Metadata-Version: 2.4
Name: nyo-scanner
Version: 0.1.0
Summary: Lightweight secret scanner for repositories (API keys, tokens, high-entropy strings).
Author: Nyo Scanner contributors
License-Expression: MIT
Project-URL: Repository, https://github.com/Nyu404/nyo-scanner
Keywords: security,secrets,scanner,cli
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: Console
Classifier: Intended Audience :: Developers
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Security
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: rich>=13.0.0
Dynamic: license-file

# Nyo Scanner

**Nyo Scanner** is a lightweight secret scanner for local repositories. It helps catch API keys, cloud credentials, tokens, and other high-entropy strings before they are committed or pushed.

## Features

- **Regex matching** for common secret patterns (AWS, Stripe, Slack, and more).
- **Entropy heuristics** for random-looking strings that may be passwords or keys.
- **CLI output** via [Rich](https://github.com/Textualize/rich) for readable reports.
- **Git-friendly** — suitable for pre-commit hooks or local checks.

## Requirements

- Python **3.10+**

## Installation

Choose one approach. They all install the same tool; some avoid Windows `PATH` issues more than others.

### Option 1: pipx (recommended for end users)

[pipx](https://pipx.pypa.io/) installs CLI tools in isolated environments and puts the `nyo-scan` command on your PATH automatically (macOS, Linux, and Windows).

```bash
# After you publish to PyPI:
pipx install nyo-scanner
```

Install directly from GitHub (before PyPI, or for bleeding edge):

```bash
pipx install git+https://github.com/Nyu404/nyo-scanner.git
```

Then run:

```bash
nyo-scan --help
```

### Option 2: Virtual environment + pip

Keeps dependencies out of your system Python and activates a `Scripts` folder (Windows) or `bin` (macOS/Linux) so `nyo-scan` works in that terminal session.

```bash
git clone https://github.com/Nyu404/nyo-scanner.git
cd nyo-scanner
python -m venv .venv
```

**Windows (PowerShell):**

```powershell
.\.venv\Scripts\Activate.ps1
python -m pip install .
nyo-scan --help
```

**macOS / Linux:**

```bash
source .venv/bin/activate
python -m pip install .
nyo-scan --help
```

### Option 3: `python -m scanner` (always works if the package is installed)

If `nyo-scan` is not found (common on Windows when using `pip install --user` without adding **Scripts** to PATH), use the module form with the **same Python** you used for `pip install`:

```bash
python -m scanner --help
```

On Windows with several Python versions:

```bash
py -3.12 -m scanner --help
```

## Usage

```bash
nyo-scan --path .
```

Or:

```bash
python -m scanner --path .
```

## Why some people do not see `nyo-scan`

- **Windows + `pip install --user`**: executables go under `%APPDATA%\Python\Python3x\Scripts`, which is often **not** on PATH. Fix: add that folder to your user PATH, use **pipx**, use a **venv** and activate it, or use **`python -m scanner`**.
- **Multiple Pythons**: `pip` for one version and `python` for another means the package is missing. Fix: `python -m pip install .` then `python -m scanner`, or use `py -3.x` consistently.

## Publishing to PyPI (maintainers)

After replacing `YOUR_USERNAME` in `pyproject.toml` under `[project.urls]`:

```bash
python -m pip install build twine
python -m build
python -m twine upload dist/*
```

Then users can run `pipx install nyo-scanner` or `pip install nyo-scanner`.

## Pre-commit hook (optional)

`.git/hooks/pre-commit`:

```sh
#!/bin/sh
nyo-scan --path .
if [ $? -ne 0 ]; then
    echo "Commit aborted: potential secrets detected."
    exit 1
fi
```

If `nyo-scan` is not on PATH in Git’s environment, call your interpreter explicitly, for example:

```sh
python -m scanner --path .
```
