From b041151622bacc5e04c14a12faeb0c2ca7c3cf9c Mon Sep 17 00:00:00 2001
From: Manabu Niseki <manabu.niseki@gmail.com>
Date: Sat, 26 Sep 2020 14:48:39 +0900
Subject: [PATCH 1/2] Add npm detector

Add a new detector which searches for NPM auth tokens
---
 detect_secrets/plugins/npm.py | 17 +++++++++++++++++
 tests/plugins/npm_test.py     | 22 ++++++++++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100644 detect_secrets/plugins/npm.py
 create mode 100644 tests/plugins/npm_test.py

diff --git a/detect_secrets/plugins/npm.py b/detect_secrets/plugins/npm.py
new file mode 100644
index 000000000..9d7fcfcc2
--- /dev/null
+++ b/detect_secrets/plugins/npm.py
@@ -0,0 +1,17 @@
+"""
+This plugin searches for NPM tokens
+"""
+import re
+
+from detect_secrets.plugins.base import RegexBasedDetector
+
+
+class NpmDetector(RegexBasedDetector):
+    """Scans for NPM tokens."""
+    secret_type = 'NPM tokens'
+
+    denylist = [
+        # npmrc authToken
+        # ref. https://stackoverflow.com/questions/53099434/using-auth-tokens-in-npmrc
+        re.compile(r'\/\/.+\/:_authToken=.+'),
+    ]
diff --git a/tests/plugins/npm_test.py b/tests/plugins/npm_test.py
new file mode 100644
index 000000000..2bf38a358
--- /dev/null
+++ b/tests/plugins/npm_test.py
@@ -0,0 +1,22 @@
+import pytest
+
+from detect_secrets.plugins.npm import NpmDetector
+
+
+class TestNpmDetector:
+
+    @pytest.mark.parametrize(
+        'payload, should_flag',
+        [
+            ('//registry.npmjs.org/:_authToken=xxxxxxxxxxxxxxxxxxxx', True),
+            ('//registry.npmjs.org:_authToken=xxxxxxxxxxxxxxxxxxxx', False),
+            ('registry.npmjs.org/:_authToken=xxxxxxxxxxxxxxxxxxxx', False),
+            ('///:_authToken=xxxxxxxxxxxxxxxxxxxx', False),
+            ('_authToken=xxxxxxxxxxxxxxxxxxxx', False),
+            ('foo', False),
+        ],
+    )
+    def test_analyze(self, payload, should_flag):
+        logic = NpmDetector()
+        output = logic.analyze_line(payload, 1, 'mock_filename')
+        assert len(output) == int(should_flag)

From f92bb41e763b9ed3df944df74ca553a5577ae7b3 Mon Sep 17 00:00:00 2001
From: Manabu Niseki <manabu.niseki@gmail.com>
Date: Thu, 12 Nov 2020 14:20:57 +0900
Subject: [PATCH 2/2] fix: update analyze_line() call

---
 tests/plugins/npm_test.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/plugins/npm_test.py b/tests/plugins/npm_test.py
index 2bf38a358..910f4ba55 100644
--- a/tests/plugins/npm_test.py
+++ b/tests/plugins/npm_test.py
@@ -18,5 +18,5 @@ class TestNpmDetector:
     )
     def test_analyze(self, payload, should_flag):
         logic = NpmDetector()
-        output = logic.analyze_line(payload, 1, 'mock_filename')
+        output = logic.analyze_line(filename='mock_filename', line=payload)
         assert len(output) == int(should_flag)