Secret Scanner

The Secret Scanner is a Visual Studio Code extension that leverages customizable regex patterns to detect potentially sensitive information, such as passwords, API keys, and tokens, within your VS Code projects. It is designed to aid developers in safeguarding their codebase by easily identifying secrets that might have been inadvertently included in their projects.

Features

• Customizable Scanning Patterns: Define your own regex patterns to tailor the scan to your specific needs.
• Detailed Scan Results: Provides the file path, line number, and relevant details for each detected piece of sensitive information.
• Effortless Navigation to Findings: Directly jump to the code line where sensitive information was detected from the scan results for quick review and remediation.
• Real-time Scanning: Optionally configure the scanner to run in real time, monitoring files as they are modified or added to your project.

Installation

Install the Secret Scanner extension directly from the Visual Studio Code Marketplace:

1. Open Visual Studio Code.
2. Navigate to the Extensions view by clicking on the square icon on the sidebar or pressing Ctrl+Shift+X.
3. Search for "Secret Scanner".
4. Click on the Install button.

To add or customize scanning patterns, edit the settings.json file in your VS Code settings directory. Here's an example on how to add a custom regex pattern for detecting IP addresses:

"secretScanner.patterns": [
    {
        "regex": "\\b(?:\\d{1,3}\\.){3}\\d{1,3}\\b",
        "category": "IP Address"
    }
]

This configuration allows Secret Scanner to identify and highlight potential IP addresses in your code, showcasing the extension's ability to be customized for different scanning needs.