New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
check-my-secrets
Advanced tools
check-my-secrets - npm Package Compare versions
Comparing version 0.0.2 to 0.0.3
@@ -12,3 +12,3 @@ { | ||
| "parserOptions": { | ||
| "ecmaVersion": 2018, | ||
| "ecmaVersion": "latest", | ||
| "sourceType": "module" | ||
@@ -15,0 +15,0 @@ }, |
@@ -11,70 +11,70 @@ #!/usr/bin/env node | ||
| async function main() { | ||
| const encryptionKey = ck.ENCRYPTION_KEY || 'hello-world-123'; | ||
| const passwordsKey = ck.PWDS_KEY || 'checkmysecrets.pwds'; | ||
| // making the assumption commas are generally not allowed in passwords, | ||
| // change the separator sequence if that not the case for you | ||
| const passwordsSeparator = ck.PWDS_SEPARATOR || ','; | ||
| let passwords; | ||
| const encryptionKey = ck.ENCRYPTION_KEY || 'hello-world-123'; | ||
| const passwordsKey = ck.PWDS_KEY || 'checkmysecrets.pwds'; | ||
| // making the assumption commas are generally not allowed in passwords, | ||
| // change the separator sequence if that not the case for you | ||
| const passwordsSeparator = ck.PWDS_SEPARATOR || ','; | ||
| let passwords; | ||
| try { | ||
| const keyringDb = keyring.instance(encryptionKey).load(); | ||
| passwords = keyringDb.retrieveEncrypted(passwordsKey); | ||
| } catch (ex) { | ||
| if (ex.code === ERR_OSSL_BAD_DECRYPT) { | ||
| logger.log({ | ||
| level: 'warn', | ||
| message: 'Unable to decrypt secrets with provided encryption key. ' + README_STORE_SECRETS | ||
| }); | ||
| try { | ||
| const keyringDb = keyring.instance(encryptionKey).load(); | ||
| passwords = keyringDb.retrieveEncrypted(passwordsKey); | ||
| } catch (ex) { | ||
| if (ex.code === ERR_OSSL_BAD_DECRYPT) { | ||
| logger.log({ | ||
| level: 'warn', | ||
| message: 'Unable to decrypt secrets with provided encryption key. ' + README_STORE_SECRETS | ||
| }); | ||
| return | ||
| } | ||
| logger.log({ level: 'error', message: ex }); | ||
| return | ||
| return; | ||
| } | ||
| if (passwords === null) { | ||
| logger.log({ | ||
| level: 'warn', | ||
| message: 'Provided key is not defined in keyring. ' + README_STORE_SECRETS | ||
| }); | ||
| logger.log({ level: 'error', message: ex }); | ||
| return | ||
| } | ||
| return; | ||
| } | ||
| if (typeof passwords !== 'string') { | ||
| logger.log({ | ||
| level: 'warn', | ||
| message: 'Provided value should only contain a string.' | ||
| }); | ||
| if (passwords === null) { | ||
| logger.log({ | ||
| level: 'warn', | ||
| message: 'Provided key is not defined in keyring. ' + README_STORE_SECRETS | ||
| }); | ||
| return | ||
| } | ||
| return; | ||
| } | ||
| if (!passwords) { | ||
| logger.log({ | ||
| level: 'warn', | ||
| message: 'Could not find any value for provided key.' | ||
| }); | ||
| if (typeof passwords !== 'string') { | ||
| logger.log({ | ||
| level: 'warn', | ||
| message: 'Provided value should only contain a string.' | ||
| }); | ||
| return | ||
| } | ||
| return; | ||
| } | ||
| const uniquePasswords = [...new Set(passwords.split(passwordsSeparator))]; | ||
| const { compromised, message } = await checkPasswords(uniquePasswords); | ||
| if (!passwords) { | ||
| logger.log({ | ||
| level: compromised ? 'warn' : 'info', | ||
| message | ||
| level: 'warn', | ||
| message: 'Could not find any value for provided key.' | ||
| }); | ||
| notifier.notify({ | ||
| appID: 'Check My Secrets', | ||
| title: 'Scan result', | ||
| icon: compromised ? 'assets/Error.png' : 'assets/CompleteCheckmark.png', | ||
| message | ||
| }); | ||
| return; | ||
| } | ||
| const uniquePasswords = [...new Set(passwords.split(passwordsSeparator))]; | ||
| const { compromised, message } = await checkPasswords(uniquePasswords); | ||
| logger.log({ | ||
| level: compromised ? 'warn' : 'info', | ||
| message | ||
| }); | ||
| notifier.notify({ | ||
| appID: 'Check My Secrets', | ||
| title: 'Scan result', | ||
| icon: compromised ? 'assets/Error.png' : 'assets/CompleteCheckmark.png', | ||
| message | ||
| }); | ||
| } | ||
| main(); |
| { | ||
| "name": "check-my-secrets", | ||
| "version": "0.0.2", | ||
| "version": "0.0.3", | ||
| "description": "NodeJS script checking whether any of the passwords used online are compromised.", | ||
@@ -12,2 +12,4 @@ "bin": "./bin/check-my-secrets.js", | ||
| "start": "node --no-warnings bin/check-my-secrets.js", | ||
| "format": "npx prettier --check lib/*.*js bin/*.*js", | ||
| "format:fix": "npm run format -- --write", | ||
| "lint": "eslint lib/*.*js bin/*.*js" | ||
@@ -19,3 +21,6 @@ }, | ||
| "secret-management", | ||
| "password-integrity" | ||
| "password-integrity", | ||
| "password-safety", | ||
| "haveibeenpwned", | ||
| "security-tools" | ||
| ], | ||
@@ -35,4 +40,5 @@ "author": { | ||
| "devDependencies": { | ||
| "eslint": "^6.5.1" | ||
| "eslint": "^8.31.0", | ||
| "prettier": "^2.8.2" | ||
| } | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.56%
43906
- Number of package files
- increased by16.67%
14
- Lines of code
- increased by4.14%
176
Worsened metrics
- Dev dependency count
- increased by100%
2
No dependency changes