Lightweight pre-commit secret scanner CLI with EKS/RDS version warnings
Project description
๐ก๏ธ ShieldCommit v1.0.0
Lightweight pre-commit secret scanner CLI with comprehensive infrastructure version warnings across AWS, Azure, and Google Cloud.
Features
โ Secret Detection (v0.1)
- 40+ regex patterns for cloud/API keys, tokens, private keys
- Real-time scanning of staged files
- Support for multiple secret types (AWS, GCP, Azure, GitHub, etc.)
โจ Infrastructure Version Warnings (v0.2-v0.3)
Kubernetes/Container Orchestration
- AWS EKS - Kubernetes version detection (deprecated/extended support)
- Azure AKS - Kubernetes version detection with EOL tracking
- Google Cloud GKE - Kubernetes versions + release channel recommendations (RAPID/REGULAR/STABLE)
Database Engines
- AWS RDS - PostgreSQL, MySQL, MariaDB version detection
- Azure Database - SQL Server, MySQL, PostgreSQL version detection
- Google Cloud SQL - MySQL, PostgreSQL, SQL Server version detection
Additional Features
- Non-blocking warnings (safe for beta)
- Zero cloud API calls required
- End-of-life (EOL) date tracking
- Extended support period detection
- Actionable upgrade guidance
- Consistent warning format across all platforms
- Works with Terraform, CloudFormation, and IaC files
SHIELDCOMMIT 1.0.0 TRANSFORMATION COMPLETE Pattern-Based โ Intelligent Detection System โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ INTELLIGENT DETECTION SYSTEM FEATURES:
-
ENTROPY ANALYSIS
- Shannon entropy calculation for high-entropy secret detection
- Dynamically adjusts confidence based on entropy levels (0-5.7 bits)
- Minimum 12+ character length with character variety requirement
- Detects unknown secret formats without predefined patterns
-
SEMANTIC ANALYSIS
- Recognizes 60+ secret-related keywords in variable names
- Keywords: password, secret, token, api_key, credential, etc.
- Analyzes variable naming conventions (snake_case, camelCase, etc.)
- Works with ANY naming convention, not predefined ones
-
FORMAT DETECTION
- 15+ known secret format patterns (AWS, Stripe, GitHub, etc.)
- AWS Access Keys (AKIA, ASIA prefixes)
- API keys: Google, OpenAI, Stripe, SendGrid, Mailgun
- Tokens: GitHub, GitLab, Slack, Telegram, Discord
- OAuth, JWT, Bearer tokens, Private keys (RSA, DSA, EC, OpenSSH)
- Database URIs: MongoDB, PostgreSQL, MySQL
-
CONTEXT ANALYSIS
- 20+ context keywords for secret detection
- Analyzes surrounding code for secret indicators
- Understands assignment patterns and declarations
- Recognizes authentication, authorization patterns
Installation
pip install shieldcommit==1.0.0
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file shieldcommit-1.0.0.tar.gz.
File metadata
- Download URL: shieldcommit-1.0.0.tar.gz
- Upload date:
- Size: 24.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b9e6ad5a2ae529269f43dc6b31d772e7b230dd8f9c6ed8fad86e0563cbaf8ae1
|
|
| MD5 |
26417a6f11590edb9e758ca2f1bf48ea
|
|
| BLAKE2b-256 |
fbe6cab3d2ea557be8611dbb6fd4ad2cf9c9ed06feba8f90de946e4086572ee1
|
File details
Details for the file shieldcommit-1.0.0-py3-none-any.whl.
File metadata
- Download URL: shieldcommit-1.0.0-py3-none-any.whl
- Upload date:
- Size: 23.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2cc0ed38521fcc65af610a3d1c51b4aa9532be3d7218dc8af362637227c80034
|
|
| MD5 |
d448d55819be26ed9938ce39bc0fa055
|
|
| BLAKE2b-256 |
88cd0b111f4b3d122495fee0a89e021bee17f378927546948212ece2d4db7119
|