captainhook/secrets

Utility classes to detect secrets

Maintainers

Details

github.com/captainhook-git/secrets

Source

Issues

Fund package maintenance!
sebastianfeldmann

Installs: 2 816 208

Dependents: 1

Suggesters: 0

Security: 0

Stars: 8

Watchers: 1

Forks: 1

Open Issues: 0

pkg:composer/captainhook/secrets

0.9.7 2025-04-08 07:10 UTC

Requires

MIT d62c97f75f81ac98e22f1c282482bd35fa82f631

  • Sebastian Feldmann <sf.woop@sebastian-feldmann.info>

passwordssecretskeystokenscommit-msgprepare-commit-msgpost-merge

This package is auto-updated.

Last update: 2025-11-08 08:48:56 UTC

README

Latest Stable Version Minimum PHP Version Downloads License Build Status Twitter

This package is used to detect passwords in your code. Mainly to prevent you from committing them to your version control.

You can use the regular expressions provided by the classes under Regex\Supplier or make use of the included Detector class. You can easily create your own Supplier classes or open a pull-request if you think it would be useful to others.

Here are some usage examples:

Using Suppliers

$result = Detector::create()
         ->useSuppliers(
            Aws::class,
            Google::class,
            GitHub::class
        )->detectIn($myString)

if ($result->wasSecretDetected()) {
    echo "secret detected: " . implode(' ', $result->matches());
}

Using your custom regex

$result = Detector::create()
        ->useRegex('#password = "\\S"#i')
        ->detectIn($myString)

if ($result->wasSecretDetected()) {
    echo "secret detected: " . implode(' ', $result->matches());
}

The Detector also supports a white list

$result = Detector::create()
        ->useRegex('#password = "\\S"#i')
        ->allow('#root#')
        ->detectIn($myString)

if ($result->wasSecretDetected()) {
    echo "secret detected: " . implode(' ', $result->matches());
}