAEnD,MAAM,iBAAiB,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAChD,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,EAAO,EAAE,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC,CAC9E,CAAC;IAEF,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;YACvB,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC;oBACN,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,oDAAoD;iBAC9D,CAAC;SACH,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,IAAI,CAAC,QAAQ,CAAC,WAAW;QAAE,QAAQ,CAAC,WAAW,GAAG,EAAE,CAAC;IACrD,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI;QAAE,QAAQ,CAAC,WAAW,CAAC,IAAI,GAAG,EAAE,CAAC;IAE/D,MAAM,SAAS,GAAG;QAChB,aAAa;QACb,aAAa;QACb,aAAa;QACb,aAAa;QACb,aAAa;QACb,iBAAiB;QACjB,gBAAgB;QAChB,wBAAwB;QACxB,cAAc;QACd,iBAAiB;QACjB,iBAAiB;QACjB,sBAAsB;QACtB,wBAAwB;QACxB,uBAAuB;KACxB,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9C,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED,aAAa,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IAEtC,8CAA8C;IAC9C,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;IACxD,yBAAyB,CAAC,YAAY,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;AACjE,CAAC;AAED,+EAA+E;AAC/E,uBAAuB;AACvB,+EAA+E;AAE/E,SAAS,eAAe,CAAC,UAAkB,EAAE,MAAkB;IAC7D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;IACxD,yBAAyB,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;AACzD,CAAC;AAED,+EAA+E;AAC/E,+BAA+B;AAC/B,+EAA+E;AAE/E,SAAS,gBAAgB,CAAC,UAAkB,EAAE,MAAkB;IAC9D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IACnD,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE7C,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,yBAAyB,CAAC,CAAC;IACzE,yBAAyB,CAAC,gBAAgB,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;AACjE,CAAC;AAED,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E,SAAS,iBAAiB,CAAC,UAAkB,EAAE,MAAkB;IAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC;IAC1D,yBAAyB,CAAC,SAAS,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;AAC3D,CAAC;AAED,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E,SAAS,cAAc,CAAC,UAAkB,EAAE,MAAkB;IAC5D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IACvD,yBAAyB,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AACxD,CAAC;AAED,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E,SAAS,cAAc,CAAC,UAAkB,EAAE,MAAkB;IAC5D,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEvF,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QACvC,MAAM,cAAc,GAAG;YACrB,EAAE;YACF,8CAA8C;YAC9C,MAAM;YACN,QAAQ;YACR,OAAO;YACP,OAAO;YACP,OAAO;YACP,OAAO;YACP,WAAW;YACX,UAAU;YACV,OAAO;YACP,OAAO;YACP,UAAU;YACV,cAAc;SACf,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEb,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,QAAQ,GAAG,cAAc,GAAG,IAAI,CAAC,CAAC;QAC/D,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC5C,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;AACH,CAAC;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E,MAAM,iBAAiB,GAAG,6BAA6B,CAAC;AAExD,SAAS,2BAA2B;IAClC,yCAAyC;IACzC,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,CAAC;QAChD,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3D,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,GAAG,EAAE,CAAC;IAClB,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,GAAG,uGAAuG,CAAC;QACnH,QAAQ,IAAI,4EAA4E,CAAC;QACzF,KAAK,MAAM,MAAM,IAAI,aAAa,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;YACnC,QAAQ,IAAI,QAAQ,MAAM,QAAQ,IAAI,CAAC,OAAO,QAAQ,IAAI,CAAC,UAAU,QAAQ,CAAC;QAChF,CAAC;IACH,CAAC;IAED,OAAO;EACP,iBAAiB;;;;EAIjB,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;CAwBT,CAAC;AACF,CAAC;AAED,SAAS,yBAAyB,CAAC,QAAgB,EAAE,IAAY,EAAE,MAAkB;IACnF,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEnF,IAAI,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,qBAAqB;IAC/B,CAAC;IAED,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,GAAG,2BAA2B,EAAE,CAAC,CAAC;IACrE,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC;IACpE,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC;IACnE,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB;IAC/B,0CAA0C;IAC1C,MAAM,YAAY,GAAG;QACnB,MAAM,EAAE,YAAY,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,cAAc;QAC3E,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;QACtC,aAAa,EAAE,kBAAkB,EAAE,OAAO;QAC1C,qBAAqB,EAAE,kBAAkB;QACzC,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,SAAS;QACrB,UAAU,EAAE,yBAAyB;KACtC,CAAC;IAEF,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA0CP,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;QACnB,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1C,6BAA6B;YAC7B,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACpB,OAAO,WAAW,CAAC,uCAAuC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC;YACxH,CAAC;YACD,OAAO,WAAW,CAAC,yBAAyB,CAAC,0CAA0C,CAAC,8BAA8B,CAAC,OAAO,CAAC;QACjI,CAAC;QACD,sBAAsB;QACtB,OAAO,WAAW,CAAC,uCAAuC,CAAC,8BAA8B,CAAC,OAAO,CAAC;IACpG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;;;;;;;;CAQd,CAAC;AACF,CAAC;AAED,SAAS,SAAS,CAAC,UAAkB;IACnC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,UAAU,IAAI,uBAAY,EAAE,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,SAAS;QAEvC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACnC,IAAI,IAAI,CAAC,IAAI,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI;gBAAE,SAAS,CAAC,oBAAoB;YAEhE,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACnD,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,IAAI,IAAI,CAAC,MAAM,GAAG,IAAI;oBAAE,SAAS,CAAC,mBAAmB;gBACrD,KAAK,MAAM,OAAO,IAAI,8BAAmB,EAAE,CAAC;oBAC1C,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC7B,KAAK,EAAE,CAAC;wBACR,MAAM,CAAC,uBAAuB;oBAChC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CAAC,QAAgB;IACpC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1C,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB,EAAE,IAAS;IAChD,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AACnE,CAAC"}
|
package/dist/patterns.d.ts
CHANGED
|
@@ -1,14 +1,24 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Credential patterns used across all Secretless integrations.
|
|
3
3
|
* Shared between scanner, hooks, and MCP server.
|
|
4
|
+
*
|
|
5
|
+
* ORDERING RULE: More specific prefixes (e.g. sk-ant-, sk-proj-, sk-or-v1-)
|
|
6
|
+
* MUST precede catch-all patterns (e.g. openai-legacy sk-[a-zA-Z0-9]{48,})
|
|
7
|
+
* because scan.ts and transcript.ts break on first match.
|
|
4
8
|
*/
|
|
5
9
|
export interface CredentialPattern {
|
|
6
10
|
id: string;
|
|
7
11
|
name: string;
|
|
8
12
|
regex: RegExp;
|
|
9
13
|
envPrefix: string;
|
|
14
|
+
category?: string;
|
|
10
15
|
}
|
|
11
16
|
export declare const CREDENTIAL_PATTERNS: CredentialPattern[];
|
|
17
|
+
/**
|
|
18
|
+
* Quick-check regex: if a line contains ${VAR} but no credential prefix, skip it.
|
|
19
|
+
* Auto-generated from pattern prefixes so it stays in sync as patterns are added.
|
|
20
|
+
*/
|
|
21
|
+
export declare const CREDENTIAL_PREFIX_QUICK_CHECK: RegExp;
|
|
12
22
|
/** File patterns that should never be read by AI tools */
|
|
13
23
|
export declare const SECRET_FILE_PATTERNS: string[];
|
|
14
24
|
/** Config files that may contain hardcoded secrets */
|
package/dist/patterns.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../src/patterns.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../src/patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,eAAO,MAAM,mBAAmB,EAAE,iBAAiB,EAwElD,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,6BAA6B,QAWzC,CAAC;AAEF,0DAA0D;AAC1D,eAAO,MAAM,oBAAoB,EAAE,MAAM,EAsBxC,CAAC;AAEF,sDAAsD;AACtD,eAAO,MAAM,YAAY,UAqBxB,CAAC"}
|
package/dist/patterns.js
CHANGED
|
@@ -2,23 +2,93 @@
|
|
|
2
2
|
/**
|
|
3
3
|
* Credential patterns used across all Secretless integrations.
|
|
4
4
|
* Shared between scanner, hooks, and MCP server.
|
|
5
|
+
*
|
|
6
|
+
* ORDERING RULE: More specific prefixes (e.g. sk-ant-, sk-proj-, sk-or-v1-)
|
|
7
|
+
* MUST precede catch-all patterns (e.g. openai-legacy sk-[a-zA-Z0-9]{48,})
|
|
8
|
+
* because scan.ts and transcript.ts break on first match.
|
|
5
9
|
*/
|
|
6
10
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
-
exports.CONFIG_FILES = exports.SECRET_FILE_PATTERNS = exports.CREDENTIAL_PATTERNS = void 0;
|
|
11
|
+
exports.CONFIG_FILES = exports.SECRET_FILE_PATTERNS = exports.CREDENTIAL_PREFIX_QUICK_CHECK = exports.CREDENTIAL_PATTERNS = void 0;
|
|
8
12
|
exports.CREDENTIAL_PATTERNS = [
|
|
9
|
-
|
|
10
|
-
{ id: '
|
|
11
|
-
{ id: 'openai-
|
|
12
|
-
{ id: '
|
|
13
|
-
{ id: '
|
|
14
|
-
{ id: '
|
|
15
|
-
{ id: '
|
|
16
|
-
{ id: '
|
|
17
|
-
{ id: '
|
|
18
|
-
{ id: '
|
|
19
|
-
|
|
20
|
-
{ id: '
|
|
13
|
+
// ── AI/ML (category: ai-ml) ──────────────────────────────────────────
|
|
14
|
+
{ id: 'anthropic', name: 'Anthropic API Key', regex: /sk-ant-api\d{2}-[a-zA-Z0-9_-]{20,}/, envPrefix: 'ANTHROPIC_API_KEY', category: 'ai-ml' },
|
|
15
|
+
{ id: 'openai-proj', name: 'OpenAI Project Key', regex: /sk-proj-[a-zA-Z0-9]{20,}/, envPrefix: 'OPENAI_API_KEY', category: 'ai-ml' },
|
|
16
|
+
{ id: 'openrouter', name: 'OpenRouter API Key', regex: /sk-or-v1-[a-zA-Z0-9]{48,}/, envPrefix: 'OPENROUTER_API_KEY', category: 'ai-ml' },
|
|
17
|
+
{ id: 'openai-legacy', name: 'OpenAI Legacy Key', regex: /sk-[a-zA-Z0-9]{48,}/, envPrefix: 'OPENAI_API_KEY', category: 'ai-ml' },
|
|
18
|
+
{ id: 'groq', name: 'Groq API Key', regex: /gsk_[a-zA-Z0-9]{20,}/, envPrefix: 'GROQ_API_KEY', category: 'ai-ml' },
|
|
19
|
+
{ id: 'replicate', name: 'Replicate API Token', regex: /r8_[a-zA-Z0-9]{20,}/, envPrefix: 'REPLICATE_API_TOKEN', category: 'ai-ml' },
|
|
20
|
+
{ id: 'huggingface', name: 'Hugging Face Token', regex: /hf_[a-zA-Z0-9]{20,}/, envPrefix: 'HUGGING_FACE_HUB_TOKEN', category: 'ai-ml' },
|
|
21
|
+
{ id: 'perplexity', name: 'Perplexity API Key', regex: /pplx-[a-zA-Z0-9]{48,}/, envPrefix: 'PERPLEXITY_API_KEY', category: 'ai-ml' },
|
|
22
|
+
{ id: 'fireworks', name: 'Fireworks AI Key', regex: /fw_[a-zA-Z0-9]{20,}/, envPrefix: 'FIREWORKS_API_KEY', category: 'ai-ml' },
|
|
23
|
+
// ── Cloud Providers (category: cloud) ─────────────────────────────────
|
|
24
|
+
{ id: 'aws-access', name: 'AWS Access Key', regex: /AKIA[0-9A-Z]{16}/, envPrefix: 'AWS_ACCESS_KEY_ID', category: 'cloud' },
|
|
25
|
+
{ id: 'aws-sts', name: 'AWS STS Temporary Key', regex: /ASIA[0-9A-Z]{16}/, envPrefix: 'AWS_ACCESS_KEY_ID', category: 'cloud' },
|
|
26
|
+
{ id: 'gcp-service-account', name: 'GCP Service Account JSON', regex: /"type"\s*:\s*"service_account"/, envPrefix: 'GOOGLE_APPLICATION_CREDENTIALS', category: 'cloud' },
|
|
27
|
+
{ id: 'digitalocean', name: 'DigitalOcean PAT', regex: /dop_v1_[a-f0-9]{64}/, envPrefix: 'DIGITALOCEAN_TOKEN', category: 'cloud' },
|
|
28
|
+
{ id: 'heroku', name: 'Heroku API Key', regex: /HRKU-[a-zA-Z0-9_-]{30,}/, envPrefix: 'HEROKU_API_KEY', category: 'cloud' },
|
|
29
|
+
{ id: 'fly-io', name: 'Fly.io Token', regex: /fo1_[a-zA-Z0-9_-]{20,}/, envPrefix: 'FLY_API_TOKEN', category: 'cloud' },
|
|
30
|
+
{ id: 'netlify', name: 'Netlify PAT', regex: /nfp_[a-zA-Z0-9]{40,}/, envPrefix: 'NETLIFY_AUTH_TOKEN', category: 'cloud' },
|
|
31
|
+
{ id: 'azure', name: 'Azure Key', regex: /(?:AccountKey|SharedAccessKey|azure[_-]?(?:storage|key|account))\s*[=:]\s*[a-zA-Z0-9+/]{43}=/i, envPrefix: 'AZURE_API_KEY', category: 'cloud' },
|
|
32
|
+
{ id: 'supabase', name: 'Supabase Service Key', regex: /eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\.[a-zA-Z0-9_-]{50,}/, envPrefix: 'SUPABASE_SERVICE_ROLE_KEY', category: 'cloud' },
|
|
33
|
+
// ── Communication (category: communication) ───────────────────────────
|
|
34
|
+
{ id: 'slack', name: 'Slack Token', regex: /xox[baprs]-[0-9]{10,13}-[0-9]{10,13}-[a-zA-Z0-9]{24}/, envPrefix: 'SLACK_TOKEN', category: 'communication' },
|
|
35
|
+
{ id: 'slack-webhook', name: 'Slack Webhook URL', regex: /hooks\.slack\.com\/services\/T[A-Z0-9]{8,}\/B[A-Z0-9]{8,}\/[a-zA-Z0-9]{24}/, envPrefix: 'SLACK_WEBHOOK_URL', category: 'communication' },
|
|
36
|
+
{ id: 'slack-app', name: 'Slack App Token', regex: /xapp-[0-9]+-[A-Z0-9]+-[0-9]+-[a-z0-9]+/, envPrefix: 'SLACK_APP_TOKEN', category: 'communication' },
|
|
37
|
+
{ id: 'telegram-bot', name: 'Telegram Bot Token', regex: /[0-9]{8,10}:[A-Za-z0-9_-]{35}/, envPrefix: 'TELEGRAM_BOT_TOKEN', category: 'communication' },
|
|
38
|
+
{ id: 'discord-bot', name: 'Discord Bot Token', regex: /[MN][A-Za-z\d]{23,}\.[\w-]{6}\.[\w-]{27,}/, envPrefix: 'DISCORD_BOT_TOKEN', category: 'communication' },
|
|
39
|
+
{ id: 'discord-webhook', name: 'Discord Webhook URL', regex: /discord(?:app)?\.com\/api\/webhooks\/[0-9]+\/[A-Za-z0-9_-]+/, envPrefix: 'DISCORD_WEBHOOK_URL', category: 'communication' },
|
|
40
|
+
{ id: 'twilio', name: 'Twilio API Key', regex: /SK[0-9a-fA-F]{32}/, envPrefix: 'TWILIO_API_KEY', category: 'communication' },
|
|
41
|
+
{ id: 'sendgrid', name: 'SendGrid Key', regex: /SG\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9_-]{43}/, envPrefix: 'SENDGRID_API_KEY', category: 'communication' },
|
|
42
|
+
// ── Developer Platforms (category: developer) ─────────────────────────
|
|
43
|
+
{ id: 'github-pat', name: 'GitHub Token', regex: /ghp_[a-zA-Z0-9]{36}/, envPrefix: 'GITHUB_TOKEN', category: 'developer' },
|
|
44
|
+
{ id: 'github-fine', name: 'GitHub Fine-Grained PAT', regex: /github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59}/, envPrefix: 'GITHUB_TOKEN', category: 'developer' },
|
|
45
|
+
{ id: 'github-oauth', name: 'GitHub OAuth Token', regex: /gho_[a-zA-Z0-9]{36}/, envPrefix: 'GITHUB_TOKEN', category: 'developer' },
|
|
46
|
+
{ id: 'github-app', name: 'GitHub App Installation Token', regex: /ghs_[a-zA-Z0-9]{36}/, envPrefix: 'GITHUB_TOKEN', category: 'developer' },
|
|
47
|
+
{ id: 'github-refresh', name: 'GitHub Refresh Token', regex: /ghr_[a-zA-Z0-9]{36,}/, envPrefix: 'GITHUB_TOKEN', category: 'developer' },
|
|
48
|
+
{ id: 'gitlab', name: 'GitLab PAT', regex: /glpat-[a-zA-Z0-9_-]{20,}/, envPrefix: 'GITLAB_TOKEN', category: 'developer' },
|
|
49
|
+
{ id: 'gitlab-pipeline', name: 'GitLab Pipeline Trigger', regex: /glptt-[a-f0-9]{40,}/, envPrefix: 'GITLAB_TOKEN', category: 'developer' },
|
|
50
|
+
{ id: 'gitlab-runner', name: 'GitLab Runner Token', regex: /GR1348941[a-zA-Z0-9_-]{20,}/, envPrefix: 'GITLAB_TOKEN', category: 'developer' },
|
|
51
|
+
{ id: 'npm', name: 'npm Access Token', regex: /npm_[a-zA-Z0-9]{36}/, envPrefix: 'NPM_TOKEN', category: 'developer' },
|
|
52
|
+
{ id: 'pypi', name: 'PyPI API Token', regex: /pypi-[A-Za-z0-9_-]{50,}/, envPrefix: 'PYPI_API_TOKEN', category: 'developer' },
|
|
53
|
+
{ id: 'dockerhub', name: 'Docker Hub PAT', regex: /dckr_pat_[a-zA-Z0-9_-]{20,}/, envPrefix: 'DOCKER_TOKEN', category: 'developer' },
|
|
54
|
+
{ id: 'bitbucket', name: 'Bitbucket App Password', regex: /ATBB[a-zA-Z0-9]{32,}/, envPrefix: 'BITBUCKET_TOKEN', category: 'developer' },
|
|
55
|
+
// ── Payment (category: payment) ───────────────────────────────────────
|
|
56
|
+
{ id: 'stripe-test', name: 'Stripe Test Key', regex: /sk_test_[0-9a-zA-Z]{24,}/, envPrefix: 'STRIPE_SECRET_KEY', category: 'payment' },
|
|
57
|
+
{ id: 'stripe-restricted', name: 'Stripe Restricted Key', regex: /rk_live_[0-9a-zA-Z]{24,}/, envPrefix: 'STRIPE_RESTRICTED_KEY', category: 'payment' },
|
|
58
|
+
{ id: 'stripe', name: 'Stripe Live Key', regex: /sk_live_[0-9a-zA-Z]{24,}/, envPrefix: 'STRIPE_SECRET_KEY', category: 'payment' },
|
|
59
|
+
{ id: 'stripe-webhook', name: 'Stripe Webhook Secret', regex: /whsec_[a-zA-Z0-9]{32,}/, envPrefix: 'STRIPE_WEBHOOK_SECRET', category: 'payment' },
|
|
60
|
+
{ id: 'square', name: 'Square API Key', regex: /sq0[a-z]{3}-[a-zA-Z0-9_-]{22,}/, envPrefix: 'SQUARE_ACCESS_TOKEN', category: 'payment' },
|
|
61
|
+
// ── Database (category: database) ─────────────────────────────────────
|
|
62
|
+
{ id: 'mongodb', name: 'MongoDB Connection String', regex: /mongodb\+srv:\/\/[^\s]{10,}/, envPrefix: 'MONGODB_URI', category: 'database' },
|
|
63
|
+
{ id: 'postgres', name: 'PostgreSQL Connection String', regex: /postgres(?:ql)?:\/\/[^\s]{10,}/, envPrefix: 'DATABASE_URL', category: 'database' },
|
|
64
|
+
{ id: 'mysql', name: 'MySQL Connection String', regex: /mysql:\/\/[^\s]{10,}/, envPrefix: 'DATABASE_URL', category: 'database' },
|
|
65
|
+
{ id: 'redis', name: 'Redis Connection String', regex: /rediss?:\/\/[^\s]{10,}/, envPrefix: 'REDIS_URL', category: 'database' },
|
|
66
|
+
// ── Auth & Crypto (category: auth) ────────────────────────────────────
|
|
67
|
+
{ id: 'google', name: 'Google API Key', regex: /AIza[0-9A-Za-z_-]{35}/, envPrefix: 'GOOGLE_API_KEY', category: 'auth' },
|
|
68
|
+
{ id: 'google-oauth', name: 'Google OAuth Access Token', regex: /ya29\.[a-zA-Z0-9_-]{50,}/, envPrefix: 'GOOGLE_ACCESS_TOKEN', category: 'auth' },
|
|
69
|
+
{ id: 'pem-private-key', name: 'PEM Private Key', regex: /-----BEGIN (?:RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----/, envPrefix: 'PRIVATE_KEY', category: 'auth' },
|
|
70
|
+
{ id: 'firebase-fcm', name: 'Firebase FCM Server Key', regex: /AAAA[a-zA-Z0-9_-]{7}:[a-zA-Z0-9_-]{140,}/, envPrefix: 'FIREBASE_SERVER_KEY', category: 'auth' },
|
|
71
|
+
// ── Monitoring (category: monitoring) ──────────────────────────────────
|
|
72
|
+
{ id: 'newrelic', name: 'New Relic API Key', regex: /NRAK-[A-Z0-9]{27}/, envPrefix: 'NEW_RELIC_API_KEY', category: 'monitoring' },
|
|
73
|
+
{ id: 'newrelic-insight', name: 'New Relic Insights Key', regex: /NRIQ-[A-Z0-9]{27,}/, envPrefix: 'NEW_RELIC_API_KEY', category: 'monitoring' },
|
|
74
|
+
{ id: 'sentry', name: 'Sentry Auth Token', regex: /sntrys_[a-zA-Z0-9]{40,}/, envPrefix: 'SENTRY_AUTH_TOKEN', category: 'monitoring' },
|
|
75
|
+
{ id: 'grafana', name: 'Grafana Cloud API Key', regex: /glc_[a-zA-Z0-9_+/]{32,}=*/, envPrefix: 'GRAFANA_API_KEY', category: 'monitoring' },
|
|
76
|
+
{ id: 'linear', name: 'Linear API Key', regex: /lin_api_[a-zA-Z0-9]{40,}/, envPrefix: 'LINEAR_API_KEY', category: 'monitoring' },
|
|
21
77
|
];
|
|
78
|
+
/**
|
|
79
|
+
* Quick-check regex: if a line contains ${VAR} but no credential prefix, skip it.
|
|
80
|
+
* Auto-generated from pattern prefixes so it stays in sync as patterns are added.
|
|
81
|
+
*/
|
|
82
|
+
exports.CREDENTIAL_PREFIX_QUICK_CHECK = new RegExp(exports.CREDENTIAL_PATTERNS.map(p => {
|
|
83
|
+
const src = p.regex.source;
|
|
84
|
+
// Extract leading literal prefix (up to first quantifier or alternation)
|
|
85
|
+
const m = src.match(/^([a-zA-Z0-9_\-.+:/]{3,})/);
|
|
86
|
+
return m ? m[1].replace(/[.*+?^${}()|[\]\\]/g, '\\$&') : null;
|
|
87
|
+
})
|
|
88
|
+
.filter(Boolean)
|
|
89
|
+
// Deduplicate prefixes (e.g. multiple sk- patterns)
|
|
90
|
+
.filter((v, i, a) => a.indexOf(v) === i)
|
|
91
|
+
.join('|'));
|
|
22
92
|
/** File patterns that should never be read by AI tools */
|
|
23
93
|
exports.SECRET_FILE_PATTERNS = [
|
|
24
94
|
'.env',
|
|
@@ -55,5 +125,15 @@ exports.CONFIG_FILES = [
|
|
|
55
125
|
'.claude/settings.json',
|
|
56
126
|
'.cursor/settings.json',
|
|
57
127
|
'.github/copilot-instructions.md',
|
|
128
|
+
// Nanobot variants
|
|
129
|
+
'.nanobot/config.json', 'nanobot.yaml', 'nanobot.yml',
|
|
130
|
+
// Docker/containers
|
|
131
|
+
'docker-compose.yml', 'docker-compose.yaml', 'docker-compose.override.yml',
|
|
132
|
+
// Terraform
|
|
133
|
+
'terraform.tfvars', 'terraform.tfvars.json',
|
|
134
|
+
// Other AI tools
|
|
135
|
+
'.codeium/config.json', '.tabnine/config.json',
|
|
136
|
+
// Kubernetes
|
|
137
|
+
'kubeconfig.yaml', '.kube/config',
|
|
58
138
|
];
|
|
59
139
|
//# sourceMappingURL=patterns.js.map
|
package/dist/patterns.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../src/patterns.ts"],"names":[],"mappings":";AAAA;;;
|
|
1
|
+
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../src/patterns.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAUU,QAAA,mBAAmB,GAAwB;IACtD,wEAAwE;IACxE,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,oCAAoC,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,OAAO,EAAE;IAC9I,EAAE,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,0BAA0B,EAAE,SAAS,EAAE,gBAAgB,EAAE,QAAQ,EAAE,OAAO,EAAE;IACpI,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,2BAA2B,EAAE,SAAS,EAAE,oBAAoB,EAAE,QAAQ,EAAE,OAAO,EAAE;IACxI,EAAE,EAAE,EAAE,eAAe,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,gBAAgB,EAAE,QAAQ,EAAE,OAAO,EAAE;IAChI,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,sBAAsB,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,OAAO,EAAE;IACjH,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,qBAAqB,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,qBAAqB,EAAE,QAAQ,EAAE,OAAO,EAAE;IACnI,EAAE,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,wBAAwB,EAAE,QAAQ,EAAE,OAAO,EAAE;IACvI,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,uBAAuB,EAAE,SAAS,EAAE,oBAAoB,EAAE,QAAQ,EAAE,OAAO,EAAE;IACpI,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,OAAO,EAAE;IAE9H,yEAAyE;IACzE,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,kBAAkB,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,OAAO,EAAE;IAC1H,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,uBAAuB,EAAE,KAAK,EAAE,kBAAkB,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,OAAO,EAAE;IAC9H,EAAE,EAAE,EAAE,qBAAqB,EAAE,IAAI,EAAE,0BAA0B,EAAE,KAAK,EAAE,gCAAgC,EAAE,SAAS,EAAE,gCAAgC,EAAE,QAAQ,EAAE,OAAO,EAAE;IACxK,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,oBAAoB,EAAE,QAAQ,EAAE,OAAO,EAAE;IAClI,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,yBAAyB,EAAE,SAAS,EAAE,gBAAgB,EAAE,QAAQ,EAAE,OAAO,EAAE;IAC1H,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,wBAAwB,EAAE,SAAS,EAAE,eAAe,EAAE,QAAQ,EAAE,OAAO,EAAE;IACtH,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,sBAAsB,EAAE,SAAS,EAAE,oBAAoB,EAAE,QAAQ,EAAE,OAAO,EAAE;IACzH,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,+FAA+F,EAAE,SAAS,EAAE,eAAe,EAAE,QAAQ,EAAE,OAAO,EAAE;IACzL,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,sBAAsB,EAAE,KAAK,EAAE,0DAA0D,EAAE,SAAS,EAAE,2BAA2B,EAAE,QAAQ,EAAE,OAAO,EAAE;IAE9K,yEAAyE;IACzE,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,sDAAsD,EAAE,SAAS,EAAE,aAAa,EAAE,QAAQ,EAAE,eAAe,EAAE;IACxJ,EAAE,EAAE,EAAE,eAAe,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,4EAA4E,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,eAAe,EAAE;IAClM,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,iBAAiB,EAAE,KAAK,EAAE,wCAAwC,EAAE,SAAS,EAAE,iBAAiB,EAAE,QAAQ,EAAE,eAAe,EAAE;IACtJ,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,+BAA+B,EAAE,SAAS,EAAE,oBAAoB,EAAE,QAAQ,EAAE,eAAe,EAAE;IACtJ,EAAE,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,2CAA2C,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,eAAe,EAAE;IAC/J,EAAE,EAAE,EAAE,iBAAiB,EAAE,IAAI,EAAE,qBAAqB,EAAE,KAAK,EAAE,6DAA6D,EAAE,SAAS,EAAE,qBAAqB,EAAE,QAAQ,EAAE,eAAe,EAAE;IACzL,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,mBAAmB,EAAE,SAAS,EAAE,gBAAgB,EAAE,QAAQ,EAAE,eAAe,EAAE;IAC5H,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,0CAA0C,EAAE,SAAS,EAAE,kBAAkB,EAAE,QAAQ,EAAE,eAAe,EAAE;IAErJ,yEAAyE;IACzE,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC1H,EAAE,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,yBAAyB,EAAE,KAAK,EAAE,4CAA4C,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC7J,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE;IAClI,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,+BAA+B,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC3I,EAAE,EAAE,EAAE,gBAAgB,EAAE,IAAI,EAAE,sBAAsB,EAAE,KAAK,EAAE,sBAAsB,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE;IACvI,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,0BAA0B,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE;IACzH,EAAE,EAAE,EAAE,iBAAiB,EAAE,IAAI,EAAE,yBAAyB,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC1I,EAAE,EAAE,EAAE,eAAe,EAAE,IAAI,EAAE,qBAAqB,EAAE,KAAK,EAAE,6BAA6B,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC5I,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE;IACpH,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,yBAAyB,EAAE,SAAS,EAAE,gBAAgB,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC5H,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,6BAA6B,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE;IACnI,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,wBAAwB,EAAE,KAAK,EAAE,sBAAsB,EAAE,SAAS,EAAE,iBAAiB,EAAE,QAAQ,EAAE,WAAW,EAAE;IAEvI,yEAAyE;IACzE,EAAE,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,iBAAiB,EAAE,KAAK,EAAE,0BAA0B,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,SAAS,EAAE;IACtI,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,uBAAuB,EAAE,KAAK,EAAE,0BAA0B,EAAE,SAAS,EAAE,uBAAuB,EAAE,QAAQ,EAAE,SAAS,EAAE;IACtJ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,iBAAiB,EAAE,KAAK,EAAE,0BAA0B,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,SAAS,EAAE;IACjI,EAAE,EAAE,EAAE,gBAAgB,EAAE,IAAI,EAAE,uBAAuB,EAAE,KAAK,EAAE,wBAAwB,EAAE,SAAS,EAAE,uBAAuB,EAAE,QAAQ,EAAE,SAAS,EAAE;IACjJ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,gCAAgC,EAAE,SAAS,EAAE,qBAAqB,EAAE,QAAQ,EAAE,SAAS,EAAE;IAExI,yEAAyE;IACzE,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,2BAA2B,EAAE,KAAK,EAAE,6BAA6B,EAAE,SAAS,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC1I,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,8BAA8B,EAAE,KAAK,EAAE,gCAAgC,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE;IAClJ,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,yBAAyB,EAAE,KAAK,EAAE,sBAAsB,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE;IAChI,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,yBAAyB,EAAE,KAAK,EAAE,wBAAwB,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE;IAE/H,yEAAyE;IACzE,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,uBAAuB,EAAE,SAAS,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE;IACvH,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,2BAA2B,EAAE,KAAK,EAAE,0BAA0B,EAAE,SAAS,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAM,EAAE;IAChJ,EAAE,EAAE,EAAE,iBAAiB,EAAE,IAAI,EAAE,iBAAiB,EAAE,KAAK,EAAE,wDAAwD,EAAE,SAAS,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC/J,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,yBAAyB,EAAE,KAAK,EAAE,0CAA0C,EAAE,SAAS,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAM,EAAE;IAE9J,0EAA0E;IAC1E,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,mBAAmB,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,YAAY,EAAE;IACjI,EAAE,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,wBAAwB,EAAE,KAAK,EAAE,oBAAoB,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,YAAY,EAAE;IAC/I,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,yBAAyB,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,YAAY,EAAE;IACrI,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,uBAAuB,EAAE,KAAK,EAAE,2BAA2B,EAAE,SAAS,EAAE,iBAAiB,EAAE,QAAQ,EAAE,YAAY,EAAE;IAC1I,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,0BAA0B,EAAE,SAAS,EAAE,gBAAgB,EAAE,QAAQ,EAAE,YAAY,EAAE;CACjI,CAAC;AAEF;;;GAGG;AACU,QAAA,6BAA6B,GAAG,IAAI,MAAM,CACrD,2BAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;IAC1B,MAAM,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;IAC3B,yEAAyE;IACzE,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;IACjD,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAChE,CAAC,CAAC;KACD,MAAM,CAAC,OAAO,CAAC;IAChB,oDAAoD;KACnD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;KACvC,IAAI,CAAC,GAAG,CAAC,CACX,CAAC;AAEF,0DAA0D;AAC7C,QAAA,oBAAoB,GAAa;IAC5C,MAAM;IACN,YAAY;IACZ,kBAAkB;IAClB,iBAAiB;IACjB,cAAc;IACd,OAAO;IACP,OAAO;IACP,OAAO;IACP,OAAO;IACP,OAAO;IACP,kBAAkB;IAClB,QAAQ;IACR,qBAAqB;IACrB,kBAAkB;IAClB,QAAQ;IACR,SAAS;IACT,WAAW;IACX,UAAU;IACV,UAAU;IACV,cAAc;IACd,yBAAyB;CAC1B,CAAC;AAEF,sDAAsD;AACzC,QAAA,YAAY,GAAG;IAC1B,aAAa,EAAE,aAAa,EAAE,YAAY;IAC1C,MAAM,EAAE,YAAY;IACpB,cAAc,EAAE,UAAU;IAC1B,WAAW;IACX,uBAAuB,EAAE,sBAAsB;IAC/C,eAAe,EAAE,cAAc;IAC/B,iBAAiB,EAAE,kBAAkB;IACrC,uBAAuB;IACvB,uBAAuB;IACvB,iCAAiC;IACjC,mBAAmB;IACnB,sBAAsB,EAAE,cAAc,EAAE,aAAa;IACrD,oBAAoB;IACpB,oBAAoB,EAAE,qBAAqB,EAAE,6BAA6B;IAC1E,YAAY;IACZ,kBAAkB,EAAE,uBAAuB;IAC3C,iBAAiB;IACjB,sBAAsB,EAAE,sBAAsB;IAC9C,aAAa;IACb,iBAAiB,EAAE,cAAc;CAClC,CAAC"}
|
package/dist/scan.js
CHANGED
|
@@ -69,7 +69,7 @@ function scan(projectDir, options) {
|
|
|
69
69
|
const line = lines[i];
|
|
70
70
|
if (line.length > 4096)
|
|
71
71
|
continue;
|
|
72
|
-
if (/\$\{[A-Z_]+\}/.test(line) &&
|
|
72
|
+
if (/\$\{[A-Z_]+\}/.test(line) && !patterns_1.CREDENTIAL_PREFIX_QUICK_CHECK.test(line))
|
|
73
73
|
continue;
|
|
74
74
|
for (const pattern of patterns_1.CREDENTIAL_PATTERNS) {
|
|
75
75
|
if (pattern.regex.test(line)) {
|
|
@@ -108,7 +108,7 @@ function scan(projectDir, options) {
|
|
|
108
108
|
if (line.length > 4096)
|
|
109
109
|
continue; // ReDoS protection
|
|
110
110
|
// Skip env var references and placeholders
|
|
111
|
-
if (/\$\{[A-Z_]+\}/.test(line) &&
|
|
111
|
+
if (/\$\{[A-Z_]+\}/.test(line) && !patterns_1.CREDENTIAL_PREFIX_QUICK_CHECK.test(line)) {
|
|
112
112
|
continue;
|
|
113
113
|
}
|
|
114
114
|
for (const pattern of patterns_1.CREDENTIAL_PATTERNS) {
|
package/dist/scan.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../src/scan.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgCH,oBAwFC;AAtHD,uCAAyB;AACzB,2CAA6B;AAC7B,uCAAyB;AACzB,
|
|
1
|
+
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../src/scan.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgCH,oBAwFC;AAtHD,uCAAyB;AACzB,2CAA6B;AAC7B,uCAAyB;AACzB,yCAA8F;AAgB9F,yEAAyE;AACzE,MAAM,mBAAmB,GAAG;IAC1B,EAAE,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,qBAAqB,EAAE;IAC5F,EAAE,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,yBAAyB,EAAE;CACrG,CAAC;AAEF;;;;GAIG;AACH,SAAgB,IAAI,CAAC,UAAkB,EAAE,OAAqB;IAC5D,MAAM,QAAQ,GAAkB,EAAE,CAAC;IACnC,MAAM,UAAU,GAAG,OAAO,EAAE,UAAU,KAAK,KAAK,CAAC;IAEjD,wFAAwF;IACxF,KAAK,MAAM,MAAM,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;QAC7D,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;QACpD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,SAAS;QACvC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACnC,IAAI,IAAI,CAAC,IAAI,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;gBAAE,SAAS;YAC7D,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBACtB,IAAI,IAAI,CAAC,MAAM,GAAG,IAAI;oBAAE,SAAS;gBACjC,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,wCAA6B,CAAC,IAAI,CAAC,IAAI,CAAC;oBAAE,SAAS;gBACtF,KAAK,MAAM,OAAO,IAAI,8BAAmB,EAAE,CAAC;oBAC1C,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC7B,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;wBAC1I,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,OAAO,CAAC,IAAI,YAAY,CAAC,CAAC;wBACvE,QAAQ,CAAC,IAAI,CAAC;4BACZ,IAAI,EAAE,MAAM,CAAC,KAAK;4BAClB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,SAAS,EAAE,OAAO,CAAC,EAAE;4BACrB,WAAW,EAAE,OAAO,CAAC,IAAI;4BACzB,QAAQ,EAAE,UAAU;4BACpB,OAAO,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC;yBACxC,CAAC,CAAC;wBACH,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,UAAU,CAAC,CAAC;IACxB,CAAC;IAED,kCAAkC;IAClC,KAAK,MAAM,UAAU,IAAI,uBAAY,EAAE,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,SAAS;QAEvC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACnC,IAAI,IAAI,CAAC,IAAI,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI;gBAAE,SAAS;YAC3C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;gBAAE,SAAS;YAE7B,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBACtB,IAAI,IAAI,CAAC,MAAM,GAAG,IAAI;oBAAE,SAAS,CAAC,mBAAmB;gBAErD,2CAA2C;gBAC3C,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,wCAA6B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC5E,SAAS;gBACX,CAAC;gBAED,KAAK,MAAM,OAAO,IAAI,8BAAmB,EAAE,CAAC;oBAC1C,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC7B,kEAAkE;wBAClE,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;wBAC1I,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,OAAO,CAAC,IAAI,YAAY,CAAC,CAAC;wBAEvE,QAAQ,CAAC,IAAI,CAAC;4BACZ,IAAI,EAAE,UAAU;4BAChB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,SAAS,EAAE,OAAO,CAAC,EAAE;4BACrB,WAAW,EAAE,OAAO,CAAC,IAAI;4BACzB,QAAQ,EAAE,UAAU;4BACpB,OAAO,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC;yBACxC,CAAC,CAAC;wBACH,MAAM,CAAC,uBAAuB;oBAChC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;IACH,CAAC;IAED,qCAAqC;IACrC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACrB,IAAI,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,QAAQ;YAAE,OAAO,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACzE,OAAO,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
package/package.json
CHANGED