/** * @fileoverview Secret detection engine (Full-featured / Standalone) * @module @nahisaho/musubix-security/analysis/secret-detector * @trace REQ-SEC-SECRET-001, REQ-SEC-SECRET-002 * * NOTE: This is the full-featured secret detector in @nahisaho/musubix-security. * It provides AST-aware context detection, SHA-256 deduplication, test value filtering, * and file system scanning with configurable patterns. * * A lightweight regex-only scanner also exists in @nahisaho/musubix-core at * packages/core/src/symbolic/security-scanner.ts for embedded use in the symbolic * reasoning pipeline (zero external dependencies). The two share similar detection * targets (AWS keys, private keys, JWTs, etc.) but use different regex patterns * tuned for their respective use cases. This separation is intentional to preserve * core's zero-dependency isolation. */ import type { Secret, SecretPattern, SecretScanOptions, SecretScanResult } from '../types/index.js'; /** * Reset secret counter (for testing) */ export declare function resetSecretCounter(): void; /** * Secret detector engine */ export declare class SecretDetector { private patterns; private fileScanner; private options; constructor(options?: SecretScanOptions); /** * Scan file content for secrets */ scanContent(content: string, filePath: string): Secret[]; /** * Scan a single file */ scanFile(filePath: string): Promise; /** * Scan a directory for secrets */ scan(rootPath: string): Promise; /** * Add a custom pattern */ addPattern(pattern: SecretPattern): void; /** * Get all patterns */ getPatterns(): SecretPattern[]; } /** * Create a secret detector */ export declare function createSecretDetector(options?: SecretScanOptions): SecretDetector; //# sourceMappingURL=secret-detector.d.ts.map