Secrets Laravel Package
captainhook/secrets
Detect secrets like passwords and API keys in code to prevent accidental commits. Use built-in regex suppliers (AWS, Google, GitHub, etc.) or provide your own patterns, plus a whitelist for allowed matches. Includes a simple Detector API.
CaptainHook Secrets
This package is used to detect passwords in your code. Mainly to prevent you from committing them to your version control.
You can use the regular expressions provided by the classes under Regex\Supplier or make use of the included Detector class.
You can easily create your own Supplier classes or open a pull-request if you think it would be useful to others.
Here are some usage examples:
Using Suppliers
$result = Detector::create()
->useSuppliers(
Aws::class,
Google::class,
GitHub::class
)->detectIn($myString)
if ($result->wasSecretDetected()) {
echo "secret detected: " . implode(' ', $result->matches());
}
Using your custom regex
$result = Detector::create()
->useRegex('#password = "\\S"#i')
->detectIn($myString)
if ($result->wasSecretDetected()) {
echo "secret detected: " . implode(' ', $result->matches());
}
The Detector also supports a white list
$result = Detector::create()
->useRegex('#password = "\\S"#i')
->allow('#root#')
->detectIn($myString)
if ($result->wasSecretDetected()) {
echo "secret detected: " . implode(' ', $result->matches());
}
How can I help you explore Laravel packages today?