secretguard 1.1.0
Detector coverage expanded from 45 to 95 patterns.
New detectors
AI
- OpenAI project and service account keys (
sk-proj-,sk-svcacct-) - Groq (
gsk_) and Replicate (r8_)
Cloud / hosting
- AWS temporary access keys (
ASIA) - DigitalOcean, Netlify, Heroku
- PlanetScale, Terraform Cloud, Pulumi, Vault
- GCP service account email markers
Payments / commerce
- Stripe restricted keys and webhook secrets (
rk_live_,whsec_) - Shopify (
shpat_,shpss_,shpca_,shppa_) - Square (
sq0atp-,sq0csp-)
Messaging
- Slack app tokens and webhook URLs
- Discord bot tokens and webhook URLs
- Telegram bot tokens
- Mailgun, Mailchimp, Resend, Postmark
Observability / SaaS
- Sentry auth tokens and DSNs
- New Relic, Datadog
- Notion, Linear, Postman, Dropbox, Mapbox, Algolia, Contentful
Infra
- Redis and AMQP URLs with credentials
- PKCS8 and DSA private keys
- GitLab runner, deploy, and OAuth tokens
Accuracy
- Mailgun keys now require Mailgun assignment context
- Generic API key matching filters placeholders and
process.envvalues - Added a clean-project fixture that must stay finding-free
Tests
- Direct tests for all 95 detectors
- Guard test fails if a new detector ships without coverage
npx secretguard .
**Full Changelog**: https://github.com/chintanshah35/secretguard/compare/v1.0.0...v1.1.0