Skip to content

v1.1.0

Latest

Choose a tag to compare

@chintanshah35 chintanshah35 released this 14 Jul 05:06

secretguard 1.1.0

Detector coverage expanded from 45 to 95 patterns.

New detectors

AI

  • OpenAI project and service account keys (sk-proj-, sk-svcacct-)
  • Groq (gsk_) and Replicate (r8_)

Cloud / hosting

  • AWS temporary access keys (ASIA)
  • DigitalOcean, Netlify, Heroku
  • PlanetScale, Terraform Cloud, Pulumi, Vault
  • GCP service account email markers

Payments / commerce

  • Stripe restricted keys and webhook secrets (rk_live_, whsec_)
  • Shopify (shpat_, shpss_, shpca_, shppa_)
  • Square (sq0atp-, sq0csp-)

Messaging

  • Slack app tokens and webhook URLs
  • Discord bot tokens and webhook URLs
  • Telegram bot tokens

Email

  • Mailgun, Mailchimp, Resend, Postmark

Observability / SaaS

  • Sentry auth tokens and DSNs
  • New Relic, Datadog
  • Notion, Linear, Postman, Dropbox, Mapbox, Algolia, Contentful

Infra

  • Redis and AMQP URLs with credentials
  • PKCS8 and DSA private keys
  • GitLab runner, deploy, and OAuth tokens

Accuracy

  • Mailgun keys now require Mailgun assignment context
  • Generic API key matching filters placeholders and process.env values
  • Added a clean-project fixture that must stay finding-free

Tests

  • Direct tests for all 95 detectors
  • Guard test fails if a new detector ships without coverage
npx secretguard .

**Full Changelog**: https://github.com/chintanshah35/secretguard/compare/v1.0.0...v1.1.0