-
-
Notifications
You must be signed in to change notification settings - Fork 145
/
Copy pathindex.ts
55 lines (47 loc) · 1.56 KB
/
index.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import denylist from '@/denylist'
import type { SecretResult, JsObjectScanResult } from '@/types'
export type SecretConfig = Record<string, RegExp[]>
class SecretDetector {
private readonly patterns: RegExp[]
constructor(config: SecretConfig) {
this.patterns = Object.values(config).flat()
}
/**
* Detects if a given input string contains any secret patterns.
* @param input - The input string to scan for secret patterns.
* @returns A `SecretResult` object indicating whether any secret patterns were found.
*/
detect(input: string): SecretResult {
for (const regex of this.patterns) {
if (regex.test(input)) {
return { found: true, regex }
}
}
return { found: false }
}
/**
* Detects if a given js object contains any secret patterns.
* @param input - The object to scan for secret patterns.
* @returns A `JsObjectScanResult` object containing the secrets and variables found in the object.
*/
scanJsObject(input: Record<string, string>): JsObjectScanResult {
const result: JsObjectScanResult = {
secrets: {},
variables: {}
}
for (const [key, value] of Object.entries(input)) {
const secretResult = this.detect(key + '=' + value)
if (secretResult.found) {
result.secrets[key] = value
} else {
result.variables[key] = value
}
}
return result
}
}
const createSecretDetector = (config: SecretConfig): SecretDetector => {
return new SecretDetector(config)
}
const secretDetector = createSecretDetector(denylist)
export default secretDetector