Scan repositories for potential usernames, passwords, tokens, and other secrets.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sriramsreedhar from gravatar.com sriramsreedhar

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Sriram Sreedhar
  • Tags security , secrets , scanner , git , pre-push
  • Requires: Python >=3.9
Classifiers
Report project as malware

Project description

checsum

checsum scans your project for potential secrets before code is pushed to Git. It detects common patterns such as usernames, passwords, API tokens, private keys, and authorization headers, then generates a full HTML report with:

  • file name
  • exact location (line and column)
  • finding type
  • matched value (or preview)

Install

pip install checsum

Usage

Scan the current directory and create an HTML report:

checsum --path . --output checsum-report.html

Fail CI if possible secrets are found:

checsum --path . --fail-on-findings

Ignore additional globs:

checsum --path . --ignore "*.pem" --ignore "docs/*"

Example Output

The report includes:

  • scan timestamp
  • root path scanned
  • total files and findings
  • grouped breakdown by finding type
  • detailed table of each hit with path, line, column, severity, and extracted snippet

Use as a pre-push safety check

Create .git/hooks/pre-push:

#!/usr/bin/env bash
set -euo pipefail
checsum --path . --output checsum-report.html --fail-on-findings

Then make it executable:

chmod +x .git/hooks/pre-push

Notes

checsum is a heuristic scanner. It can produce false positives and should be used as an early warning signal, not a replacement for secret management best practices.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sriramsreedhar from gravatar.com sriramsreedhar

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Sriram Sreedhar
  • Tags security , secrets , scanner , git , pre-push
  • Requires: Python >=3.9
Classifiers

Release history Release notifications | RSS feed

0.1.4

0.1.3

This version

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

checsum-0.1.2.tar.gz (7.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

checsum-0.1.2-py3-none-any.whl (7.5 kB view details)

Uploaded Python 3

File details

Details for the file checsum-0.1.2.tar.gz.

File metadata

  • Download URL: checsum-0.1.2.tar.gz
  • Upload date:
  • Size: 7.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.0

File hashes

Hashes for checsum-0.1.2.tar.gz
Algorithm Hash digest
SHA256 7a5df4009cb8377ce557849b55ec2a8011eba9d9a2ea87cb906e0e00aeaef0ac
MD5 7fdc1964f0d284767278f532b9ba71f1
BLAKE2b-256 994687ad23b0e467dc17db2f1fbda1b4ac022367df4ffd6b2f5edf207702310f

See more details on using hashes here.

File details

Details for the file checsum-0.1.2-py3-none-any.whl.

File metadata

  • Download URL: checsum-0.1.2-py3-none-any.whl
  • Upload date:
  • Size: 7.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.0

File hashes

Hashes for checsum-0.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 26da64c7f08872ab5360fd12a12f01363b4f04dafd3a96a400345eabb74d9b93
MD5 eba1f480acc79baa39118253a8e73f5e
BLAKE2b-256 0e6e68b527eddafa63c667d95792c06c0cdbf2b33377d1c3f4a2e5634c113c35

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page