Skip to main content
This release is a pre-release — the latest non-prerelease version of @how2validate/how2validate is 0.0.1. Jump to this version

A CLI tool to validate secrets for different services.

This package works with Node.js, Deno, BunIt is unknown whether this package works with Cloudflare Workers, Browsers
It is unknown whether this package works with Cloudflare Workers
This package works with Node.js
This package works with Deno
This package works with Bun
It is unknown whether this package works with Browsers
JSR Score
47%
Published
2 weeks ago (0.0.2-beta.37)

How2Validate

How2Validate is a security-focused tool designed to validate sensitive secrets by querying official secret provider endpoints. It provides real-time feedback on the authenticity of the credentials, ensuring that the secrets are valid.

Why How2Validate?

The need for How2Validate arises from the growing concern of exposing sensitive information in various applications, repositories, and environments. Leaked API keys, invalid credentials, and misconfigured secrets can lead to significant security vulnerabilities. How2Validate helps mitigate these risks by verifying secrets directly with the official providers before they are used in any system.

Features

  • Validate API keys, passwords, and sensitive information: It interacts with official provider authentication endpoints to ensure the authenticity of the secrets.
  • Cross-platform support: Packages available for JavaScript, Python, and Docker environments.
  • Easy to use: Simplifies secret validation with straightforward commands and functions.
  • Real-time feedback: Instantly know the status of your secrets — whether they are valid or not.

How It Works

How2Validate utilizes the official authentication endpoints provided by different service providers (like NPM, GitHub, Snyk, etc.) to validate secrets such as API keys, tokens, and other sensitive data. By querying these trusted endpoints, How2Validate ensures that the secrets are correct and not expired or invalid.

For every provider, How2Validate relies on well-maintained libraries and packages suggested by those providers to handle the authentication process.

Detailed CLI Help

The How2Validate tool provides multiple command-line options for validating secrets with precision.

To see all available commands, use:

how2validate --help

usage: How2Validate Tool

Validate various types of secrets for different services.

options:
  -h, --help          show this help message and exit
  -secretscope        Explore the secret universe. Your next target awaits.
  -provider PROVIDER  Specify your provider. Unleash your validation arsenal.
  -service SERVICE    Specify your target service. Validate your secrets with precision.
  -secret SECRET      Unveil your secrets to verify their authenticity.
  -r, --response      Monitor the status. View if your secret Active or InActive.
  -report             Get detailed reports. Receive validated secrets via email [Alpha Feature].
  -v, --version       Expose the version.
  --update            Hack the tool to the latest version.

Ensuring the authenticity of your secrets.

How to Utilize the Functions

How2Validate can be easily installed and used programmatically within projects.

Install the package:

  • Npm
npx jsr add @how2validate/how2validate

Import the package and use the validate function:

import { validate } from '@how2validate/how2validate';

# Validate secrets programmatically
var validation_result = validate(provider,service, secret, response, report, isBrowser)
print(validation_result)

  • pnpm
pnpm dlx jsr add @how2validate/how2validate

Import the package and use the validate function:

import { validate } from '@how2validate/how2validate';
  • bun
bunx jsr add @how2validate/how2validate

Import the package and use the validate function:

import { validate } from '@how2validate/how2validate';
  • yarn
yarn dlx jsr add @how2validate/how2validate

Import the package and use the validate function:

import { validate } from '@how2validate/how2validate';
  • Deno
deno add jsr:@how2validate/how2validate

Import the package and use the validate function:

import { validate } from '@how2validate/how2validate';

-- OR --

import { validate } from "jsr:@how2validate/how2validate";

Example usage of validate function:

import { validate } from '@how2validate/how2validate';

# Validate secrets programmatically
var validation_result = validate(
    provider="NPM",
    service="NPM Access Token",
    secret="<<SECRET_HERE>>",
    response=False,
    report=False,
)
print(validation_result)

Add Package

deno add jsr:@how2validate/how2validate

Import symbol

import * as mod from "@how2validate/how2validate";

---- OR ----

Import directly with a jsr specifier

import * as mod from "jsr:@how2validate/how2validate";

Add Package

npx jsr add @how2validate/how2validate

Import symbol

import * as mod from "@how2validate/how2validate";

Add Package

yarn dlx jsr add @how2validate/how2validate

Import symbol

import * as mod from "@how2validate/how2validate";

Add Package

pnpm dlx jsr add @how2validate/how2validate

Import symbol

import * as mod from "@how2validate/how2validate";

Add Package

bunx jsr add @how2validate/how2validate

Import symbol

import * as mod from "@how2validate/how2validate";