keyhog_core/
lib.rs

1//! Core types shared across all KeyHog crates.
2//!
3//! Defines the [`Source`] trait for pluggable input backends, [`DetectorSpec`]
4//! for TOML-based pattern definitions, [`Finding`] for scanner output,
5//! [`DedupedMatch`] for grouped findings, and [`Report`] for structured result
6//! formatting.
7
8/// Credential/path allowlist parsing and matching.
9pub mod allowlist;
10pub mod banner;
11/// Configuration system for KeyHog scanning options.
12pub mod config;
13mod dedup;
14mod finding;
15pub mod report;
16mod source;
17mod spec;
18use std::borrow::Cow;
19
20pub mod registry;
21
22pub use allowlist::*;
23pub use config::*;
24pub use dedup::*;
25pub use finding::*;
26pub use report::*;
27pub use source::*;
28pub use spec::*;
29
30// Embedded detectors compiled into the binary at build time.
31// These are used when no external detectors directory is found.
32mod embedded {
33    include!(concat!(env!("OUT_DIR"), "/embedded_detectors.rs"));
34}
35
36/// Load detectors from embedded data (compiled into the binary).
37/// Returns detector TOML strings that can be parsed by the spec loader.
38pub fn embedded_detector_tomls() -> &'static [(&'static str, &'static str)] {
39    embedded::EMBEDDED_DETECTORS
40}
41
42/// Redact a sensitive credential string for safe display.
43pub fn redact(s: &str) -> Cow<'static, str> {
44    let char_count = s.chars().count();
45
46    if char_count <= 8 {
47        return Cow::Borrowed("****");
48    }
49
50    let first_four: String = s.chars().take(4).collect();
51    let last_four: String = s.chars().skip(char_count.saturating_sub(4)).collect();
52
53    Cow::Owned(format!("{}...{}", first_four, last_four))
54}
keyhog_core/lib.rs

keyhog_core/
lib.rs
