Spaces:
Sleeping
Sleeping
| from __future__ import annotations | |
| import re | |
| from pathlib import Path | |
| SECRET_PATTERNS = [ | |
| re.compile(r"AKIA[0-9A-Z]{16}"), | |
| re.compile(r"(?i)(api[_-]?key|secret|token)\s*=\s*['\"][^'\"]{20,}['\"]"), | |
| ] | |
| SKIP_DIRS = {".git", "node_modules", ".venv", "venv", ".pytest_cache", ".mypy_cache"} | |
| violations: list[str] = [] | |
| for path in Path(".").rglob("*"): | |
| if any(part in SKIP_DIRS for part in path.parts) or not path.is_file(): | |
| continue | |
| if path.suffix.lower() in {".png", ".jpg", ".jpeg", ".gif", ".ico", ".zip"}: | |
| continue | |
| text = path.read_text(encoding="utf-8", errors="ignore") | |
| for pattern in SECRET_PATTERNS: | |
| if pattern.search(text): | |
| violations.append(str(path)) | |
| break | |
| if violations: | |
| raise SystemExit("Potential secrets found:\n" + "\n".join(violations)) | |
| print("No obvious committed secrets detected.") | |