4nk/id_verif
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
id_verif/scripts/security/audit.sh

30 lines
807 B
Bash
Raw Blame History

#!/usr/bin/env bash
set -euo pipefail
echo "[security-audit] démarrage"
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")"/../.. && pwd)"
cd "$ROOT_DIR"
rc=0
# 1) Audit npm (si package.json présent)
if [ -f package.json ]; then
echo "[security-audit] npm audit --audit-level=moderate"
if ! npm audit --audit-level=moderate; then rc=1; fi || true
else
echo "[security-audit] pas de package.json (ok)"
fi
# 2) Recherche de secrets grossiers
echo "[security-audit] scan secrets"
if grep -RIE "(?i)(api[_-]?key|secret|password|private[_-]?key)" --exclude-dir .git --exclude-dir node_modules --exclude "*.md" . >/dev/null 2>&1; then
echo "[security-audit] secrets potentiels détectés"; rc=1
else
echo "[security-audit] aucun secret évident"
fi
echo "[security-audit] terminé rc=$rc"
exit $rc
Reference in New Issue View Git Blame Copy Permalink