Add a script for peeking at secrets
- ID
1f2f88a- date
2024-10-02 22:48:00+00:00- author
Alex Chan <alex@alexwlchan.net>- parent
9f1cf35- message
Add a script for peeking at secrets- changed files
2 files, 40 additions, 1 deletion
Changed files
text/README.md (8652) → text/README.md (9038)
diff --git a/text/README.md b/text/README.md
index 44ee734..31bc97d 100644
--- a/text/README.md
+++ b/text/README.md
@@ -67,6 +67,10 @@ scripts = [
"description": "removes the `list` query parameter from a YouTube URL; I use it with `youtube-dl`",
},
{
+ "usage": "peek < SECRET",
+ "description": "show a few characters of a secret, without printing the whole value in plain text"
+ },
+ {
"name": "pp_xml.sh < [TEXT]",
"description": """
alias for <code>xmllint --format - | pygmentize -l xml</code>, which pretty-prints a blob of XML with coloured syntax highlighting.
@@ -205,6 +209,15 @@ cog_helpers.create_description_table(folder_name=folder_name, scripts=scripts)
</dd>
<dt>
+ <a href="https://github.com/alexwlchan/scripts/blob/main/text/peek">
+ <code>peek < SECRET</code>
+ </a>
+ </dt>
+ <dd>
+ show a few characters of a secret, without printing the whole value in plain text
+ </dd>
+
+ <dt>
<a href="https://github.com/alexwlchan/scripts/blob/main/text/pp_xml.sh">
<code>pp_xml.sh < [TEXT]</code>
</a>
@@ -280,4 +293,4 @@ cog_helpers.create_description_table(folder_name=folder_name, scripts=scripts)
"codepoints. This is a Docker wrapper around <a href="https://github.com/lunasorcery/utf8info">a tool of the same name</a> by @lunasorcery.
</dd>
</dl>
-<!-- [[[end]]] (checksum: 53b60d7b751d2a00cb982810e1a4c682) -->
\ No newline at end of file
+<!-- [[[end]]] (checksum: a84b7f3702442495b6e7efbc28b5107e) -->
\ No newline at end of file
text/peek (0) → text/peek (578)
diff --git a/text/peek b/text/peek
new file mode 100755
index 0000000..064dfa6
--- /dev/null
+++ b/text/peek
@@ -0,0 +1,26 @@
+#!/usr/bin/env python3
+"""
+This is a tiny script I can use to preview secrets on the command line.
+
+It prints the beginning and end of the secret, but not the whole thing --
+this avoids printing secrets in plaintext.
+
+ $ echo "$FLICKR_API_KEY" | peek
+ ae8…f3a
+
+"""
+
+import sys
+
+
+if __name__ == '__main__':
+ secret = sys.stdin.read().strip()
+
+ if not secret:
+ print("<empty>")
+ elif len(secret) < 4:
+ print(f"{secret[0]}…")
+ elif len(secret) < 12:
+ print(f"{secret[:3]}…")
+ else:
+ print(f"{secret[:3]}…{secret[-3:]}")