feat: Add GitHub Scanning app

apps/github-scanner/.env.example

@@ -0,0 +1 @@
+CLONING_DIR=

apps/github-scanner/.eslintrc.js

@@ -0,0 +1,24 @@
+module.exports = {
+  extends: ['custom/next'],
+  rules: {
+    //temporary disable all error causing rules
+    '@typescript-eslint/no-unused-vars': 'off',
+    '@typescript-eslint/explicit-function-return-type': 'off',
+    'no-console': 'off',
+    'object-shorthand': 'off',
+    'react/jsx-sort-props': 'off',
+    '@typescript-eslint/no-misused-promises': 'off',
+    'no-useless-return': 'off',
+    'react/jsx-no-leaked-render': 'off',
+    '@typescript-eslint/consistent-type-imports': 'off',
+    '@typescript-eslint/no-non-null-assertion': 'off',
+    'prefer-named-capture-group': 'off',
+    'turbo/no-undeclared-env-vars': 'off',
+    '@typescript-eslint/no-unsafe-assignment': 'off',
+    '@typescript-eslint/no-unsafe-member-access': 'off',
+    'no-await-in-loop': 'off',
+    '@typescript-eslint/no-unsafe-call': 'off',
+    '@typescript-eslint/no-unsafe-argument': 'off',
+    '@typescript-eslint/no-confusing-void-expression': 'off'
+  }
+}

apps/github-scanner/.gitignore

@@ -0,0 +1,36 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+.yarn/install-state.gz
+
+# testing
+/coverage
+
+# next.js
+/.next/
+/out/
+
+# production
+/build
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# local env files
+.env*.local
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo
+next-env.d.ts

apps/github-scanner/README.md

@@ -0,0 +1,3 @@
+# GitHub Scan
+
+This is a simple tool to scan GitHub repositories for secrets.

apps/github-scanner/next.config.mjs

@@ -0,0 +1,4 @@
+/** @type {import('next').NextConfig} */
+const nextConfig = {};
+
+export default nextConfig;

apps/github-scanner/package.json

@@ -0,0 +1,29 @@
+{
+  "name": "github-scanner",
+  "version": "0.1.0",
+  "private": true,
+  "scripts": {
+    "dev": "next dev -p 5173",
+    "build": "next build",
+    "start": "next start -p 5173",
+    "lint": "next lint --fix"
+  },
+  "dependencies": {
+    "@keyshade/secret-scan": "workspace:*",
+    "glob": "^11.0.0",
+    "next": "14.2.18",
+    "react": "^18",
+    "react-dom": "^18",
+    "simple-git": "^3.27.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20",
+    "@types/react": "^18",
+    "@types/react-dom": "^18",
+    "eslint": "^8",
+    "eslint-config-next": "14.2.18",
+    "postcss": "^8",
+    "tailwindcss": "^3.4.1",
+    "typescript": "^5"
+  }
+}

apps/github-scanner/postcss.config.mjs

@@ -0,0 +1,8 @@
+/** @type {import('postcss-load-config').Config} */
+const config = {
+  plugins: {
+    tailwindcss: {},
+  },
+};
+
+export default config;

apps/github-scanner/src/app/api/scan/route.ts

@@ -0,0 +1,39 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { GitHubScanner } from '@/util/scan-repo'
+
+export function GET(req: NextRequest) {
+  const { searchParams } = new URL(req.url)
+  const githubUrl = searchParams.get('github_url')
+
+  if (!githubUrl) {
+    return NextResponse.json(
+      { error: 'Invalid or missing github_url parameter' },
+      { status: 400 }
+    )
+  }
+
+  const stream = new ReadableStream({
+    async start(controller) {
+      try {
+        await GitHubScanner.scanRepo(githubUrl, {
+          write: (chunk) => controller.enqueue(chunk),
+          close: () => controller.close()
+        })
+      } catch (error) {
+        if (error instanceof Error) {
+          console.error('Failed to scan repository:', error)
+          controller.enqueue(JSON.stringify({ error: error.message }))
+        } else {
+          controller.enqueue(JSON.stringify({ error: 'Internal Server Error' }))
+        }
+        controller.close()
+      }
+    }
+  })
+
+  return new Response(stream, {
+    headers: {
+      'Content-Type': 'application/json'
+    }
+  })
+}

apps/github-scanner/src/app/globals.css

@@ -0,0 +1,27 @@
+@tailwind base;
+@tailwind components;
+@tailwind utilities;
+
+:root {
+  --background: #ffffff;
+  --foreground: #171717;
+}
+
+@media (prefers-color-scheme: dark) {
+  :root {
+    --background: #0a0a0a;
+    --foreground: #ededed;
+  }
+}
+
+body {
+  color: var(--foreground);
+  background: var(--background);
+  font-family: Arial, Helvetica, sans-serif;
+}
+
+@layer utilities {
+  .text-balance {
+    text-wrap: balance;
+  }
+}

apps/github-scanner/src/app/layout.tsx

@@ -0,0 +1,35 @@
+import type { Metadata } from 'next'
+import localFont from 'next/font/local'
+import './globals.css'
+
+const geistSans = localFont({
+  src: './fonts/GeistVF.woff',
+  variable: '--font-geist-sans',
+  weight: '100 900'
+})
+const geistMono = localFont({
+  src: './fonts/GeistMonoVF.woff',
+  variable: '--font-geist-mono',
+  weight: '100 900'
+})
+
+export const metadata: Metadata = {
+  title: 'Create Next App',
+  description: 'Generated by create next app'
+}
+
+export default function RootLayout({
+  children
+}: Readonly<{
+  children: React.ReactNode
+}>) {
+  return (
+    <html lang="en">
+      <body
+        className={`${geistSans.variable} ${geistMono.variable} antialiased`}
+      >
+        {children}
+      </body>
+    </html>
+  )
+}

apps/github-scanner/src/app/page.tsx

@@ -0,0 +1,12 @@
+import RepoInput from '@/components/repo-input'
+
+export default function Home() {
+  return (
+    <div className="m-4 grid min-h-screen items-center">
+      <div className="grid justify-items-center gap-8">
+        <h1 className="text-2xl dark:text-green-400">GitHub Scan</h1>
+        <RepoInput />
+      </div>
+    </div>
+  )
+}

apps/github-scanner/src/components/repo-input.tsx

@@ -0,0 +1,109 @@
+'use client'
+import React, { useState } from 'react'
+import { ScanResponse, ScanResult } from '@/util/types'
+
+function RepoInput() {
+  const [url, setUrl] = useState('')
+  const [responseData, setResponseData] = useState<ScanResponse | null>(null)
+  const [streamData, setStreamData] = useState<ScanResult[]>([])
+
+  const handleOnSubmit = async (e: React.FormEvent<HTMLFormElement>) => {
+    e.preventDefault()
+    setResponseData({ loading: true })
+    setStreamData([]) // Clear previous stream data
+
+    try {
+      const response = await fetch(`/api/scan?github_url=${url}`)
+
+      const reader = response.body?.getReader()
+      if (!reader) {
+        throw new Error('Failed to get reader from response body')
+      }
+
+      const decoder = new TextDecoder()
+      let done = false
+
+      while (!done) {
+        const { value, done: readerDone } = await reader.read()
+        done = readerDone
+        const chunks = decoder
+          .decode(value, { stream: true })
+          .split('<%keyshade-delim%>')
+          .filter((s) => s.length > 0)
+        const res: ScanResult[] = []
+        for (const chunk of chunks) {
+          const parsed = JSON.parse(chunk)
+          if (parsed.error) {
+            setStreamData([])
+            setResponseData({ error: parsed.error, loading: false })
+            return
+          }
+          res.push(parsed.secret)
+        }
+        setStreamData((prev) => [...prev, ...res])
+      }
+
+      setResponseData({ loading: false })
+    } catch {
+      setStreamData([])
+      setResponseData({ error: 'Internal Error', loading: false })
+    }
+  }
+
+  return (
+    <>
+      <form
+        className="grid grid-cols-1 gap-2 sm:w-3/5 sm:grid-cols-6"
+        action=""
+        onSubmit={handleOnSubmit}
+      >
+        <input
+          value={url}
+          onChange={(e) => setUrl(e.target.value)}
+          type="url"
+          name="github_url"
+          id="github_url"
+          className="h-12 w-full rounded-xl bg-slate-600 p-2 placeholder:text-center sm:col-span-5"
+          placeholder="Enter a GitHub repo URL"
+        />
+        {responseData?.loading ? (
+          <button
+            type="button"
+            disabled
+            className="h-8 rounded-xl bg-yellow-400 text-white sm:h-full sm:text-sm"
+          >
+            Scanning..
+          </button>
+        ) : (
+          <button
+            type="submit"
+            className="h-8 rounded-xl bg-green-400 text-white sm:h-full sm:text-sm"
+          >
+            Submit
+          </button>
+        )}
+      </form>
+      {responseData?.error && (
+        <p className="text-center text-red-500">{responseData.error}</p>
+      )}
+      {streamData.length > 0 && (
+        <div className="mt-4 grid gap-4">
+          {streamData.map((item, index) => {
+            return (
+              <div key={index} className="grid gap-1 overflow-auto text-sm">
+                <p className="flex flex-wrap justify-center text-center text-sky-500">
+                  {item.file}:{item.line}
+                </p>
+                <p className="flex flex-wrap justify-center text-center">
+                  {item.content}
+                </p>
+              </div>
+            )
+          })}
+        </div>
+      )}
+    </>
+  )
+}
+
+export default RepoInput