npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

how2validate

v0.0.1-beta.28

Published

A CLI tool to validate secrets for different services.

Downloads

54

Readme

How2Validate

How2Validate is a security-focused tool designed to validate sensitive secrets by querying official secret provider endpoints. It provides real-time feedback on the authenticity of the credentials, ensuring that the secrets are valid.

Why How2Validate?

The need for How2Validate arises from the growing concern of exposing sensitive information in various applications, repositories, and environments. Leaked API keys, invalid credentials, and misconfigured secrets can lead to significant security vulnerabilities. How2Validate helps mitigate these risks by verifying secrets directly with the official providers before they are used in any system.

Features

  • Validate API keys, passwords, and sensitive information: It interacts with official provider authentication endpoints to ensure the authenticity of the secrets.
  • Cross-platform support: Packages available for JavaScript, Python, and Docker environments.
  • Easy to use: Simplifies secret validation with straightforward commands and functions.
  • Real-time feedback: Instantly know the status of your secrets — whether they are valid or not.

How It Works

How2Validate utilizes the official authentication endpoints provided by different service providers (like NPM, GitHub, Snyk, etc.) to validate secrets such as API keys, tokens, and other sensitive data. By querying these trusted endpoints, How2Validate ensures that the secrets are correct and not expired or invalid.

For every provider, How2Validate relies on well-maintained libraries and packages suggested by those providers to handle the authentication process.

Detailed CLI Help

The How2Validate tool provides multiple command-line options for validating secrets with precision.

To see all available commands, use:

how2validate --help

usage: How2Validate Tool [options]

Validate various types of secrets for different services.

options:
  -h, --help      show this help message and exit
  -secretscope    Explore the secret universe. Your next target awaits.
  -p, --provider  Specify your provider. Unleash your validation arsenal.
  -s, --service   Specify your target service. Validate your secrets with precision.
  -sec, --secret  Unveil your secrets to verify their authenticity.
  -r, --response  Monitor the status. View if your secret is Active or InActive.
  -R, --report    Get detailed reports. Receive validated secrets via email [Alpha Feature].
  -v, --version   Expose the version.
  --update        Hack the tool to the latest version.

Ensuring the authenticity of your secrets.

How to Utilize the Functions

How2Validate can be easily installed and used programmatically within projects.

Install the package:

Npm

npx jsr add @how2validate/how2validate

Import the package and use the validate function:

import { validate } from '@how2validate/how2validate';

# Validate secrets programmatically
var validation_result = validate(provider,service, secret, response, report)
print(validation_result)

pnpm

pnpm dlx jsr add @how2validate/how2validate

Import the package and use the validate function:

import { validate } from '@how2validate/how2validate';

bun

bunx jsr add @how2validate/how2validate

Import the package and use the validate function:

import { validate } from '@how2validate/how2validate';

yarn

yarn dlx jsr add @how2validate/how2validate

Import the package and use the validate function:

import { validate } from '@how2validate/how2validate';

Deno

deno add jsr:@how2validate/how2validate

Import the package and use the validate function:

import { validate } from '@how2validate/how2validate';

-- OR --

import { validate } from "jsr:@how2validate/how2validate";

Example usage of validate function:

import { validate } from '@how2validate/how2validate';

# Validate secrets programmatically
var validation_result = await validate(
    provider="NPM",
    service="NPM Access Token",
    secret="<<SECRET_HERE>>",
    response=False,
    report="[email protected]"
)
print(validation_result)