-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
VigneshKna
committed
Sep 28, 2024
1 parent
f75f3c3
commit 15465df
Showing
13 changed files
with
455 additions
and
188 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,14 +1,86 @@ | ||
# How2Validate | ||
|
||
How2Validate is a package designed to validate secrets and sensitive information across multiple platforms. | ||
**How2Validate** is a security-focused tool designed to validate sensitive secrets by querying official secret provider endpoints. It provides real-time feedback on the authenticity of the credentials, ensuring that the secrets are valid. | ||
|
||
## Why How2Validate? | ||
The need for **How2Validate** arises from the growing concern of exposing sensitive information in various applications, repositories, and environments. Leaked API keys, invalid credentials, and misconfigured secrets can lead to significant security vulnerabilities. **How2Validate** helps mitigate these risks by verifying secrets directly with the official providers before they are used in any system. | ||
|
||
## Features | ||
|
||
- Validate API keys, passwords, and other sensitive information. | ||
- Cross-platform support (Windows, Linux, macOS). | ||
- Easy integration with existing applications. | ||
- **Validate API keys, passwords, and sensitive information**: It interacts with official provider authentication endpoints to ensure the authenticity of the secrets. | ||
- **Cross-platform support**: Packages available for JavaScript, Python, and Docker environments. | ||
- **Easy to use**: Simplifies secret validation with straightforward commands and functions. | ||
- **Real-time feedback**: Instantly know the status of your secrets — whether they are valid or not. | ||
|
||
## How It Works | ||
|
||
**How2Validate** utilizes the official authentication endpoints provided by different service providers (like NPM, GitHub, Snyk, etc.) to validate secrets such as API keys, tokens, and other sensitive data. By querying these trusted endpoints, **How2Validate** ensures that the secrets are correct and not expired or invalid. | ||
|
||
For every provider, **How2Validate** relies on well-maintained libraries and packages suggested by those providers to handle the authentication process. | ||
|
||
## Detailed CLI Help | ||
|
||
The **How2Validate** tool provides multiple command-line options for validating secrets with precision. | ||
|
||
To see all available commands, use: | ||
|
||
```npm | ||
how2validate --help | ||
usage: How2Validate Tool | ||
Validate various types of secrets for different services. | ||
options: | ||
-h, --help show this help message and exit | ||
-secretscope Explore the secret universe. Your next target awaits. | ||
-provider PROVIDER Specify your provider. Unleash your validation arsenal. | ||
-service SERVICE Specify your target service. Validate your secrets with precision. | ||
-secret SECRET Unveil your secrets to verify their authenticity. | ||
-r, --response Monitor the status. View if your secret Active or InActive. | ||
-report Get detailed reports. Receive validated secrets via email [Alpha Feature]. | ||
-v, --version Expose the version. | ||
--update Hack the tool to the latest version. | ||
Ensuring the authenticity of your secrets. | ||
``` | ||
|
||
## Installation | ||
## How to Utilize the Functions | ||
|
||
**How2Validate** can be easily installed and used programmatically within projects. | ||
|
||
### Install the package: | ||
|
||
- Npm | ||
|
||
```bash | ||
npx jsr add @how2validate/how2validate | ||
npm install how2validate | ||
``` | ||
|
||
#### Import the package and use the validate function: | ||
|
||
```js | ||
import { validate } from 'how2validate' | ||
|
||
# Validate secrets programmatically | ||
var validation_result = validate(provider,service, secret, response, report) | ||
print(validation_result) | ||
|
||
``` | ||
|
||
### Example usage of validate function: | ||
|
||
```js | ||
import { validate } from 'how2validate' | ||
|
||
# Validate secrets programmatically | ||
var validation_result = validate( | ||
provider="NPM", | ||
service="NPM Access Token", | ||
secret="<<SECRET_HERE>>", | ||
response=False, | ||
report=False, | ||
) | ||
print(validation_result) | ||
|
||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.