diff --git a/src/js/config.ini b/src/js/config.ini index a5aab47..ddb5cab 100644 --- a/src/js/config.ini +++ b/src/js/config.ini @@ -1,6 +1,6 @@ [DEFAULT] package_name = @how2validate/how2validate -version = 0.0.1-beta.5 +version = 0.0.1-beta.6 [SECRET] secret_active = Active diff --git a/src/js/how2validate/index.ts b/src/js/how2validate/index.ts index ac061c6..f0b7aaf 100644 --- a/src/js/how2validate/index.ts +++ b/src/js/how2validate/index.ts @@ -50,12 +50,12 @@ program .option( "-provider ", `Specify your provider. Unleash your validation arsenal.`, - (value) => validateChoice(value, providerChoices) + (value: string) => validateChoice(value, providerChoices) ) .option( "-service ", `Specify your target service. Validate your secrets with precision.`, - (value) => validateChoice(value, serviceChoices) + (value: string) => validateChoice(value, serviceChoices) ) .option("-secret ", "Unveil your secrets to verify their authenticity.") .option( @@ -67,13 +67,13 @@ program /** * Validate the provided secret using the given provider, service, and options. - * + * * @param {string} provider - The provider to use for validation. * @param {string} service - The service to validate the secret with. * @param {string} secret - The secret that needs to be validated. * @param {boolean} response - Whether to get a response status for the secret. * @param {boolean} report - Whether to generate a report for the validation. - * + * * @returns {Promise} - A promise that resolves when validation is complete. */ export async function validate( @@ -96,7 +96,7 @@ export async function validate( /** * Main function that executes the CLI program logic. * Parses the command-line arguments and performs actions based on the options provided. - * + * * @returns {Promise} - A promise that resolves when the program execution is complete. */ async function main(): Promise { @@ -116,7 +116,7 @@ async function main(): Promise { getSecretscope(); return; // Exit after updating } catch (error) { - console.error(`Error fetching Scoped secret services : ${error}`); // Log any errors + console.error(`Error fetching Scoped secret services: ${error}`); // Log any errors return; } } @@ -144,9 +144,7 @@ async function main(): Promise { // Attempt to validate the secret try { console.info( - `Initiating validation for service: ${ - options.service - } with a provided secret.` + `Initiating validation for service: ${options.service} with a provided secret.` ); await validate( options.provider, @@ -163,4 +161,4 @@ async function main(): Promise { } // Start the main function and handle any unexpected errors -main().catch((error) => console.error(`Unexpected error: ${error}`)); +main().catch((error) => console.error(`Unexpected error: ${error}`)); \ No newline at end of file diff --git a/src/js/how2validate/utility/config_utility.ts b/src/js/how2validate/utility/config_utility.ts index 7e72c8e..6a98051 100644 --- a/src/js/how2validate/utility/config_utility.ts +++ b/src/js/how2validate/utility/config_utility.ts @@ -1,5 +1,5 @@ -const fs = require('fs'); -const path = require('path'); +import * as path from "path"; +import * as fs from "fs"; interface Config { DEFAULT?: { diff --git a/src/js/jsr.json b/src/js/jsr.json index 9d02ffb..8d64520 100644 --- a/src/js/jsr.json +++ b/src/js/jsr.json @@ -1,6 +1,6 @@ { "name": "@how2validate/how2validate", - "version": "0.0.2-beta.8", + "version": "0.0.2-beta.9", "license": "MIT", "exports": "./how2validate/index.ts", "publish": { diff --git a/src/js/package.json b/src/js/package.json index 306a015..343702f 100644 --- a/src/js/package.json +++ b/src/js/package.json @@ -1,6 +1,6 @@ { "name": "how2validate", - "version": "0.0.1-beta.5", + "version": "0.0.1-beta.6", "description": "A CLI tool to validate secrets for different services.", "main": "how2validate/index.ts", "scripts": { @@ -25,6 +25,7 @@ "url": "https://github.com/Blackplums/how2validate/issues" }, "homepage": "https://github.com/Blackplums/how2validate#readme", + "type": "commonjs", "dependencies": { "axios": "^1.7.7", "cli-table3": "^0.6.5", diff --git a/src/js/tsconfig.json b/src/js/tsconfig.json index 781eb4d..d66f2b0 100644 --- a/src/js/tsconfig.json +++ b/src/js/tsconfig.json @@ -1,13 +1,14 @@ { "compilerOptions": { - "target": "ES6", // Specifies the JavaScript version to compile to. ES6 (also known as ES2015) is a widely supported version. - "module": "CommonJS", // Defines the module system to use. CommonJS is the standard for Node.js modules. + "target": "ES2021", // Specifies the JavaScript version to compile to. ES6 (also known as ES2015) is a widely supported version. + "module": "commonjs", // Defines the module system to use. CommonJS is the standard for Node.js modules. "outDir": "./dist", // The output directory where compiled JavaScript files will be placed. "rootDir": "./how2validate", // The root directory of your TypeScript source files; all files under this directory will be included in the compilation. "strict": true, // Enables all strict type-checking options for more rigorous checks. "esModuleInterop": true, // Allows default imports from modules with no default export. Enables interoperability between CommonJS and ES modules. "skipLibCheck": true, // Skips type checking of declaration files (e.g., `.d.ts` files), speeding up the compilation process. - "forceConsistentCasingInFileNames": true // Ensures that file name casing is consistent across the project to prevent errors on case-sensitive file systems. + "forceConsistentCasingInFileNames": true, // Ensures that file name casing is consistent across the project to prevent errors on case-sensitive file systems. + "moduleResolution": "node" }, "include": [ "how2validate/**/*", diff --git a/src/python/README.md b/src/python/README.md index 9b45b53..eb97b9c 100644 --- a/src/python/README.md +++ b/src/python/README.md @@ -1,14 +1,84 @@ # How2Validate -How2Validate is a package designed to validate secrets and sensitive information across multiple platforms. +**How2Validate** is a security-focused tool designed to validate sensitive secrets by querying official secret provider endpoints. It provides real-time feedback on the authenticity of the credentials, ensuring that the secrets are valid. + +## Why How2Validate? +The need for **How2Validate** arises from the growing concern of exposing sensitive information in various applications, repositories, and environments. Leaked API keys, invalid credentials, and misconfigured secrets can lead to significant security vulnerabilities. **How2Validate** helps mitigate these risks by verifying secrets directly with the official providers before they are used in any system. ## Features -- Validate API keys, passwords, and other sensitive information. -- Cross-platform support (Windows, Linux, macOS). -- Easy integration with existing applications. +- **Validate API keys, passwords, and sensitive information**: It interacts with official provider authentication endpoints to ensure the authenticity of the secrets. +- **Cross-platform support**: Packages available for JavaScript, Python, and Docker environments. +- **Easy to use**: Simplifies secret validation with straightforward commands and functions. +- **Real-time feedback**: Instantly know the status of your secrets — whether they are valid or not. + +## How It Works + +**How2Validate** utilizes the official authentication endpoints provided by different service providers (like NPM, GitHub, Snyk, etc.) to validate secrets such as API keys, tokens, and other sensitive data. By querying these trusted endpoints, **How2Validate** ensures that the secrets are correct and not expired or invalid. + +For every provider, **How2Validate** relies on well-maintained libraries and packages suggested by those providers to handle the authentication process. + +## Detailed CLI Help + +The **How2Validate** tool provides multiple command-line options for validating secrets with precision. -## Installation +To see all available commands, use: ```bash +how2validate --help + +usage: How2Validate Tool + +Validate various types of secrets for different services. + +options: + -h, --help show this help message and exit + -secretscope Explore the secret universe. Your next target awaits. + -provider PROVIDER Specify your provider. Unleash your validation arsenal. + -service SERVICE Specify your target service. Validate your secrets with precision. + -secret SECRET Unveil your secrets to verify their authenticity. + -r, --response Monitor the status. View if your secret Active or InActive. + -report Get detailed reports. Receive validated secrets via email [Alpha Feature]. + -v, --version Expose the version. + --update Hack the tool to the latest version. + +Ensuring the authenticity of your secrets. +``` + +## How to Utilize the Functions + +**How2Validate** can be easily installed and used programmatically within Python projects. + +### Install the package: + +```py pip install how2validate +``` + +### Import the package and use the validate function: + +```py +from how2validate import validate + +# Validate secrets programmatically +validation_result = validate(provider,service, secret, response, report) +print(validation_result) + +``` + +### Example usage of validate function: + +```py +from how2validate import validate + +# Validate secrets programmatically +validation_result = validate( + provider="NPM", + service="NPM Access Token", + secret="<>", + response=False, + report=False, +) +print(validation_result) + +``` \ No newline at end of file diff --git a/src/python/config.ini b/src/python/config.ini index fda8da5..8157a4a 100644 --- a/src/python/config.ini +++ b/src/python/config.ini @@ -1,6 +1,6 @@ [DEFAULT] package_name = how2validate -version = 0.0.1-beta.0 +version = 0.0.1-beta.1 [SECRET] secret_active = Active