Data

Tools

Indexes

Applications

Experiments

Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 2.7% on proxy.golang.org
Top 4.1% dependent packages on proxy.golang.org
Top 2.0% dependent repos on proxy.golang.org
Top 3.1% forks on proxy.golang.org
Top 1.1% docker downloads on proxy.golang.org

proxy.golang.org : github.com/apuigsech/seekret

Package seekret provides a framework to create tools to inspect information looking for sensitive information like passwords, tokens, private keys, certificates, etc. The current trend of automation of all things and de DevOps culture are very beneficial for efficiency but also come with several problems, being one of them the secret provisioning. Bootstrapping secrets into systems and applications may be complicated and sometimes the straightforward way is to store them into a insecure storage, like github repository, embedded into an artifact or system image, etc. That means that an AWS secret_key end up into a Github repository. Seekret is an extensible framework that gelps in creating tools for detecting secrets on different sources. The secrets to detect are defined by a set of rules that can help detect passwords, tokens, private keys, certificates, etc. Seekret is extensible and can cover various use cases. Below there are some tools that uses seekret: Seekret API is very simple and easy to use. This section shows some snippets of code that shows the basic operations you can do with it. The first thing to be done is to create a new Seekret context: Then the rules must to be loaded. They can be loaded from a path definition, a directory or a single file: Optionally, exceptions (or false positives) can also be loaded from a file: After that, must be loaded the objects to be inspected searching for secrets. sourceType is an interface that implements the interface shown below. We offer sourceType's for Directories and Git Repositories, but you are able to extend it by creating your own. Currently, there are the following different sources supported: Having all the rules, exceptions and objects loaded into the contects, it's possible to start the inspection with the following code: Nworkers is an integuer that specify the number of goroutines used on the inspection. The recommended value is runtime.NumCPU(). Finally, it is possible to obtain the list of secrets located and do something with them:

Registry - Source - Documentation - JSON
purl: pkg:golang/github.com/apuigsech/seekret
License: Apache-2.0
Latest release: over 5 years ago
First release: over 5 years ago
Namespace: github.com/apuigsech
Dependent packages: 2
Dependent repositories: 7
Stars: 246 on GitHub
Forks: 65 on GitHub
Docker dependents: 1
Docker downloads: 2,782
See more repository details: repos.ecosyste.ms
Last synced: 3 months ago

    Loading...
    Readme
    Loading...