# Changelog All notable changes to Lost Keys will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] ## [0.1.1] - 2025-11-22 ### Fixed - Fixed ESM/CommonJS compatibility error with chalk v5 on Windows - Downgraded chalk from ^5.3.0 to ^4.1.2 to support CommonJS require() - Resolves "Error [ERR_REQUIRE_ESM]" when running on Node.js 20+ ## [0.1.0] - 2025-11-22 ### Added (v0.1.0 - Initial MVP Release) #### Core Features - **CLI Installation** (LK-7): Full command-line interface with Commander.js - **Repository Initialization** (LK-8): `init` command to set up Lost Keys in git repositories - **Pattern-Based Detection** (LK-9): Multi-provider secret pattern matching for 40+ secret types - **Entropy-Based Detection** (LK-10): High-entropy string analysis for unknown secrets - **Context-Aware Confidence Scoring** (LK-11): Smart detection with reduced false positives - **Pre-commit Hook Integration** (LK-12): Automated scanning with parallel file processing - **Clear Error Messages** (LK-13): Actionable feedback with remediation steps - **YAML Configuration** (LK-14): Flexible configuration with `.lost-keys.yml` - **Whitelist Management** (LK-15): Pattern whitelisting with wildcard support - **Performance Optimization** (LK-16): Progress indicators and performance benchmarks - **Comprehensive Documentation** (LK-17): README, CLI help, and examples - **Integration Testing** (LK-19): Real git repository end-to-end tests #### Secret Detection Support - **Cloud Providers**: AWS (Access Keys, Secret Keys), Google Cloud Platform - **Version Control**: GitHub (Personal Access Tokens - Classic & Fine-grained) - **Communication**: Slack (API tokens, Webhooks, Bot tokens), SendGrid, Twilio - **Databases**: MongoDB, MySQL, PostgreSQL connection strings - **Payment**: Stripe (Secret Keys, Publishable Keys, Restricted Keys) - **AI Services**: OpenAI API Keys, Anthropic API Keys - **Authentication**: Generic API Keys, JWT tokens, OAuth tokens, Bearer tokens - **Cryptography**: SSH Private Keys (RSA, DSA, EC, OpenSSH) #### Testing & Quality - 94.81% test coverage (473 tests across 25 test suites) - Unit tests for all core modules - Integration tests for user workflows - Performance benchmarks - Linting with ESLint - Code formatting with Prettier - TypeScript strict mode #### Developer Experience - Interactive CLI with helpful error messages - Progress indicators for multi-file scans - Flexible configuration options - Whitelist management commands - Git hook manager compatibility (native, Husky, simple-git-hooks) - Comprehensive CLI help system #### Documentation - Detailed README with examples - Contributing guidelines - MIT License - Inline code documentation ### Technical Highlights - Parallel file scanning with configurable concurrency - Intelligent file filtering (skips binaries, test files, examples) - Context-aware confidence adjustments (comments, test files, sample keywords) - Entropy analysis with whitelisted patterns (UUIDs, hashes, lorem ipsum) - Modular pattern architecture for easy extensibility ### Performance - Scans 10 small files (50 lines each) in <1 second - Scans 50 medium files (200 lines each) in <3 seconds - Scans 5000-line files in <2 seconds - Efficient parallel processing with p-limit ## Release Notes ### v0.1.0 - Initial MVP Release (Unreleased) Lost Keys 0.1.0 is the initial MVP release providing comprehensive secret detection for git repositories. This release includes: - **40+ secret patterns** across multiple categories - **Pre-commit hook integration** for automated protection - **94.81% test coverage** ensuring reliability - **Flexible configuration** via YAML - **Whitelist management** for handling false positives - **High performance** with parallel scanning This is a production-ready tool suitable for: - Individual developers protecting personal projects - Teams implementing secret scanning in their workflows - Organizations establishing DevSecOps practices ### Known Limitations - Husky and simple-git-hooks integration requires manual setup (native hooks work automatically) - No git history scanning (only scans staged files) - No remote monitoring (local-only protection) - English language only ### Upgrade Notes - This is the initial release, no upgrade path needed ### Breaking Changes - None (initial release) --- ## Version History - **v0.1.0** (Unreleased) - Initial MVP release with core secret detection features ## Links - [GitHub Repository](https://github.com/hilltopventuregroup/lost-keys) - [Issue Tracker](https://github.com/hilltopventuregroup/lost-keys/issues) - [npm Package](https://www.npmjs.com/package/lost-keys) (coming soon)