secure-repo 1.0.6 → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/bin/cli.js +1 -1
  2. package/package.json +1 -1
package/bin/cli.js CHANGED
@@ -31,7 +31,7 @@ const DANGER_PATTERNS = [
31
31
  { pattern: /sk_live_[a-zA-Z0-9]+/, label: "Stripe live secret key" },
32
32
  { pattern: /sk_test_[a-zA-Z0-9]+/, label: "Stripe test secret key" },
33
33
  { pattern: /eyJ[a-zA-Z0-9_-]+\.eyJ[a-zA-Z0-9_-]+/, label: "JWT token" },
34
- { pattern: /SUPABASE_SERVICE_ROLE_KEY/, label: "Supabase service role key reference" },
34
+ { pattern: /SUPABASE_SERVICE_ROLE_KEY\s*[:=]\s*['"][^'"]+['"]/, label: "Hardcoded Supabase service role key" },
35
35
  { pattern: /password\s*[:=]\s*['"][^'"]+['"]/, label: "Hardcoded password" },
36
36
  { pattern: /api[_-]?key\s*[:=]\s*['"][^'"]+['"]/, label: "Hardcoded API key" },
37
37
  ];
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "secure-repo",
3
- "version": "1.0.6",
3
+ "version": "1.0.7",
4
4
  "description": "Drop production-grade security standards into any repo. Audit your repo for security issues. Templates for AI-assisted development.",
5
5
  "bin": {
6
6
  "secure-repo": "./bin/cli.js"