Add `scan` CLI for PII, adapt secret scanner API, and update packaging + tests by Jeffrin-dev · Pull Request #8 · Jeffrin-dev/ShadowAudit

Jeffrin-dev · 2026-03-28T11:08:07Z

Provide a quick CLI entrypoint to scan input text for PII entities and emit JSON results for automation.
Update secret-detection integration to match the newer detect-secrets API and improve entropy-based heuristics.
Improve packaging metadata and optional dependency groups for NER/siem use-cases and ensure policy files are included in distributions.

Add a scan subcommand to shadowaudit.cli that constructs PIIScanner(fast_mode=True), scans input text, and prints a JSON payload of the result.
Import asdict and PIIScanner in the CLI and fallback to model_dump() when available for pydantic/attrs-compatible output.
Replace old detect-secrets usage in shadowaudit/core/secrets.py with the detect_secrets.core.scan API and adapt the scanning loop to extract secret_value; keep entropy-based candidate detection and merging logic.
Update pyproject.toml to use hatchling as the build backend and add [project.optional-dependencies] groups ner and siem.
Add MANIFEST.in to include policies/gdpr.yaml, policies/hipaa.yaml, and policies/pci_dss.yaml.
Add a new test tests/test_cli_scan.py exercising the shadowaudit scan command and asserting that an EMAIL entity is reported.

Ran pytest tests/test_cli_scan.py which executed the new CLI test and the test passed.
Project test run (via pytest) completed for the modified test target without failures.

Fix detect-secrets API usage for adhoc text scanning

1d6b02b

Jeffrin-dev added the codex label Mar 28, 2026 — with ChatGPT Codex Connector

Jeffrin-dev merged commit 56d43db into main Mar 28, 2026
1 check passed

Provide feedback