diff --git a/docs/my-website/docs/providers/anthropic.md b/docs/my-website/docs/providers/anthropic.md index 3b9e679698..e7d3352f97 100644 --- a/docs/my-website/docs/providers/anthropic.md +++ b/docs/my-website/docs/providers/anthropic.md @@ -172,7 +172,7 @@ print(response) |------------------|--------------------------------------------| | claude-3-haiku | `completion('claude-3-haiku-20240307', messages)` | `os.environ['ANTHROPIC_API_KEY']` | | claude-3-opus | `completion('claude-3-opus-20240229', messages)` | `os.environ['ANTHROPIC_API_KEY']` | -| claude-3-5-sonnet | `completion('claude-3-5-sonnet-20240620', messages)` | `os.environ['ANTHROPIC_API_KEY']` | +| claude-3-5-sonnet-20240620 | `completion('claude-3-5-sonnet-20240620', messages)` | `os.environ['ANTHROPIC_API_KEY']` | | claude-3-sonnet | `completion('claude-3-sonnet-20240229', messages)` | `os.environ['ANTHROPIC_API_KEY']` | | claude-2.1 | `completion('claude-2.1', messages)` | `os.environ['ANTHROPIC_API_KEY']` | | claude-2 | `completion('claude-2', messages)` | `os.environ['ANTHROPIC_API_KEY']` | diff --git a/docs/my-website/docs/providers/databricks.md b/docs/my-website/docs/providers/databricks.md index 24c7c40cff..633350d220 100644 --- a/docs/my-website/docs/providers/databricks.md +++ b/docs/my-website/docs/providers/databricks.md @@ -27,7 +27,7 @@ import os os.environ["DATABRICKS_API_KEY"] = "databricks key" os.environ["DATABRICKS_API_BASE"] = "databricks base url" # e.g.: https://adb-3064715882934586.6.azuredatabricks.net/serving-endpoints -# predibase llama-3 call +# Databricks dbrx-instruct call response = completion( model="databricks/databricks-dbrx-instruct", messages = [{ "content": "Hello, how are you?","role": "user"}] @@ -143,13 +143,13 @@ response = completion( model_list: - model_name: llama-3 litellm_params: - model: predibase/llama-3-8b-instruct - api_key: os.environ/PREDIBASE_API_KEY + model: databricks/databricks-meta-llama-3-70b-instruct + api_key: os.environ/DATABRICKS_API_KEY max_tokens: 20 temperature: 0.5 ``` -## Passings Database specific params - 'instruction' +## Passings Databricks specific params - 'instruction' For embedding models, databricks lets you pass in an additional param 'instruction'. [Full Spec](https://github.com/BerriAI/litellm/blob/43353c28b341df0d9992b45c6ce464222ebd7984/litellm/llms/databricks.py#L164) @@ -162,7 +162,7 @@ import os os.environ["DATABRICKS_API_KEY"] = "databricks key" os.environ["DATABRICKS_API_BASE"] = "databricks url" -# predibase llama3 call +# Databricks bge-large-en call response = litellm.embedding( model="databricks/databricks-bge-large-en", input=["good morning from litellm"], @@ -184,7 +184,6 @@ response = litellm.embedding( ## Supported Databricks Chat Completion Models -Here's an example of using a Databricks models with LiteLLM | Model Name | Command | |----------------------------|------------------------------------------------------------------| @@ -196,8 +195,8 @@ Here's an example of using a Databricks models with LiteLLM | databricks-mpt-7b-instruct | `completion(model='databricks/databricks-mpt-7b-instruct', messages=messages)` | ## Supported Databricks Embedding Models -Here's an example of using a databricks models with LiteLLM | Model Name | Command | |----------------------------|------------------------------------------------------------------| -| databricks-bge-large-en | `completion(model='databricks/databricks-bge-large-en', messages=messages)` | +| databricks-bge-large-en | `embedding(model='databricks/databricks-bge-large-en', messages=messages)` | +| databricks-gte-large-en | `embedding(model='databricks/databricks-gte-large-en', messages=messages)` | diff --git a/docs/my-website/docs/providers/openai_compatible.md b/docs/my-website/docs/providers/openai_compatible.md index ff0e857099..f021490246 100644 --- a/docs/my-website/docs/providers/openai_compatible.md +++ b/docs/my-website/docs/providers/openai_compatible.md @@ -115,3 +115,18 @@ Here's how to call an OpenAI-Compatible Endpoint with the LiteLLM Proxy Server + + +### Advanced - Disable System Messages + +Some VLLM models (e.g. gemma) don't support system messages. To map those requests to 'user' messages, use the `supports_system_message` flag. + +```yaml +model_list: +- model_name: my-custom-model + litellm_params: + model: openai/google/gemma + api_base: http://my-custom-base + api_key: "" + supports_system_message: False # 👈 KEY CHANGE +``` \ No newline at end of file diff --git a/docs/my-website/docs/providers/volcano.md b/docs/my-website/docs/providers/volcano.md new file mode 100644 index 0000000000..1742a43d81 --- /dev/null +++ b/docs/my-website/docs/providers/volcano.md @@ -0,0 +1,98 @@ +# Volcano Engine (Volcengine) +https://www.volcengine.com/docs/82379/1263482 + +:::tip + +**We support ALL Volcengine NIM models, just set `model=volcengine/` as a prefix when sending litellm requests** + +::: + +## API Key +```python +# env variable +os.environ['VOLCENGINE_API_KEY'] +``` + +## Sample Usage +```python +from litellm import completion +import os + +os.environ['VOLCENGINE_API_KEY'] = "" +response = completion( + model="volcengine/", + messages=[ + { + "role": "user", + "content": "What's the weather like in Boston today in Fahrenheit?", + } + ], + temperature=0.2, # optional + top_p=0.9, # optional + frequency_penalty=0.1, # optional + presence_penalty=0.1, # optional + max_tokens=10, # optional + stop=["\n\n"], # optional +) +print(response) +``` + +## Sample Usage - Streaming +```python +from litellm import completion +import os + +os.environ['VOLCENGINE_API_KEY'] = "" +response = completion( + model="volcengine/", + messages=[ + { + "role": "user", + "content": "What's the weather like in Boston today in Fahrenheit?", + } + ], + stream=True, + temperature=0.2, # optional + top_p=0.9, # optional + frequency_penalty=0.1, # optional + presence_penalty=0.1, # optional + max_tokens=10, # optional + stop=["\n\n"], # optional +) + +for chunk in response: + print(chunk) +``` + + +## Supported Models - 💥 ALL Volcengine NIM Models Supported! +We support ALL `volcengine` models, just set `volcengine/` as a prefix when sending completion requests + +## Sample Usage - LiteLLM Proxy + +### Config.yaml setting + +```yaml +model_list: + - model_name: volcengine-model + litellm_params: + model: volcengine/ + api_key: os.environ/VOLCENGINE_API_KEY +``` + +### Send Request + +```shell +curl --location 'http://localhost:4000/chat/completions' \ + --header 'Authorization: Bearer sk-1234' \ + --header 'Content-Type: application/json' \ + --data '{ + "model": "volcengine-model", + "messages": [ + { + "role": "user", + "content": "here is my api key. openai_api_key=sk-1234" + } + ] +}' +``` \ No newline at end of file diff --git a/docs/my-website/docs/proxy/configs.md b/docs/my-website/docs/proxy/configs.md index 9381a14a44..80235586c1 100644 --- a/docs/my-website/docs/proxy/configs.md +++ b/docs/my-website/docs/proxy/configs.md @@ -427,7 +427,7 @@ model_list: ```shell $ litellm --config /path/to/config.yaml -``` +``` ## Setting Embedding Models diff --git a/docs/my-website/sidebars.js b/docs/my-website/sidebars.js index 9835a260b3..31bc6abcb7 100644 --- a/docs/my-website/sidebars.js +++ b/docs/my-website/sidebars.js @@ -147,6 +147,7 @@ const sidebars = { "providers/watsonx", "providers/predibase", "providers/nvidia_nim", + "providers/volcano", "providers/triton-inference-server", "providers/ollama", "providers/perplexity", diff --git a/enterprise/enterprise_hooks/secret_detection.py b/enterprise/enterprise_hooks/secret_detection.py index ded9f27c17..d2bd22a5d4 100644 --- a/enterprise/enterprise_hooks/secret_detection.py +++ b/enterprise/enterprise_hooks/secret_detection.py @@ -33,27 +33,429 @@ from litellm._logging import verbose_proxy_logger litellm.set_verbose = True +_custom_plugins_path = "file://" + os.path.join( + os.path.dirname(os.path.abspath(__file__)), "secrets_plugins" +) +print("custom plugins path", _custom_plugins_path) +_default_detect_secrets_config = { + "plugins_used": [ + {"name": "SoftlayerDetector"}, + {"name": "StripeDetector"}, + {"name": "NpmDetector"}, + {"name": "IbmCosHmacDetector"}, + {"name": "DiscordBotTokenDetector"}, + {"name": "BasicAuthDetector"}, + {"name": "AzureStorageKeyDetector"}, + {"name": "ArtifactoryDetector"}, + {"name": "AWSKeyDetector"}, + {"name": "CloudantDetector"}, + {"name": "IbmCloudIamDetector"}, + {"name": "JwtTokenDetector"}, + {"name": "MailchimpDetector"}, + {"name": "SquareOAuthDetector"}, + {"name": "PrivateKeyDetector"}, + {"name": "TwilioKeyDetector"}, + { + "name": "AdafruitKeyDetector", + "path": _custom_plugins_path + "/adafruit.py", + }, + { + "name": "AdobeSecretDetector", + "path": _custom_plugins_path + "/adobe.py", + }, + { + "name": "AgeSecretKeyDetector", + "path": _custom_plugins_path + "/age_secret_key.py", + }, + { + "name": "AirtableApiKeyDetector", + "path": _custom_plugins_path + "/airtable_api_key.py", + }, + { + "name": "AlgoliaApiKeyDetector", + "path": _custom_plugins_path + "/algolia_api_key.py", + }, + { + "name": "AlibabaSecretDetector", + "path": _custom_plugins_path + "/alibaba.py", + }, + { + "name": "AsanaSecretDetector", + "path": _custom_plugins_path + "/asana.py", + }, + { + "name": "AtlassianApiTokenDetector", + "path": _custom_plugins_path + "/atlassian_api_token.py", + }, + { + "name": "AuthressAccessKeyDetector", + "path": _custom_plugins_path + "/authress_access_key.py", + }, + { + "name": "BittrexDetector", + "path": _custom_plugins_path + "/beamer_api_token.py", + }, + { + "name": "BitbucketDetector", + "path": _custom_plugins_path + "/bitbucket.py", + }, + { + "name": "BeamerApiTokenDetector", + "path": _custom_plugins_path + "/bittrex.py", + }, + { + "name": "ClojarsApiTokenDetector", + "path": _custom_plugins_path + "/clojars_api_token.py", + }, + { + "name": "CodecovAccessTokenDetector", + "path": _custom_plugins_path + "/codecov_access_token.py", + }, + { + "name": "CoinbaseAccessTokenDetector", + "path": _custom_plugins_path + "/coinbase_access_token.py", + }, + { + "name": "ConfluentDetector", + "path": _custom_plugins_path + "/confluent.py", + }, + { + "name": "ContentfulApiTokenDetector", + "path": _custom_plugins_path + "/contentful_api_token.py", + }, + { + "name": "DatabricksApiTokenDetector", + "path": _custom_plugins_path + "/databricks_api_token.py", + }, + { + "name": "DatadogAccessTokenDetector", + "path": _custom_plugins_path + "/datadog_access_token.py", + }, + { + "name": "DefinedNetworkingApiTokenDetector", + "path": _custom_plugins_path + "/defined_networking_api_token.py", + }, + { + "name": "DigitaloceanDetector", + "path": _custom_plugins_path + "/digitalocean.py", + }, + { + "name": "DopplerApiTokenDetector", + "path": _custom_plugins_path + "/doppler_api_token.py", + }, + { + "name": "DroneciAccessTokenDetector", + "path": _custom_plugins_path + "/droneci_access_token.py", + }, + { + "name": "DuffelApiTokenDetector", + "path": _custom_plugins_path + "/duffel_api_token.py", + }, + { + "name": "DynatraceApiTokenDetector", + "path": _custom_plugins_path + "/dynatrace_api_token.py", + }, + { + "name": "DiscordDetector", + "path": _custom_plugins_path + "/discord.py", + }, + { + "name": "DropboxDetector", + "path": _custom_plugins_path + "/dropbox.py", + }, + { + "name": "EasyPostDetector", + "path": _custom_plugins_path + "/easypost.py", + }, + { + "name": "EtsyAccessTokenDetector", + "path": _custom_plugins_path + "/etsy_access_token.py", + }, + { + "name": "FacebookAccessTokenDetector", + "path": _custom_plugins_path + "/facebook_access_token.py", + }, + { + "name": "FastlyApiKeyDetector", + "path": _custom_plugins_path + "/fastly_api_token.py", + }, + { + "name": "FinicityDetector", + "path": _custom_plugins_path + "/finicity.py", + }, + { + "name": "FinnhubAccessTokenDetector", + "path": _custom_plugins_path + "/finnhub_access_token.py", + }, + { + "name": "FlickrAccessTokenDetector", + "path": _custom_plugins_path + "/flickr_access_token.py", + }, + { + "name": "FlutterwaveDetector", + "path": _custom_plugins_path + "/flutterwave.py", + }, + { + "name": "FrameIoApiTokenDetector", + "path": _custom_plugins_path + "/frameio_api_token.py", + }, + { + "name": "FreshbooksAccessTokenDetector", + "path": _custom_plugins_path + "/freshbooks_access_token.py", + }, + { + "name": "GCPApiKeyDetector", + "path": _custom_plugins_path + "/gcp_api_key.py", + }, + { + "name": "GitHubTokenCustomDetector", + "path": _custom_plugins_path + "/github_token.py", + }, + { + "name": "GitLabDetector", + "path": _custom_plugins_path + "/gitlab.py", + }, + { + "name": "GitterAccessTokenDetector", + "path": _custom_plugins_path + "/gitter_access_token.py", + }, + { + "name": "GoCardlessApiTokenDetector", + "path": _custom_plugins_path + "/gocardless_api_token.py", + }, + { + "name": "GrafanaDetector", + "path": _custom_plugins_path + "/grafana.py", + }, + { + "name": "HashiCorpTFApiTokenDetector", + "path": _custom_plugins_path + "/hashicorp_tf_api_token.py", + }, + { + "name": "HerokuApiKeyDetector", + "path": _custom_plugins_path + "/heroku_api_key.py", + }, + { + "name": "HubSpotApiTokenDetector", + "path": _custom_plugins_path + "/hubspot_api_key.py", + }, + { + "name": "HuggingFaceDetector", + "path": _custom_plugins_path + "/huggingface.py", + }, + { + "name": "IntercomApiTokenDetector", + "path": _custom_plugins_path + "/intercom_api_key.py", + }, + { + "name": "JFrogDetector", + "path": _custom_plugins_path + "/jfrog.py", + }, + { + "name": "JWTBase64Detector", + "path": _custom_plugins_path + "/jwt.py", + }, + { + "name": "KrakenAccessTokenDetector", + "path": _custom_plugins_path + "/kraken_access_token.py", + }, + { + "name": "KucoinDetector", + "path": _custom_plugins_path + "/kucoin.py", + }, + { + "name": "LaunchdarklyAccessTokenDetector", + "path": _custom_plugins_path + "/launchdarkly_access_token.py", + }, + { + "name": "LinearDetector", + "path": _custom_plugins_path + "/linear.py", + }, + { + "name": "LinkedInDetector", + "path": _custom_plugins_path + "/linkedin.py", + }, + { + "name": "LobDetector", + "path": _custom_plugins_path + "/lob.py", + }, + { + "name": "MailgunDetector", + "path": _custom_plugins_path + "/mailgun.py", + }, + { + "name": "MapBoxApiTokenDetector", + "path": _custom_plugins_path + "/mapbox_api_token.py", + }, + { + "name": "MattermostAccessTokenDetector", + "path": _custom_plugins_path + "/mattermost_access_token.py", + }, + { + "name": "MessageBirdDetector", + "path": _custom_plugins_path + "/messagebird.py", + }, + { + "name": "MicrosoftTeamsWebhookDetector", + "path": _custom_plugins_path + "/microsoft_teams_webhook.py", + }, + { + "name": "NetlifyAccessTokenDetector", + "path": _custom_plugins_path + "/netlify_access_token.py", + }, + { + "name": "NewRelicDetector", + "path": _custom_plugins_path + "/new_relic.py", + }, + { + "name": "NYTimesAccessTokenDetector", + "path": _custom_plugins_path + "/nytimes_access_token.py", + }, + { + "name": "OktaAccessTokenDetector", + "path": _custom_plugins_path + "/okta_access_token.py", + }, + { + "name": "OpenAIApiKeyDetector", + "path": _custom_plugins_path + "/openai_api_key.py", + }, + { + "name": "PlanetScaleDetector", + "path": _custom_plugins_path + "/planetscale.py", + }, + { + "name": "PostmanApiTokenDetector", + "path": _custom_plugins_path + "/postman_api_token.py", + }, + { + "name": "PrefectApiTokenDetector", + "path": _custom_plugins_path + "/prefect_api_token.py", + }, + { + "name": "PulumiApiTokenDetector", + "path": _custom_plugins_path + "/pulumi_api_token.py", + }, + { + "name": "PyPiUploadTokenDetector", + "path": _custom_plugins_path + "/pypi_upload_token.py", + }, + { + "name": "RapidApiAccessTokenDetector", + "path": _custom_plugins_path + "/rapidapi_access_token.py", + }, + { + "name": "ReadmeApiTokenDetector", + "path": _custom_plugins_path + "/readme_api_token.py", + }, + { + "name": "RubygemsApiTokenDetector", + "path": _custom_plugins_path + "/rubygems_api_token.py", + }, + { + "name": "ScalingoApiTokenDetector", + "path": _custom_plugins_path + "/scalingo_api_token.py", + }, + { + "name": "SendbirdDetector", + "path": _custom_plugins_path + "/sendbird.py", + }, + { + "name": "SendGridApiTokenDetector", + "path": _custom_plugins_path + "/sendgrid_api_token.py", + }, + { + "name": "SendinBlueApiTokenDetector", + "path": _custom_plugins_path + "/sendinblue_api_token.py", + }, + { + "name": "SentryAccessTokenDetector", + "path": _custom_plugins_path + "/sentry_access_token.py", + }, + { + "name": "ShippoApiTokenDetector", + "path": _custom_plugins_path + "/shippo_api_token.py", + }, + { + "name": "ShopifyDetector", + "path": _custom_plugins_path + "/shopify.py", + }, + { + "name": "SlackDetector", + "path": _custom_plugins_path + "/slack.py", + }, + { + "name": "SnykApiTokenDetector", + "path": _custom_plugins_path + "/snyk_api_token.py", + }, + { + "name": "SquarespaceAccessTokenDetector", + "path": _custom_plugins_path + "/squarespace_access_token.py", + }, + { + "name": "SumoLogicDetector", + "path": _custom_plugins_path + "/sumologic.py", + }, + { + "name": "TelegramBotApiTokenDetector", + "path": _custom_plugins_path + "/telegram_bot_api_token.py", + }, + { + "name": "TravisCiAccessTokenDetector", + "path": _custom_plugins_path + "/travisci_access_token.py", + }, + { + "name": "TwitchApiTokenDetector", + "path": _custom_plugins_path + "/twitch_api_token.py", + }, + { + "name": "TwitterDetector", + "path": _custom_plugins_path + "/twitter.py", + }, + { + "name": "TypeformApiTokenDetector", + "path": _custom_plugins_path + "/typeform_api_token.py", + }, + { + "name": "VaultDetector", + "path": _custom_plugins_path + "/vault.py", + }, + { + "name": "YandexDetector", + "path": _custom_plugins_path + "/yandex.py", + }, + { + "name": "ZendeskSecretKeyDetector", + "path": _custom_plugins_path + "/zendesk_secret_key.py", + }, + {"name": "Base64HighEntropyString", "limit": 3.0}, + {"name": "HexHighEntropyString", "limit": 3.0}, + ] +} + + class _ENTERPRISE_SecretDetection(CustomLogger): def __init__(self): pass def scan_message_for_secrets(self, message_content: str): from detect_secrets import SecretsCollection - from detect_secrets.settings import default_settings + from detect_secrets.settings import transient_settings temp_file = tempfile.NamedTemporaryFile(delete=False) temp_file.write(message_content.encode("utf-8")) temp_file.close() secrets = SecretsCollection() - with default_settings(): + with transient_settings(_default_detect_secrets_config): secrets.scan_file(temp_file.name) os.remove(temp_file.name) detected_secrets = [] for file in secrets.files: + for found_secret in secrets[file]: + if found_secret.secret_value is None: continue detected_secrets.append( @@ -76,6 +478,7 @@ class _ENTERPRISE_SecretDetection(CustomLogger): if "messages" in data and isinstance(data["messages"], list): for message in data["messages"]: if "content" in message and isinstance(message["content"], str): + detected_secrets = self.scan_message_for_secrets(message["content"]) for secret in detected_secrets: diff --git a/enterprise/enterprise_hooks/secrets_plugins/__init__.py b/enterprise/enterprise_hooks/secrets_plugins/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/enterprise/enterprise_hooks/secrets_plugins/adafruit.py b/enterprise/enterprise_hooks/secrets_plugins/adafruit.py new file mode 100644 index 0000000000..abee3398f3 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/adafruit.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Adafruit keys +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class AdafruitKeyDetector(RegexBasedDetector): + """Scans for Adafruit keys.""" + + @property + def secret_type(self) -> str: + return "Adafruit API Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/adobe.py b/enterprise/enterprise_hooks/secrets_plugins/adobe.py new file mode 100644 index 0000000000..7a58ccdf90 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/adobe.py @@ -0,0 +1,26 @@ +""" +This plugin searches for Adobe keys +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class AdobeSecretDetector(RegexBasedDetector): + """Scans for Adobe client keys.""" + + @property + def secret_type(self) -> str: + return "Adobe Client Keys" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Adobe Client ID (OAuth Web) + re.compile( + r"""(?i)(?:adobe)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Adobe Client Secret + re.compile(r"(?i)\b((p8e-)[a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)"), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/age_secret_key.py b/enterprise/enterprise_hooks/secrets_plugins/age_secret_key.py new file mode 100644 index 0000000000..2c0c179102 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/age_secret_key.py @@ -0,0 +1,21 @@ +""" +This plugin searches for Age secret keys +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class AgeSecretKeyDetector(RegexBasedDetector): + """Scans for Age secret keys.""" + + @property + def secret_type(self) -> str: + return "Age Secret Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile(r"""AGE-SECRET-KEY-1[QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L]{58}"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/airtable_api_key.py b/enterprise/enterprise_hooks/secrets_plugins/airtable_api_key.py new file mode 100644 index 0000000000..8abf4f6e44 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/airtable_api_key.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Airtable API keys +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class AirtableApiKeyDetector(RegexBasedDetector): + """Scans for Airtable API keys.""" + + @property + def secret_type(self) -> str: + return "Airtable API Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:airtable)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/algolia_api_key.py b/enterprise/enterprise_hooks/secrets_plugins/algolia_api_key.py new file mode 100644 index 0000000000..cd6c16a8c0 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/algolia_api_key.py @@ -0,0 +1,21 @@ +""" +This plugin searches for Algolia API keys +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class AlgoliaApiKeyDetector(RegexBasedDetector): + """Scans for Algolia API keys.""" + + @property + def secret_type(self) -> str: + return "Algolia API Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile(r"""(?i)\b((LTAI)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/alibaba.py b/enterprise/enterprise_hooks/secrets_plugins/alibaba.py new file mode 100644 index 0000000000..5d071f1a9b --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/alibaba.py @@ -0,0 +1,26 @@ +""" +This plugin searches for Alibaba secrets +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class AlibabaSecretDetector(RegexBasedDetector): + """Scans for Alibaba AccessKey IDs and Secret Keys.""" + + @property + def secret_type(self) -> str: + return "Alibaba Secrets" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Alibaba AccessKey ID + re.compile(r"""(?i)\b((LTAI)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)"""), + # For Alibaba Secret Key + re.compile( + r"""(?i)(?:alibaba)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/asana.py b/enterprise/enterprise_hooks/secrets_plugins/asana.py new file mode 100644 index 0000000000..fd96872c63 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/asana.py @@ -0,0 +1,28 @@ +""" +This plugin searches for Asana secrets +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class AsanaSecretDetector(RegexBasedDetector): + """Scans for Asana Client IDs and Client Secrets.""" + + @property + def secret_type(self) -> str: + return "Asana Secrets" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Asana Client ID + re.compile( + r"""(?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # For Asana Client Secret + re.compile( + r"""(?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/atlassian_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/atlassian_api_token.py new file mode 100644 index 0000000000..42fd291ff4 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/atlassian_api_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Atlassian API tokens +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class AtlassianApiTokenDetector(RegexBasedDetector): + """Scans for Atlassian API tokens.""" + + @property + def secret_type(self) -> str: + return "Atlassian API token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Atlassian API token + re.compile( + r"""(?i)(?:atlassian|confluence|jira)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/authress_access_key.py b/enterprise/enterprise_hooks/secrets_plugins/authress_access_key.py new file mode 100644 index 0000000000..ff7466fc44 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/authress_access_key.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Authress Service Client Access Keys +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class AuthressAccessKeyDetector(RegexBasedDetector): + """Scans for Authress Service Client Access Keys.""" + + @property + def secret_type(self) -> str: + return "Authress Service Client Access Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Authress Service Client Access Key + re.compile( + r"""(?i)\b((?:sc|ext|scauth|authress)_[a-z0-9]{5,30}\.[a-z0-9]{4,6}\.acc[_-][a-z0-9-]{10,32}\.[a-z0-9+/_=-]{30,120})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/beamer_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/beamer_api_token.py new file mode 100644 index 0000000000..5303e6262f --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/beamer_api_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Beamer API tokens +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class BeamerApiTokenDetector(RegexBasedDetector): + """Scans for Beamer API tokens.""" + + @property + def secret_type(self) -> str: + return "Beamer API token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Beamer API token + re.compile( + r"""(?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/bitbucket.py b/enterprise/enterprise_hooks/secrets_plugins/bitbucket.py new file mode 100644 index 0000000000..aae28dcc7d --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/bitbucket.py @@ -0,0 +1,28 @@ +""" +This plugin searches for Bitbucket Client ID and Client Secret +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class BitbucketDetector(RegexBasedDetector): + """Scans for Bitbucket Client ID and Client Secret.""" + + @property + def secret_type(self) -> str: + return "Bitbucket Secrets" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Bitbucket Client ID + re.compile( + r"""(?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # For Bitbucket Client Secret + re.compile( + r"""(?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/bittrex.py b/enterprise/enterprise_hooks/secrets_plugins/bittrex.py new file mode 100644 index 0000000000..e8bd3347bb --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/bittrex.py @@ -0,0 +1,28 @@ +""" +This plugin searches for Bittrex Access Key and Secret Key +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class BittrexDetector(RegexBasedDetector): + """Scans for Bittrex Access Key and Secret Key.""" + + @property + def secret_type(self) -> str: + return "Bittrex Secrets" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Bittrex Access Key + re.compile( + r"""(?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # For Bittrex Secret Key + re.compile( + r"""(?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/clojars_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/clojars_api_token.py new file mode 100644 index 0000000000..6eb41ec4bb --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/clojars_api_token.py @@ -0,0 +1,22 @@ +""" +This plugin searches for Clojars API tokens +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class ClojarsApiTokenDetector(RegexBasedDetector): + """Scans for Clojars API tokens.""" + + @property + def secret_type(self) -> str: + return "Clojars API token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Clojars API token + re.compile(r"(?i)(CLOJARS_)[a-z0-9]{60}"), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/codecov_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/codecov_access_token.py new file mode 100644 index 0000000000..51001675f0 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/codecov_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Codecov Access Token +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class CodecovAccessTokenDetector(RegexBasedDetector): + """Scans for Codecov Access Token.""" + + @property + def secret_type(self) -> str: + return "Codecov Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Codecov Access Token + re.compile( + r"""(?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/coinbase_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/coinbase_access_token.py new file mode 100644 index 0000000000..0af631be99 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/coinbase_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Coinbase Access Token +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class CoinbaseAccessTokenDetector(RegexBasedDetector): + """Scans for Coinbase Access Token.""" + + @property + def secret_type(self) -> str: + return "Coinbase Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Coinbase Access Token + re.compile( + r"""(?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/confluent.py b/enterprise/enterprise_hooks/secrets_plugins/confluent.py new file mode 100644 index 0000000000..aefbd42b94 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/confluent.py @@ -0,0 +1,28 @@ +""" +This plugin searches for Confluent Access Token and Confluent Secret Key +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class ConfluentDetector(RegexBasedDetector): + """Scans for Confluent Access Token and Confluent Secret Key.""" + + @property + def secret_type(self) -> str: + return "Confluent Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # For Confluent Access Token + re.compile( + r"""(?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # For Confluent Secret Key + re.compile( + r"""(?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/contentful_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/contentful_api_token.py new file mode 100644 index 0000000000..33817dc4d8 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/contentful_api_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Contentful delivery API token. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class ContentfulApiTokenDetector(RegexBasedDetector): + """Scans for Contentful delivery API token.""" + + @property + def secret_type(self) -> str: + return "Contentful API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:contentful)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/databricks_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/databricks_api_token.py new file mode 100644 index 0000000000..9e47355b1c --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/databricks_api_token.py @@ -0,0 +1,21 @@ +""" +This plugin searches for Databricks API token. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class DatabricksApiTokenDetector(RegexBasedDetector): + """Scans for Databricks API token.""" + + @property + def secret_type(self) -> str: + return "Databricks API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile(r"""(?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/datadog_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/datadog_access_token.py new file mode 100644 index 0000000000..bdb430d9bc --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/datadog_access_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Datadog Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class DatadogAccessTokenDetector(RegexBasedDetector): + """Scans for Datadog Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Datadog Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/defined_networking_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/defined_networking_api_token.py new file mode 100644 index 0000000000..b23cdb4543 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/defined_networking_api_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Defined Networking API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class DefinedNetworkingApiTokenDetector(RegexBasedDetector): + """Scans for Defined Networking API Tokens.""" + + @property + def secret_type(self) -> str: + return "Defined Networking API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:dnkey)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(dnkey-[a-z0-9=_\-]{26}-[a-z0-9=_\-]{52})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/digitalocean.py b/enterprise/enterprise_hooks/secrets_plugins/digitalocean.py new file mode 100644 index 0000000000..5ffc4f600e --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/digitalocean.py @@ -0,0 +1,26 @@ +""" +This plugin searches for DigitalOcean tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class DigitaloceanDetector(RegexBasedDetector): + """Scans for various DigitalOcean Tokens.""" + + @property + def secret_type(self) -> str: + return "DigitalOcean Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # OAuth Access Token + re.compile(r"""(?i)\b(doo_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)"""), + # Personal Access Token + re.compile(r"""(?i)\b(dop_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)"""), + # OAuth Refresh Token + re.compile(r"""(?i)\b(dor_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/discord.py b/enterprise/enterprise_hooks/secrets_plugins/discord.py new file mode 100644 index 0000000000..c51406b606 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/discord.py @@ -0,0 +1,32 @@ +""" +This plugin searches for Discord Client tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class DiscordDetector(RegexBasedDetector): + """Scans for various Discord Client Tokens.""" + + @property + def secret_type(self) -> str: + return "Discord Client Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Discord API key + re.compile( + r"""(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Discord client ID + re.compile( + r"""(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Discord client secret + re.compile( + r"""(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/doppler_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/doppler_api_token.py new file mode 100644 index 0000000000..56c594fc1f --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/doppler_api_token.py @@ -0,0 +1,22 @@ +""" +This plugin searches for Doppler API tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class DopplerApiTokenDetector(RegexBasedDetector): + """Scans for Doppler API Tokens.""" + + @property + def secret_type(self) -> str: + return "Doppler API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Doppler API token + re.compile(r"""(?i)dp\.pt\.[a-z0-9]{43}"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/droneci_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/droneci_access_token.py new file mode 100644 index 0000000000..8afffb8026 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/droneci_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Droneci Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class DroneciAccessTokenDetector(RegexBasedDetector): + """Scans for Droneci Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Droneci Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Droneci Access Token + re.compile( + r"""(?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/dropbox.py b/enterprise/enterprise_hooks/secrets_plugins/dropbox.py new file mode 100644 index 0000000000..b19815b26d --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/dropbox.py @@ -0,0 +1,32 @@ +""" +This plugin searches for Dropbox tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class DropboxDetector(RegexBasedDetector): + """Scans for various Dropbox Tokens.""" + + @property + def secret_type(self) -> str: + return "Dropbox Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Dropbox API secret + re.compile( + r"""(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Dropbox long-lived API token + re.compile( + r"""(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Dropbox short-lived API token + re.compile( + r"""(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/duffel_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/duffel_api_token.py new file mode 100644 index 0000000000..aab681598c --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/duffel_api_token.py @@ -0,0 +1,22 @@ +""" +This plugin searches for Duffel API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class DuffelApiTokenDetector(RegexBasedDetector): + """Scans for Duffel API Tokens.""" + + @property + def secret_type(self) -> str: + return "Duffel API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Duffel API Token + re.compile(r"""(?i)duffel_(test|live)_[a-z0-9_\-=]{43}"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/dynatrace_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/dynatrace_api_token.py new file mode 100644 index 0000000000..caf7dd7197 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/dynatrace_api_token.py @@ -0,0 +1,22 @@ +""" +This plugin searches for Dynatrace API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class DynatraceApiTokenDetector(RegexBasedDetector): + """Scans for Dynatrace API Tokens.""" + + @property + def secret_type(self) -> str: + return "Dynatrace API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Dynatrace API Token + re.compile(r"""(?i)dt0c01\.[a-z0-9]{24}\.[a-z0-9]{64}"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/easypost.py b/enterprise/enterprise_hooks/secrets_plugins/easypost.py new file mode 100644 index 0000000000..73d27cb491 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/easypost.py @@ -0,0 +1,24 @@ +""" +This plugin searches for EasyPost tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class EasyPostDetector(RegexBasedDetector): + """Scans for various EasyPost Tokens.""" + + @property + def secret_type(self) -> str: + return "EasyPost Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # EasyPost API token + re.compile(r"""(?i)\bEZAK[a-z0-9]{54}"""), + # EasyPost test API token + re.compile(r"""(?i)\bEZTK[a-z0-9]{54}"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/etsy_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/etsy_access_token.py new file mode 100644 index 0000000000..1775a4b41d --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/etsy_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Etsy Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class EtsyAccessTokenDetector(RegexBasedDetector): + """Scans for Etsy Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Etsy Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Etsy Access Token + re.compile( + r"""(?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/facebook_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/facebook_access_token.py new file mode 100644 index 0000000000..edc7d080c6 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/facebook_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Facebook Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class FacebookAccessTokenDetector(RegexBasedDetector): + """Scans for Facebook Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Facebook Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Facebook Access Token + re.compile( + r"""(?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/fastly_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/fastly_api_token.py new file mode 100644 index 0000000000..4d451cb746 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/fastly_api_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Fastly API keys. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class FastlyApiKeyDetector(RegexBasedDetector): + """Scans for Fastly API keys.""" + + @property + def secret_type(self) -> str: + return "Fastly API Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Fastly API key + re.compile( + r"""(?i)(?:fastly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/finicity.py b/enterprise/enterprise_hooks/secrets_plugins/finicity.py new file mode 100644 index 0000000000..97414352fc --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/finicity.py @@ -0,0 +1,28 @@ +""" +This plugin searches for Finicity API tokens and Client Secrets. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class FinicityDetector(RegexBasedDetector): + """Scans for Finicity API tokens and Client Secrets.""" + + @property + def secret_type(self) -> str: + return "Finicity Credentials" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Finicity API token + re.compile( + r"""(?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Finicity Client Secret + re.compile( + r"""(?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/finnhub_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/finnhub_access_token.py new file mode 100644 index 0000000000..eeb09682b0 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/finnhub_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Finnhub Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class FinnhubAccessTokenDetector(RegexBasedDetector): + """Scans for Finnhub Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Finnhub Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Finnhub Access Token + re.compile( + r"""(?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/flickr_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/flickr_access_token.py new file mode 100644 index 0000000000..530628547b --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/flickr_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Flickr Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class FlickrAccessTokenDetector(RegexBasedDetector): + """Scans for Flickr Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Flickr Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Flickr Access Token + re.compile( + r"""(?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/flutterwave.py b/enterprise/enterprise_hooks/secrets_plugins/flutterwave.py new file mode 100644 index 0000000000..fc46ba2222 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/flutterwave.py @@ -0,0 +1,26 @@ +""" +This plugin searches for Flutterwave API keys. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class FlutterwaveDetector(RegexBasedDetector): + """Scans for Flutterwave API Keys.""" + + @property + def secret_type(self) -> str: + return "Flutterwave API Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Flutterwave Encryption Key + re.compile(r"""(?i)FLWSECK_TEST-[a-h0-9]{12}"""), + # Flutterwave Public Key + re.compile(r"""(?i)FLWPUBK_TEST-[a-h0-9]{32}-X"""), + # Flutterwave Secret Key + re.compile(r"""(?i)FLWSECK_TEST-[a-h0-9]{32}-X"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/frameio_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/frameio_api_token.py new file mode 100644 index 0000000000..9524e873d4 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/frameio_api_token.py @@ -0,0 +1,22 @@ +""" +This plugin searches for Frame.io API tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class FrameIoApiTokenDetector(RegexBasedDetector): + """Scans for Frame.io API Tokens.""" + + @property + def secret_type(self) -> str: + return "Frame.io API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Frame.io API token + re.compile(r"""(?i)fio-u-[a-z0-9\-_=]{64}"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/freshbooks_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/freshbooks_access_token.py new file mode 100644 index 0000000000..b6b16e2b83 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/freshbooks_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Freshbooks Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class FreshbooksAccessTokenDetector(RegexBasedDetector): + """Scans for Freshbooks Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Freshbooks Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Freshbooks Access Token + re.compile( + r"""(?i)(?:freshbooks)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/gcp_api_key.py b/enterprise/enterprise_hooks/secrets_plugins/gcp_api_key.py new file mode 100644 index 0000000000..6055cc2622 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/gcp_api_key.py @@ -0,0 +1,24 @@ +""" +This plugin searches for GCP API keys. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class GCPApiKeyDetector(RegexBasedDetector): + """Scans for GCP API keys.""" + + @property + def secret_type(self) -> str: + return "GCP API Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # GCP API Key + re.compile( + r"""(?i)\b(AIza[0-9A-Za-z\\-_]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/github_token.py b/enterprise/enterprise_hooks/secrets_plugins/github_token.py new file mode 100644 index 0000000000..acb5e3fc76 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/github_token.py @@ -0,0 +1,26 @@ +""" +This plugin searches for GitHub tokens +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class GitHubTokenCustomDetector(RegexBasedDetector): + """Scans for GitHub tokens.""" + + @property + def secret_type(self) -> str: + return "GitHub Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # GitHub App/Personal Access/OAuth Access/Refresh Token + # ref. https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/ + re.compile(r"(?:ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9_]{36}"), + # GitHub Fine-Grained Personal Access Token + re.compile(r"github_pat_[0-9a-zA-Z_]{82}"), + re.compile(r"gho_[0-9a-zA-Z]{36}"), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/gitlab.py b/enterprise/enterprise_hooks/secrets_plugins/gitlab.py new file mode 100644 index 0000000000..2277d8a2d3 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/gitlab.py @@ -0,0 +1,26 @@ +""" +This plugin searches for GitLab secrets. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class GitLabDetector(RegexBasedDetector): + """Scans for GitLab Secrets.""" + + @property + def secret_type(self) -> str: + return "GitLab Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # GitLab Personal Access Token + re.compile(r"""glpat-[0-9a-zA-Z\-\_]{20}"""), + # GitLab Pipeline Trigger Token + re.compile(r"""glptt-[0-9a-f]{40}"""), + # GitLab Runner Registration Token + re.compile(r"""GR1348941[0-9a-zA-Z\-\_]{20}"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/gitter_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/gitter_access_token.py new file mode 100644 index 0000000000..1febe70cb9 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/gitter_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Gitter Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class GitterAccessTokenDetector(RegexBasedDetector): + """Scans for Gitter Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Gitter Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Gitter Access Token + re.compile( + r"""(?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/gocardless_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/gocardless_api_token.py new file mode 100644 index 0000000000..240f6e4c58 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/gocardless_api_token.py @@ -0,0 +1,25 @@ +""" +This plugin searches for GoCardless API tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class GoCardlessApiTokenDetector(RegexBasedDetector): + """Scans for GoCardless API Tokens.""" + + @property + def secret_type(self) -> str: + return "GoCardless API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # GoCardless API token + re.compile( + r"""(?:gocardless)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(live_[a-z0-9\-_=]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)""", + re.IGNORECASE, + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/grafana.py b/enterprise/enterprise_hooks/secrets_plugins/grafana.py new file mode 100644 index 0000000000..fd37f0f639 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/grafana.py @@ -0,0 +1,32 @@ +""" +This plugin searches for Grafana secrets. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class GrafanaDetector(RegexBasedDetector): + """Scans for Grafana Secrets.""" + + @property + def secret_type(self) -> str: + return "Grafana Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Grafana API key or Grafana Cloud API key + re.compile( + r"""(?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Grafana Cloud API token + re.compile( + r"""(?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Grafana Service Account token + re.compile( + r"""(?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/hashicorp_tf_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/hashicorp_tf_api_token.py new file mode 100644 index 0000000000..97013fd846 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/hashicorp_tf_api_token.py @@ -0,0 +1,22 @@ +""" +This plugin searches for HashiCorp Terraform user/org API tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class HashiCorpTFApiTokenDetector(RegexBasedDetector): + """Scans for HashiCorp Terraform User/Org API Tokens.""" + + @property + def secret_type(self) -> str: + return "HashiCorp Terraform API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # HashiCorp Terraform user/org API token + re.compile(r"""(?i)[a-z0-9]{14}\.atlasv1\.[a-z0-9\-_=]{60,70}"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/heroku_api_key.py b/enterprise/enterprise_hooks/secrets_plugins/heroku_api_key.py new file mode 100644 index 0000000000..53be8aa486 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/heroku_api_key.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Heroku API Keys. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class HerokuApiKeyDetector(RegexBasedDetector): + """Scans for Heroku API Keys.""" + + @property + def secret_type(self) -> str: + return "Heroku API Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:heroku)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/hubspot_api_key.py b/enterprise/enterprise_hooks/secrets_plugins/hubspot_api_key.py new file mode 100644 index 0000000000..230ef659ba --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/hubspot_api_key.py @@ -0,0 +1,24 @@ +""" +This plugin searches for HubSpot API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class HubSpotApiTokenDetector(RegexBasedDetector): + """Scans for HubSpot API Tokens.""" + + @property + def secret_type(self) -> str: + return "HubSpot API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # HubSpot API Token + re.compile( + r"""(?i)(?:hubspot)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/huggingface.py b/enterprise/enterprise_hooks/secrets_plugins/huggingface.py new file mode 100644 index 0000000000..be83a3a0d5 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/huggingface.py @@ -0,0 +1,26 @@ +""" +This plugin searches for Hugging Face Access and Organization API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class HuggingFaceDetector(RegexBasedDetector): + """Scans for Hugging Face Tokens.""" + + @property + def secret_type(self) -> str: + return "Hugging Face Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Hugging Face Access token + re.compile(r"""(?:^|[\\'"` >=:])(hf_[a-zA-Z]{34})(?:$|[\\'"` <])"""), + # Hugging Face Organization API token + re.compile( + r"""(?:^|[\\'"` >=:\(,)])(api_org_[a-zA-Z]{34})(?:$|[\\'"` <\),])""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/intercom_api_key.py b/enterprise/enterprise_hooks/secrets_plugins/intercom_api_key.py new file mode 100644 index 0000000000..24e16fc73a --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/intercom_api_key.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Intercom API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class IntercomApiTokenDetector(RegexBasedDetector): + """Scans for Intercom API Tokens.""" + + @property + def secret_type(self) -> str: + return "Intercom API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:intercom)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{60})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/jfrog.py b/enterprise/enterprise_hooks/secrets_plugins/jfrog.py new file mode 100644 index 0000000000..3eabbfe3a4 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/jfrog.py @@ -0,0 +1,28 @@ +""" +This plugin searches for JFrog-related secrets like API Key and Identity Token. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class JFrogDetector(RegexBasedDetector): + """Scans for JFrog-related secrets.""" + + @property + def secret_type(self) -> str: + return "JFrog Secrets" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # JFrog API Key + re.compile( + r"""(?i)(?:jfrog|artifactory|bintray|xray)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{73})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # JFrog Identity Token + re.compile( + r"""(?i)(?:jfrog|artifactory|bintray|xray)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/jwt.py b/enterprise/enterprise_hooks/secrets_plugins/jwt.py new file mode 100644 index 0000000000..6658a09502 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/jwt.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Base64-encoded JSON Web Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class JWTBase64Detector(RegexBasedDetector): + """Scans for Base64-encoded JSON Web Tokens.""" + + @property + def secret_type(self) -> str: + return "Base64-encoded JSON Web Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Base64-encoded JSON Web Token + re.compile( + r"""\bZXlK(?:(?PaGJHY2lPaU)|(?PaGNIVWlPaU)|(?PaGNIWWlPaU)|(?PaGRXUWlPaU)|(?PaU5qUWlP)|(?PamNtbDBJanBi)|(?PamRIa2lPaU)|(?PbGNHc2lPbn)|(?PbGJtTWlPaU)|(?PcWEzVWlPaU)|(?PcWQyc2lPb)|(?PcGMzTWlPaU)|(?PcGRpSTZJ)|(?PcmFXUWlP)|(?PclpYbGZiM0J6SWpwY)|(?PcmRIa2lPaUp)|(?PdWIyNWpaU0k2)|(?Pd01tTWlP)|(?Pd01uTWlPaU)|(?Pd2NIUWlPaU)|(?PemRXSWlPaU)|(?PemRuUWlP)|(?PMFlXY2lPaU)|(?PMGVYQWlPaUp)|(?PMWNtd2l)|(?PMWMyVWlPaUp)|(?PMlpYSWlPaU)|(?PMlpYSnphVzl1SWpv)|(?PNElqb2)|(?PNE5XTWlP)|(?PNE5YUWlPaU)|(?PNE5YUWpVekkxTmlJNkl)|(?PNE5YVWlPaU)|(?PNmFYQWlPaU))[a-zA-Z0-9\/\\_+\-\r\n]{40,}={0,2}""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/kraken_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/kraken_access_token.py new file mode 100644 index 0000000000..cb7357cfd9 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/kraken_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Kraken Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class KrakenAccessTokenDetector(RegexBasedDetector): + """Scans for Kraken Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Kraken Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Kraken Access Token + re.compile( + r"""(?i)(?:kraken)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9\/=_\+\-]{80,90})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/kucoin.py b/enterprise/enterprise_hooks/secrets_plugins/kucoin.py new file mode 100644 index 0000000000..02e990bd8b --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/kucoin.py @@ -0,0 +1,28 @@ +""" +This plugin searches for Kucoin Access Tokens and Secret Keys. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class KucoinDetector(RegexBasedDetector): + """Scans for Kucoin Access Tokens and Secret Keys.""" + + @property + def secret_type(self) -> str: + return "Kucoin Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Kucoin Access Token + re.compile( + r"""(?i)(?:kucoin)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Kucoin Secret Key + re.compile( + r"""(?i)(?:kucoin)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/launchdarkly_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/launchdarkly_access_token.py new file mode 100644 index 0000000000..9779909847 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/launchdarkly_access_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Launchdarkly Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class LaunchdarklyAccessTokenDetector(RegexBasedDetector): + """Scans for Launchdarkly Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Launchdarkly Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:launchdarkly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/linear.py b/enterprise/enterprise_hooks/secrets_plugins/linear.py new file mode 100644 index 0000000000..1224b5ec46 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/linear.py @@ -0,0 +1,26 @@ +""" +This plugin searches for Linear API Tokens and Linear Client Secrets. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class LinearDetector(RegexBasedDetector): + """Scans for Linear secrets.""" + + @property + def secret_type(self) -> str: + return "Linear Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Linear API Token + re.compile(r"""(?i)lin_api_[a-z0-9]{40}"""), + # Linear Client Secret + re.compile( + r"""(?i)(?:linear)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/linkedin.py b/enterprise/enterprise_hooks/secrets_plugins/linkedin.py new file mode 100644 index 0000000000..53ff0c30aa --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/linkedin.py @@ -0,0 +1,28 @@ +""" +This plugin searches for LinkedIn Client IDs and LinkedIn Client secrets. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class LinkedInDetector(RegexBasedDetector): + """Scans for LinkedIn secrets.""" + + @property + def secret_type(self) -> str: + return "LinkedIn Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # LinkedIn Client ID + re.compile( + r"""(?i)(?:linkedin|linked-in)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # LinkedIn Client secret + re.compile( + r"""(?i)(?:linkedin|linked-in)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/lob.py b/enterprise/enterprise_hooks/secrets_plugins/lob.py new file mode 100644 index 0000000000..623ac4f1f9 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/lob.py @@ -0,0 +1,28 @@ +""" +This plugin searches for Lob API secrets and Lob Publishable API keys. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class LobDetector(RegexBasedDetector): + """Scans for Lob secrets.""" + + @property + def secret_type(self) -> str: + return "Lob Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Lob API Key + re.compile( + r"""(?i)(?:lob)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}((live|test)_[a-f0-9]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Lob Publishable API Key + re.compile( + r"""(?i)(?:lob)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}((test|live)_pub_[a-f0-9]{31})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/mailgun.py b/enterprise/enterprise_hooks/secrets_plugins/mailgun.py new file mode 100644 index 0000000000..c403d24546 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/mailgun.py @@ -0,0 +1,32 @@ +""" +This plugin searches for Mailgun API secrets, public validation keys, and webhook signing keys. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class MailgunDetector(RegexBasedDetector): + """Scans for Mailgun secrets.""" + + @property + def secret_type(self) -> str: + return "Mailgun Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Mailgun Private API Token + re.compile( + r"""(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(key-[a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Mailgun Public Validation Key + re.compile( + r"""(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(pubkey-[a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Mailgun Webhook Signing Key + re.compile( + r"""(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-h0-9]{32}-[a-h0-9]{8}-[a-h0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/mapbox_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/mapbox_api_token.py new file mode 100644 index 0000000000..0326b7102a --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/mapbox_api_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for MapBox API tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class MapBoxApiTokenDetector(RegexBasedDetector): + """Scans for MapBox API tokens.""" + + @property + def secret_type(self) -> str: + return "MapBox API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # MapBox API Token + re.compile( + r"""(?i)(?:mapbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(pk\.[a-z0-9]{60}\.[a-z0-9]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/mattermost_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/mattermost_access_token.py new file mode 100644 index 0000000000..d65b0e7554 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/mattermost_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Mattermost Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class MattermostAccessTokenDetector(RegexBasedDetector): + """Scans for Mattermost Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Mattermost Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Mattermost Access Token + re.compile( + r"""(?i)(?:mattermost)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{26})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/messagebird.py b/enterprise/enterprise_hooks/secrets_plugins/messagebird.py new file mode 100644 index 0000000000..6adc8317a8 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/messagebird.py @@ -0,0 +1,28 @@ +""" +This plugin searches for MessageBird API tokens and client IDs. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class MessageBirdDetector(RegexBasedDetector): + """Scans for MessageBird secrets.""" + + @property + def secret_type(self) -> str: + return "MessageBird Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # MessageBird API Token + re.compile( + r"""(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # MessageBird Client ID + re.compile( + r"""(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/microsoft_teams_webhook.py b/enterprise/enterprise_hooks/secrets_plugins/microsoft_teams_webhook.py new file mode 100644 index 0000000000..298fd81b0a --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/microsoft_teams_webhook.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Microsoft Teams Webhook URLs. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class MicrosoftTeamsWebhookDetector(RegexBasedDetector): + """Scans for Microsoft Teams Webhook URLs.""" + + @property + def secret_type(self) -> str: + return "Microsoft Teams Webhook" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Microsoft Teams Webhook + re.compile( + r"""https:\/\/[a-z0-9]+\.webhook\.office\.com\/webhookb2\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}@[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}\/IncomingWebhook\/[a-z0-9]{32}\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/netlify_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/netlify_access_token.py new file mode 100644 index 0000000000..cc7a575a42 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/netlify_access_token.py @@ -0,0 +1,24 @@ +""" +This plugin searches for Netlify Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class NetlifyAccessTokenDetector(RegexBasedDetector): + """Scans for Netlify Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Netlify Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Netlify Access Token + re.compile( + r"""(?i)(?:netlify)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40,46})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/new_relic.py b/enterprise/enterprise_hooks/secrets_plugins/new_relic.py new file mode 100644 index 0000000000..cef640155c --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/new_relic.py @@ -0,0 +1,32 @@ +""" +This plugin searches for New Relic API tokens and keys. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class NewRelicDetector(RegexBasedDetector): + """Scans for New Relic API tokens and keys.""" + + @property + def secret_type(self) -> str: + return "New Relic API Secrets" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # New Relic ingest browser API token + re.compile( + r"""(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(NRJS-[a-f0-9]{19})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # New Relic user API ID + re.compile( + r"""(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # New Relic user API Key + re.compile( + r"""(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(NRAK-[a-z0-9]{27})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/nytimes_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/nytimes_access_token.py new file mode 100644 index 0000000000..567b885e5a --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/nytimes_access_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for New York Times Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class NYTimesAccessTokenDetector(RegexBasedDetector): + """Scans for New York Times Access Tokens.""" + + @property + def secret_type(self) -> str: + return "New York Times Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:nytimes|new-york-times,|newyorktimes)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/okta_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/okta_access_token.py new file mode 100644 index 0000000000..97109767b0 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/okta_access_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Okta Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class OktaAccessTokenDetector(RegexBasedDetector): + """Scans for Okta Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Okta Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:okta)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{42})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/openai_api_key.py b/enterprise/enterprise_hooks/secrets_plugins/openai_api_key.py new file mode 100644 index 0000000000..c5d20f7590 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/openai_api_key.py @@ -0,0 +1,19 @@ +""" +This plugin searches for OpenAI API Keys. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class OpenAIApiKeyDetector(RegexBasedDetector): + """Scans for OpenAI API Keys.""" + + @property + def secret_type(self) -> str: + return "Strict OpenAI API Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [re.compile(r"""(sk-[a-zA-Z0-9]{5,})""")] diff --git a/enterprise/enterprise_hooks/secrets_plugins/planetscale.py b/enterprise/enterprise_hooks/secrets_plugins/planetscale.py new file mode 100644 index 0000000000..23a53667e3 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/planetscale.py @@ -0,0 +1,32 @@ +""" +This plugin searches for PlanetScale API tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class PlanetScaleDetector(RegexBasedDetector): + """Scans for PlanetScale API Tokens.""" + + @property + def secret_type(self) -> str: + return "PlanetScale API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # the PlanetScale API token + re.compile( + r"""(?i)\b(pscale_tkn_[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # the PlanetScale OAuth token + re.compile( + r"""(?i)\b(pscale_oauth_[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # the PlanetScale password + re.compile( + r"""(?i)\b(pscale_pw_[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/postman_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/postman_api_token.py new file mode 100644 index 0000000000..9469e8191c --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/postman_api_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Postman API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class PostmanApiTokenDetector(RegexBasedDetector): + """Scans for Postman API Tokens.""" + + @property + def secret_type(self) -> str: + return "Postman API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)\b(PMAK-[a-f0-9]{24}-[a-f0-9]{34})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/prefect_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/prefect_api_token.py new file mode 100644 index 0000000000..35cdb71cae --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/prefect_api_token.py @@ -0,0 +1,19 @@ +""" +This plugin searches for Prefect API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class PrefectApiTokenDetector(RegexBasedDetector): + """Scans for Prefect API Tokens.""" + + @property + def secret_type(self) -> str: + return "Prefect API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [re.compile(r"""(?i)\b(pnu_[a-z0-9]{36})(?:['|\"|\n|\r|\s|\x60|;]|$)""")] diff --git a/enterprise/enterprise_hooks/secrets_plugins/pulumi_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/pulumi_api_token.py new file mode 100644 index 0000000000..bae4ce211b --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/pulumi_api_token.py @@ -0,0 +1,19 @@ +""" +This plugin searches for Pulumi API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class PulumiApiTokenDetector(RegexBasedDetector): + """Scans for Pulumi API Tokens.""" + + @property + def secret_type(self) -> str: + return "Pulumi API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [re.compile(r"""(?i)\b(pul-[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)""")] diff --git a/enterprise/enterprise_hooks/secrets_plugins/pypi_upload_token.py b/enterprise/enterprise_hooks/secrets_plugins/pypi_upload_token.py new file mode 100644 index 0000000000..d4cc913857 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/pypi_upload_token.py @@ -0,0 +1,19 @@ +""" +This plugin searches for PyPI Upload Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class PyPiUploadTokenDetector(RegexBasedDetector): + """Scans for PyPI Upload Tokens.""" + + @property + def secret_type(self) -> str: + return "PyPI Upload Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [re.compile(r"""pypi-AgEIcHlwaS5vcmc[A-Za-z0-9\-_]{50,1000}""")] diff --git a/enterprise/enterprise_hooks/secrets_plugins/rapidapi_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/rapidapi_access_token.py new file mode 100644 index 0000000000..18b2346148 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/rapidapi_access_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for RapidAPI Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class RapidApiAccessTokenDetector(RegexBasedDetector): + """Scans for RapidAPI Access Tokens.""" + + @property + def secret_type(self) -> str: + return "RapidAPI Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:rapidapi)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/readme_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/readme_api_token.py new file mode 100644 index 0000000000..47bdffb120 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/readme_api_token.py @@ -0,0 +1,21 @@ +""" +This plugin searches for Readme API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class ReadmeApiTokenDetector(RegexBasedDetector): + """Scans for Readme API Tokens.""" + + @property + def secret_type(self) -> str: + return "Readme API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile(r"""(?i)\b(rdme_[a-z0-9]{70})(?:['|\"|\n|\r|\s|\x60|;]|$)""") + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/rubygems_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/rubygems_api_token.py new file mode 100644 index 0000000000..d49c58e73e --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/rubygems_api_token.py @@ -0,0 +1,21 @@ +""" +This plugin searches for Rubygem API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class RubygemsApiTokenDetector(RegexBasedDetector): + """Scans for Rubygem API Tokens.""" + + @property + def secret_type(self) -> str: + return "Rubygem API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile(r"""(?i)\b(rubygems_[a-f0-9]{48})(?:['|\"|\n|\r|\s|\x60|;]|$)""") + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/scalingo_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/scalingo_api_token.py new file mode 100644 index 0000000000..3f8a59ee41 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/scalingo_api_token.py @@ -0,0 +1,19 @@ +""" +This plugin searches for Scalingo API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class ScalingoApiTokenDetector(RegexBasedDetector): + """Scans for Scalingo API Tokens.""" + + @property + def secret_type(self) -> str: + return "Scalingo API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [re.compile(r"""\btk-us-[a-zA-Z0-9-_]{48}\b""")] diff --git a/enterprise/enterprise_hooks/secrets_plugins/sendbird.py b/enterprise/enterprise_hooks/secrets_plugins/sendbird.py new file mode 100644 index 0000000000..4b270d71e5 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/sendbird.py @@ -0,0 +1,28 @@ +""" +This plugin searches for Sendbird Access IDs and Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class SendbirdDetector(RegexBasedDetector): + """Scans for Sendbird Access IDs and Tokens.""" + + @property + def secret_type(self) -> str: + return "Sendbird Credential" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Sendbird Access ID + re.compile( + r"""(?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Sendbird Access Token + re.compile( + r"""(?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/sendgrid_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/sendgrid_api_token.py new file mode 100644 index 0000000000..bf974f4fd7 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/sendgrid_api_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for SendGrid API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class SendGridApiTokenDetector(RegexBasedDetector): + """Scans for SendGrid API Tokens.""" + + @property + def secret_type(self) -> str: + return "SendGrid API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)\b(SG\.[a-z0-9=_\-\.]{66})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/sendinblue_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/sendinblue_api_token.py new file mode 100644 index 0000000000..a6ed8c15ee --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/sendinblue_api_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for SendinBlue API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class SendinBlueApiTokenDetector(RegexBasedDetector): + """Scans for SendinBlue API Tokens.""" + + @property + def secret_type(self) -> str: + return "SendinBlue API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)\b(xkeysib-[a-f0-9]{64}-[a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/sentry_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/sentry_access_token.py new file mode 100644 index 0000000000..181fad2c7f --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/sentry_access_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Sentry Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class SentryAccessTokenDetector(RegexBasedDetector): + """Scans for Sentry Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Sentry Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:sentry)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/shippo_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/shippo_api_token.py new file mode 100644 index 0000000000..4314c68768 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/shippo_api_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Shippo API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class ShippoApiTokenDetector(RegexBasedDetector): + """Scans for Shippo API Tokens.""" + + @property + def secret_type(self) -> str: + return "Shippo API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)\b(shippo_(live|test)_[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/shopify.py b/enterprise/enterprise_hooks/secrets_plugins/shopify.py new file mode 100644 index 0000000000..f5f97c4478 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/shopify.py @@ -0,0 +1,31 @@ +""" +This plugin searches for Shopify Access Tokens, Custom Access Tokens, +Private App Access Tokens, and Shared Secrets. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class ShopifyDetector(RegexBasedDetector): + """Scans for Shopify Access Tokens, Custom Access Tokens, Private App Access Tokens, + and Shared Secrets. + """ + + @property + def secret_type(self) -> str: + return "Shopify Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Shopify access token + re.compile(r"""shpat_[a-fA-F0-9]{32}"""), + # Shopify custom access token + re.compile(r"""shpca_[a-fA-F0-9]{32}"""), + # Shopify private app access token + re.compile(r"""shppa_[a-fA-F0-9]{32}"""), + # Shopify shared secret + re.compile(r"""shpss_[a-fA-F0-9]{32}"""), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/slack.py b/enterprise/enterprise_hooks/secrets_plugins/slack.py new file mode 100644 index 0000000000..4896fd76b2 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/slack.py @@ -0,0 +1,38 @@ +""" +This plugin searches for Slack tokens and webhooks. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class SlackDetector(RegexBasedDetector): + """Scans for Slack tokens and webhooks.""" + + @property + def secret_type(self) -> str: + return "Slack Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Slack App-level token + re.compile(r"""(?i)(xapp-\d-[A-Z0-9]+-\d+-[a-z0-9]+)"""), + # Slack Bot token + re.compile(r"""(xoxb-[0-9]{10,13}\-[0-9]{10,13}[a-zA-Z0-9-]*)"""), + # Slack Configuration access token and refresh token + re.compile(r"""(?i)(xoxe.xox[bp]-\d-[A-Z0-9]{163,166})"""), + re.compile(r"""(?i)(xoxe-\d-[A-Z0-9]{146})"""), + # Slack Legacy bot token and token + re.compile(r"""(xoxb-[0-9]{8,14}\-[a-zA-Z0-9]{18,26})"""), + re.compile(r"""(xox[os]-\d+-\d+-\d+-[a-fA-F\d]+)"""), + # Slack Legacy Workspace token + re.compile(r"""(xox[ar]-(?:\d-)?[0-9a-zA-Z]{8,48})"""), + # Slack User token and enterprise token + re.compile(r"""(xox[pe](?:-[0-9]{10,13}){3}-[a-zA-Z0-9-]{28,34})"""), + # Slack Webhook URL + re.compile( + r"""(https?:\/\/)?hooks.slack.com\/(services|workflows)\/[A-Za-z0-9+\/]{43,46}""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/snyk_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/snyk_api_token.py new file mode 100644 index 0000000000..839bb57317 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/snyk_api_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Snyk API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class SnykApiTokenDetector(RegexBasedDetector): + """Scans for Snyk API Tokens.""" + + @property + def secret_type(self) -> str: + return "Snyk API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:snyk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/squarespace_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/squarespace_access_token.py new file mode 100644 index 0000000000..0dc83ad91d --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/squarespace_access_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Squarespace Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class SquarespaceAccessTokenDetector(RegexBasedDetector): + """Scans for Squarespace Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Squarespace Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:squarespace)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/sumologic.py b/enterprise/enterprise_hooks/secrets_plugins/sumologic.py new file mode 100644 index 0000000000..7117629acc --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/sumologic.py @@ -0,0 +1,22 @@ +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class SumoLogicDetector(RegexBasedDetector): + """Scans for SumoLogic Access ID and Access Token.""" + + @property + def secret_type(self) -> str: + return "SumoLogic" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i:(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3})(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(su[a-zA-Z0-9]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + re.compile( + r"""(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/telegram_bot_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/telegram_bot_api_token.py new file mode 100644 index 0000000000..30854fda1d --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/telegram_bot_api_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Telegram Bot API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class TelegramBotApiTokenDetector(RegexBasedDetector): + """Scans for Telegram Bot API Tokens.""" + + @property + def secret_type(self) -> str: + return "Telegram Bot API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:^|[^0-9])([0-9]{5,16}:A[a-zA-Z0-9_\-]{34})(?:$|[^a-zA-Z0-9_\-])""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/travisci_access_token.py b/enterprise/enterprise_hooks/secrets_plugins/travisci_access_token.py new file mode 100644 index 0000000000..90f9b48f46 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/travisci_access_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Travis CI Access Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class TravisCiAccessTokenDetector(RegexBasedDetector): + """Scans for Travis CI Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Travis CI Access Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:travis)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/twitch_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/twitch_api_token.py new file mode 100644 index 0000000000..1e0e3ccf8f --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/twitch_api_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Twitch API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class TwitchApiTokenDetector(RegexBasedDetector): + """Scans for Twitch API Tokens.""" + + @property + def secret_type(self) -> str: + return "Twitch API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:twitch)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/twitter.py b/enterprise/enterprise_hooks/secrets_plugins/twitter.py new file mode 100644 index 0000000000..99ad170d1e --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/twitter.py @@ -0,0 +1,36 @@ +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class TwitterDetector(RegexBasedDetector): + """Scans for Twitter Access Secrets, Access Tokens, API Keys, API Secrets, and Bearer Tokens.""" + + @property + def secret_type(self) -> str: + return "Twitter Secret" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Twitter Access Secret + re.compile( + r"""(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{45})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Twitter Access Token + re.compile( + r"""(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9]{15,25}-[a-zA-Z0-9]{20,40})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Twitter API Key + re.compile( + r"""(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Twitter API Secret + re.compile( + r"""(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Twitter Bearer Token + re.compile( + r"""(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(A{22}[a-zA-Z0-9%]{80,100})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/typeform_api_token.py b/enterprise/enterprise_hooks/secrets_plugins/typeform_api_token.py new file mode 100644 index 0000000000..8d9dc0e875 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/typeform_api_token.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Typeform API Tokens. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class TypeformApiTokenDetector(RegexBasedDetector): + """Scans for Typeform API Tokens.""" + + @property + def secret_type(self) -> str: + return "Typeform API Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:typeform)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(tfp_[a-z0-9\-_\.=]{59})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/vault.py b/enterprise/enterprise_hooks/secrets_plugins/vault.py new file mode 100644 index 0000000000..5ca552cd9e --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/vault.py @@ -0,0 +1,24 @@ +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class VaultDetector(RegexBasedDetector): + """Scans for Vault Batch Tokens and Vault Service Tokens.""" + + @property + def secret_type(self) -> str: + return "Vault Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Vault Batch Token + re.compile( + r"""(?i)\b(hvb\.[a-z0-9_-]{138,212})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Vault Service Token + re.compile( + r"""(?i)\b(hvs\.[a-z0-9_-]{90,100})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/yandex.py b/enterprise/enterprise_hooks/secrets_plugins/yandex.py new file mode 100644 index 0000000000..a58faec0d1 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/yandex.py @@ -0,0 +1,28 @@ +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class YandexDetector(RegexBasedDetector): + """Scans for Yandex Access Tokens, API Keys, and AWS Access Tokens.""" + + @property + def secret_type(self) -> str: + return "Yandex Token" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + # Yandex Access Token + re.compile( + r"""(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(t1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Yandex API Key + re.compile( + r"""(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(AQVN[A-Za-z0-9_\-]{35,38})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + # Yandex AWS Access Token + re.compile( + r"""(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(YC[a-zA-Z0-9_\-]{38})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ), + ] diff --git a/enterprise/enterprise_hooks/secrets_plugins/zendesk_secret_key.py b/enterprise/enterprise_hooks/secrets_plugins/zendesk_secret_key.py new file mode 100644 index 0000000000..42c087c5b6 --- /dev/null +++ b/enterprise/enterprise_hooks/secrets_plugins/zendesk_secret_key.py @@ -0,0 +1,23 @@ +""" +This plugin searches for Zendesk Secret Keys. +""" + +import re + +from detect_secrets.plugins.base import RegexBasedDetector + + +class ZendeskSecretKeyDetector(RegexBasedDetector): + """Scans for Zendesk Secret Keys.""" + + @property + def secret_type(self) -> str: + return "Zendesk Secret Key" + + @property + def denylist(self) -> list[re.Pattern]: + return [ + re.compile( + r"""(?i)(?:zendesk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)""" + ) + ] diff --git a/litellm/__init__.py b/litellm/__init__.py index cee80a32df..f1cc32cd16 100644 --- a/litellm/__init__.py +++ b/litellm/__init__.py @@ -413,6 +413,7 @@ openai_compatible_providers: List = [ "mistral", "groq", "nvidia_nim", + "volcengine", "codestral", "deepseek", "deepinfra", @@ -643,6 +644,7 @@ provider_list: List = [ "mistral", "groq", "nvidia_nim", + "volcengine", "codestral", "text-completion-codestral", "deepseek", @@ -818,6 +820,7 @@ from .llms.openai import ( ) from .llms.nvidia_nim import NvidiaNimConfig from .llms.fireworks_ai import FireworksAIConfig +from .llms.volcengine import VolcEngineConfig from .llms.text_completion_codestral import MistralTextCompletionConfig from .llms.azure import ( AzureOpenAIConfig, diff --git a/litellm/caching.py b/litellm/caching.py index 95cad01cfd..64488289a8 100644 --- a/litellm/caching.py +++ b/litellm/caching.py @@ -64,16 +64,55 @@ class BaseCache: class InMemoryCache(BaseCache): - def __init__(self): - # if users don't provider one, use the default litellm cache - self.cache_dict = {} - self.ttl_dict = {} + def __init__( + self, + max_size_in_memory: Optional[int] = 200, + default_ttl: Optional[ + int + ] = 600, # default ttl is 10 minutes. At maximum litellm rate limiting logic requires objects to be in memory for 1 minute + ): + """ + max_size_in_memory [int]: Maximum number of items in cache. done to prevent memory leaks. Use 200 items as a default + """ + self.max_size_in_memory = ( + max_size_in_memory or 200 + ) # set an upper bound of 200 items in-memory + self.default_ttl = default_ttl or 600 + + # in-memory cache + self.cache_dict: dict = {} + self.ttl_dict: dict = {} + + def evict_cache(self): + """ + Eviction policy: + - check if any items in ttl_dict are expired -> remove them from ttl_dict and cache_dict + + + This guarantees the following: + - 1. When item ttl not set: At minimumm each item will remain in memory for 5 minutes + - 2. When ttl is set: the item will remain in memory for at least that amount of time + - 3. the size of in-memory cache is bounded + + """ + for key in list(self.ttl_dict.keys()): + if time.time() > self.ttl_dict[key]: + self.cache_dict.pop(key, None) + self.ttl_dict.pop(key, None) def set_cache(self, key, value, **kwargs): - print_verbose("InMemoryCache: set_cache") + print_verbose( + "InMemoryCache: set_cache. current size= {}".format(len(self.cache_dict)) + ) + if len(self.cache_dict) >= self.max_size_in_memory: + # only evict when cache is full + self.evict_cache() + self.cache_dict[key] = value if "ttl" in kwargs: self.ttl_dict[key] = time.time() + kwargs["ttl"] + else: + self.ttl_dict[key] = time.time() + self.default_ttl async def async_set_cache(self, key, value, **kwargs): self.set_cache(key=key, value=value, **kwargs) @@ -139,6 +178,7 @@ class InMemoryCache(BaseCache): init_value = await self.async_get_cache(key=key) or 0 value = init_value + value await self.async_set_cache(key, value, **kwargs) + return value def flush_cache(self): diff --git a/litellm/cost_calculator.py b/litellm/cost_calculator.py index 993344e5b9..9a7df7ebef 100644 --- a/litellm/cost_calculator.py +++ b/litellm/cost_calculator.py @@ -428,7 +428,6 @@ def completion_cost( prompt_characters = 0 completion_tokens = 0 completion_characters = 0 - custom_llm_provider = None if completion_response is not None: # get input/output tokens from completion_response prompt_tokens = completion_response.get("usage", {}).get("prompt_tokens", 0) @@ -468,6 +467,10 @@ def completion_cost( "n", 1 ) # openai default else: + if model is None: + raise ValueError( + f"Model is None and does not exist in passed completion_response. Passed completion_response={completion_response}, model={model}" + ) if len(messages) > 0: prompt_tokens = token_counter(model=model, messages=messages) elif len(prompt) > 0: @@ -478,6 +481,15 @@ def completion_cost( f"Model is None and does not exist in passed completion_response. Passed completion_response={completion_response}, model={model}" ) + if custom_llm_provider is None: + try: + _, custom_llm_provider, _, _ = litellm.get_llm_provider(model=model) + except Exception as e: + verbose_logger.error( + "litellm.cost_calculator.py::completion_cost() - Error inferring custom_llm_provider - {}".format( + str(e) + ) + ) if ( call_type == CallTypes.image_generation.value or call_type == CallTypes.aimage_generation.value @@ -544,12 +556,7 @@ def completion_cost( f"Model is None and does not exist in passed completion_response. Passed completion_response={completion_response}, model={model}" ) - if ( - custom_llm_provider is not None - and custom_llm_provider == "vertex_ai" - and completion_response is not None - and isinstance(completion_response, ModelResponse) - ): + if custom_llm_provider is not None and custom_llm_provider == "vertex_ai": # Calculate the prompt characters + response characters if len("messages") > 0: prompt_string = litellm.utils.get_formatted_prompt( @@ -559,14 +566,15 @@ def completion_cost( prompt_string = "" prompt_characters = litellm.utils._count_characters(text=prompt_string) - - completion_string = litellm.utils.get_response_string( - response_obj=completion_response - ) - - completion_characters = litellm.utils._count_characters( - text=completion_string - ) + if completion_response is not None and isinstance( + completion_response, ModelResponse + ): + completion_string = litellm.utils.get_response_string( + response_obj=completion_response + ) + completion_characters = litellm.utils._count_characters( + text=completion_string + ) ( prompt_tokens_cost_usd_dollar, diff --git a/litellm/llms/azure.py b/litellm/llms/azure.py index b763a7c955..fe10cc017c 100644 --- a/litellm/llms/azure.py +++ b/litellm/llms/azure.py @@ -660,8 +660,16 @@ class AzureChatCompletion(BaseLLM): response = await azure_client.chat.completions.create( **data, timeout=timeout ) + + stringified_response = response.model_dump() + logging_obj.post_call( + input=data["messages"], + api_key=api_key, + original_response=stringified_response, + additional_args={"complete_input_dict": data}, + ) return convert_to_model_response_object( - response_object=response.model_dump(), + response_object=stringified_response, model_response_object=model_response, ) except AzureOpenAIError as e: @@ -812,7 +820,7 @@ class AzureChatCompletion(BaseLLM): azure_client_params: dict, api_key: str, input: list, - client=None, + client: Optional[AsyncAzureOpenAI] = None, logging_obj=None, timeout=None, ): @@ -911,6 +919,7 @@ class AzureChatCompletion(BaseLLM): model_response=model_response, azure_client_params=azure_client_params, timeout=timeout, + client=client, ) return response if client is None: diff --git a/litellm/llms/openai.py b/litellm/llms/openai.py index 55a0d97daf..7d14fa450b 100644 --- a/litellm/llms/openai.py +++ b/litellm/llms/openai.py @@ -996,11 +996,11 @@ class OpenAIChatCompletion(BaseLLM): self, input: list, data: dict, - model_response: ModelResponse, + model_response: litellm.utils.EmbeddingResponse, timeout: float, api_key: Optional[str] = None, api_base: Optional[str] = None, - client=None, + client: Optional[AsyncOpenAI] = None, max_retries=None, logging_obj=None, ): @@ -1039,9 +1039,9 @@ class OpenAIChatCompletion(BaseLLM): input: list, timeout: float, logging_obj, + model_response: litellm.utils.EmbeddingResponse, api_key: Optional[str] = None, api_base: Optional[str] = None, - model_response: Optional[litellm.utils.EmbeddingResponse] = None, optional_params=None, client=None, aembedding=None, @@ -1062,7 +1062,17 @@ class OpenAIChatCompletion(BaseLLM): ) if aembedding is True: - response = self.aembedding(data=data, input=input, logging_obj=logging_obj, model_response=model_response, api_base=api_base, api_key=api_key, timeout=timeout, client=client, max_retries=max_retries) # type: ignore + response = self.aembedding( + data=data, + input=input, + logging_obj=logging_obj, + model_response=model_response, + api_base=api_base, + api_key=api_key, + timeout=timeout, + client=client, + max_retries=max_retries, + ) return response openai_client = self._get_openai_client( diff --git a/litellm/llms/prompt_templates/factory.py b/litellm/llms/prompt_templates/factory.py index a97d6812c8..b359145842 100644 --- a/litellm/llms/prompt_templates/factory.py +++ b/litellm/llms/prompt_templates/factory.py @@ -663,19 +663,23 @@ def convert_url_to_base64(url): image_bytes = response.content base64_image = base64.b64encode(image_bytes).decode("utf-8") - img_type = url.split(".")[-1].lower() - if img_type == "jpg" or img_type == "jpeg": - img_type = "image/jpeg" - elif img_type == "png": - img_type = "image/png" - elif img_type == "gif": - img_type = "image/gif" - elif img_type == "webp": - img_type = "image/webp" + image_type = response.headers.get("Content-Type", None) + if image_type is not None and image_type.startswith("image/"): + img_type = image_type else: - raise Exception( - f"Error: Unsupported image format. Format={img_type}. Supported types = ['image/jpeg', 'image/png', 'image/gif', 'image/webp']" - ) + img_type = url.split(".")[-1].lower() + if img_type == "jpg" or img_type == "jpeg": + img_type = "image/jpeg" + elif img_type == "png": + img_type = "image/png" + elif img_type == "gif": + img_type = "image/gif" + elif img_type == "webp": + img_type = "image/webp" + else: + raise Exception( + f"Error: Unsupported image format. Format={img_type}. Supported types = ['image/jpeg', 'image/png', 'image/gif', 'image/webp']" + ) return f"data:{img_type};base64,{base64_image}" else: diff --git a/litellm/llms/vertex_ai.py b/litellm/llms/vertex_ai.py index 1dbd93048d..4a4abaef40 100644 --- a/litellm/llms/vertex_ai.py +++ b/litellm/llms/vertex_ai.py @@ -437,7 +437,7 @@ def completion( except: raise VertexAIError( status_code=400, - message="vertexai import failed please run `pip install google-cloud-aiplatform`", + message="vertexai import failed please run `pip install google-cloud-aiplatform`. This is required for the 'vertex_ai/' route on LiteLLM", ) if not ( diff --git a/litellm/llms/vertex_httpx.py b/litellm/llms/vertex_httpx.py index 856b05f61c..790bb09519 100644 --- a/litellm/llms/vertex_httpx.py +++ b/litellm/llms/vertex_httpx.py @@ -183,10 +183,17 @@ class GoogleAIStudioGeminiConfig: # key diff from VertexAI - 'frequency_penalty if param == "tools" and isinstance(value, list): gtool_func_declarations = [] for tool in value: + _parameters = tool.get("function", {}).get("parameters", {}) + _properties = _parameters.get("properties", {}) + if isinstance(_properties, dict): + for _, _property in _properties.items(): + if "enum" in _property and "format" not in _property: + _property["format"] = "enum" + gtool_func_declaration = FunctionDeclaration( name=tool["function"]["name"], description=tool["function"].get("description", ""), - parameters=tool["function"].get("parameters", {}), + parameters=_parameters, ) gtool_func_declarations.append(gtool_func_declaration) optional_params["tools"] = [ @@ -729,9 +736,6 @@ class VertexLLM(BaseLLM): json_obj, scopes=["https://www.googleapis.com/auth/cloud-platform"], ) - - if project_id is None: - project_id = creds.project_id else: creds, project_id = google_auth.default( quota_project_id=project_id, @@ -740,14 +744,6 @@ class VertexLLM(BaseLLM): creds.refresh(Request()) - if not project_id: - raise ValueError("Could not resolve project_id") - - if not isinstance(project_id, str): - raise TypeError( - f"Expected project_id to be a str but got {type(project_id)}" - ) - return creds, project_id def refresh_auth(self, credentials: Any) -> None: @@ -763,28 +759,17 @@ class VertexLLM(BaseLLM): """ Returns auth token and project id """ - if self.access_token is not None and self.project_id is not None: - return self.access_token, self.project_id - if not self._credentials: - self._credentials, project_id = self.load_auth( + self._credentials, _ = self.load_auth( credentials=credentials, project_id=project_id ) - if not self.project_id: - self.project_id = project_id else: self.refresh_auth(self._credentials) - if not self.project_id: - self.project_id = self._credentials.project_id - - if not self.project_id: - raise ValueError("Could not resolve project_id") - - if not self._credentials or not self._credentials.token: + if not self._credentials.token: raise RuntimeError("Could not resolve API token from the environment") - return self._credentials.token, self.project_id + return self._credentials.token, None def _get_token_and_url( self, @@ -818,7 +803,7 @@ class VertexLLM(BaseLLM): ) ) else: - auth_header, vertex_project = self._ensure_access_token( + auth_header, _ = self._ensure_access_token( credentials=vertex_credentials, project_id=vertex_project ) vertex_location = self.get_vertex_region(vertex_region=vertex_location) diff --git a/litellm/llms/volcengine.py b/litellm/llms/volcengine.py new file mode 100644 index 0000000000..eb289d1c49 --- /dev/null +++ b/litellm/llms/volcengine.py @@ -0,0 +1,87 @@ +import types +from typing import Literal, Optional, Union + +import litellm + + +class VolcEngineConfig: + frequency_penalty: Optional[int] = None + function_call: Optional[Union[str, dict]] = None + functions: Optional[list] = None + logit_bias: Optional[dict] = None + max_tokens: Optional[int] = None + n: Optional[int] = None + presence_penalty: Optional[int] = None + stop: Optional[Union[str, list]] = None + temperature: Optional[int] = None + top_p: Optional[int] = None + response_format: Optional[dict] = None + + def __init__( + self, + frequency_penalty: Optional[int] = None, + function_call: Optional[Union[str, dict]] = None, + functions: Optional[list] = None, + logit_bias: Optional[dict] = None, + max_tokens: Optional[int] = None, + n: Optional[int] = None, + presence_penalty: Optional[int] = None, + stop: Optional[Union[str, list]] = None, + temperature: Optional[int] = None, + top_p: Optional[int] = None, + response_format: Optional[dict] = None, + ) -> None: + locals_ = locals().copy() + for key, value in locals_.items(): + if key != "self" and value is not None: + setattr(self.__class__, key, value) + + @classmethod + def get_config(cls): + return { + k: v + for k, v in cls.__dict__.items() + if not k.startswith("__") + and not isinstance( + v, + ( + types.FunctionType, + types.BuiltinFunctionType, + classmethod, + staticmethod, + ), + ) + and v is not None + } + + def get_supported_openai_params(self, model: str) -> list: + return [ + "frequency_penalty", + "logit_bias", + "logprobs", + "top_logprobs", + "max_tokens", + "n", + "presence_penalty", + "seed", + "stop", + "stream", + "stream_options", + "temperature", + "top_p", + "tools", + "tool_choice", + "function_call", + "functions", + "max_retries", + "extra_headers", + ] # works across all models + + def map_openai_params( + self, non_default_params: dict, optional_params: dict, model: str + ) -> dict: + supported_openai_params = self.get_supported_openai_params(model) + for param, value in non_default_params.items(): + if param in supported_openai_params: + optional_params[param] = value + return optional_params diff --git a/litellm/main.py b/litellm/main.py index b7aa47ab74..318d0b7fe1 100644 --- a/litellm/main.py +++ b/litellm/main.py @@ -349,6 +349,7 @@ async def acompletion( or custom_llm_provider == "perplexity" or custom_llm_provider == "groq" or custom_llm_provider == "nvidia_nim" + or custom_llm_provider == "volcengine" or custom_llm_provider == "codestral" or custom_llm_provider == "text-completion-codestral" or custom_llm_provider == "deepseek" @@ -1024,7 +1025,7 @@ def completion( client=client, # pass AsyncAzureOpenAI, AzureOpenAI client ) - if optional_params.get("stream", False) or acompletion == True: + if optional_params.get("stream", False): ## LOGGING logging.post_call( input=messages, @@ -1192,6 +1193,7 @@ def completion( or custom_llm_provider == "perplexity" or custom_llm_provider == "groq" or custom_llm_provider == "nvidia_nim" + or custom_llm_provider == "volcengine" or custom_llm_provider == "codestral" or custom_llm_provider == "deepseek" or custom_llm_provider == "anyscale" @@ -2954,6 +2956,7 @@ async def aembedding(*args, **kwargs) -> EmbeddingResponse: or custom_llm_provider == "perplexity" or custom_llm_provider == "groq" or custom_llm_provider == "nvidia_nim" + or custom_llm_provider == "volcengine" or custom_llm_provider == "deepseek" or custom_llm_provider == "fireworks_ai" or custom_llm_provider == "ollama" @@ -3533,6 +3536,7 @@ async def atext_completion( or custom_llm_provider == "perplexity" or custom_llm_provider == "groq" or custom_llm_provider == "nvidia_nim" + or custom_llm_provider == "volcengine" or custom_llm_provider == "text-completion-codestral" or custom_llm_provider == "deepseek" or custom_llm_provider == "fireworks_ai" diff --git a/litellm/model_prices_and_context_window_backup.json b/litellm/model_prices_and_context_window_backup.json index acd03aeea8..415041dcbf 100644 --- a/litellm/model_prices_and_context_window_backup.json +++ b/litellm/model_prices_and_context_window_backup.json @@ -863,6 +863,46 @@ "litellm_provider": "deepseek", "mode": "chat" }, + "codestral/codestral-latest": { + "max_tokens": 8191, + "max_input_tokens": 32000, + "max_output_tokens": 8191, + "input_cost_per_token": 0.000000, + "output_cost_per_token": 0.000000, + "litellm_provider": "codestral", + "mode": "chat", + "source": "https://docs.mistral.ai/capabilities/code_generation/" + }, + "codestral/codestral-2405": { + "max_tokens": 8191, + "max_input_tokens": 32000, + "max_output_tokens": 8191, + "input_cost_per_token": 0.000000, + "output_cost_per_token": 0.000000, + "litellm_provider": "codestral", + "mode": "chat", + "source": "https://docs.mistral.ai/capabilities/code_generation/" + }, + "text-completion-codestral/codestral-latest": { + "max_tokens": 8191, + "max_input_tokens": 32000, + "max_output_tokens": 8191, + "input_cost_per_token": 0.000000, + "output_cost_per_token": 0.000000, + "litellm_provider": "text-completion-codestral", + "mode": "completion", + "source": "https://docs.mistral.ai/capabilities/code_generation/" + }, + "text-completion-codestral/codestral-2405": { + "max_tokens": 8191, + "max_input_tokens": 32000, + "max_output_tokens": 8191, + "input_cost_per_token": 0.000000, + "output_cost_per_token": 0.000000, + "litellm_provider": "text-completion-codestral", + "mode": "completion", + "source": "https://docs.mistral.ai/capabilities/code_generation/" + }, "deepseek-coder": { "max_tokens": 4096, "max_input_tokens": 32000, @@ -1028,21 +1068,55 @@ "tool_use_system_prompt_tokens": 159 }, "text-bison": { - "max_tokens": 1024, + "max_tokens": 2048, "max_input_tokens": 8192, - "max_output_tokens": 1024, - "input_cost_per_token": 0.000000125, - "output_cost_per_token": 0.000000125, + "max_output_tokens": 2048, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-text-models", "mode": "completion", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" }, "text-bison@001": { + "max_tokens": 1024, + "max_input_tokens": 8192, + "max_output_tokens": 1024, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "text-bison@002": { + "max_tokens": 1024, + "max_input_tokens": 8192, + "max_output_tokens": 1024, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "text-bison32k": { "max_tokens": 1024, "max_input_tokens": 8192, "max_output_tokens": 1024, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "text-bison32k@002": { + "max_tokens": 1024, + "max_input_tokens": 8192, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-text-models", "mode": "completion", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1073,6 +1147,8 @@ "max_output_tokens": 4096, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1083,6 +1159,8 @@ "max_output_tokens": 4096, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1093,6 +1171,8 @@ "max_output_tokens": 4096, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1103,6 +1183,20 @@ "max_output_tokens": 8192, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-chat-models", + "mode": "chat", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "chat-bison-32k@002": { + "max_tokens": 8192, + "max_input_tokens": 32000, + "max_output_tokens": 8192, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1113,6 +1207,8 @@ "max_output_tokens": 1024, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-code-text-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1123,6 +1219,44 @@ "max_output_tokens": 1024, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "code-bison@002": { + "max_tokens": 1024, + "max_input_tokens": 6144, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "code-bison32k": { + "max_tokens": 1024, + "max_input_tokens": 6144, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "code-bison-32k@002": { + "max_tokens": 1024, + "max_input_tokens": 6144, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-code-text-models", "mode": "completion", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1157,12 +1291,36 @@ "mode": "completion", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" }, + "code-gecko-latest": { + "max_tokens": 64, + "max_input_tokens": 2048, + "max_output_tokens": 64, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "litellm_provider": "vertex_ai-code-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "codechat-bison@latest": { + "max_tokens": 1024, + "max_input_tokens": 6144, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-chat-models", + "mode": "chat", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, "codechat-bison": { "max_tokens": 1024, "max_input_tokens": 6144, "max_output_tokens": 1024, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-code-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1173,6 +1331,20 @@ "max_output_tokens": 1024, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-chat-models", + "mode": "chat", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "codechat-bison@002": { + "max_tokens": 1024, + "max_input_tokens": 6144, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-code-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1183,6 +1355,20 @@ "max_output_tokens": 8192, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-chat-models", + "mode": "chat", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "codechat-bison-32k@002": { + "max_tokens": 8192, + "max_input_tokens": 32000, + "max_output_tokens": 8192, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-code-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1232,6 +1418,36 @@ "supports_function_calling": true, "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" }, + "gemini-1.0-ultra": { + "max_tokens": 8192, + "max_input_tokens": 8192, + "max_output_tokens": 2048, + "input_cost_per_image": 0.0025, + "input_cost_per_video_per_second": 0.002, + "input_cost_per_token": 0.0000005, + "input_cost_per_character": 0.000000125, + "output_cost_per_token": 0.0000015, + "output_cost_per_character": 0.000000375, + "litellm_provider": "vertex_ai-language-models", + "mode": "chat", + "supports_function_calling": true, + "source": "As of Jun, 2024. There is no available doc on vertex ai pricing gemini-1.0-ultra-001. Using gemini-1.0-pro pricing. Got max_tokens info here: https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "gemini-1.0-ultra-001": { + "max_tokens": 8192, + "max_input_tokens": 8192, + "max_output_tokens": 2048, + "input_cost_per_image": 0.0025, + "input_cost_per_video_per_second": 0.002, + "input_cost_per_token": 0.0000005, + "input_cost_per_character": 0.000000125, + "output_cost_per_token": 0.0000015, + "output_cost_per_character": 0.000000375, + "litellm_provider": "vertex_ai-language-models", + "mode": "chat", + "supports_function_calling": true, + "source": "As of Jun, 2024. There is no available doc on vertex ai pricing gemini-1.0-ultra-001. Using gemini-1.0-pro pricing. Got max_tokens info here: https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, "gemini-1.0-pro-002": { "max_tokens": 8192, "max_input_tokens": 32760, diff --git a/litellm/proxy/litellm_pre_call_utils.py b/litellm/proxy/litellm_pre_call_utils.py index 2e670de852..aec6215ced 100644 --- a/litellm/proxy/litellm_pre_call_utils.py +++ b/litellm/proxy/litellm_pre_call_utils.py @@ -144,10 +144,13 @@ async def add_litellm_data_to_request( ) # do not store the original `sk-..` api key in the db data[_metadata_variable_name]["headers"] = _headers data[_metadata_variable_name]["endpoint"] = str(request.url) + + # OTEL Controls / Tracing # Add the OTEL Parent Trace before sending it LiteLLM data[_metadata_variable_name][ "litellm_parent_otel_span" ] = user_api_key_dict.parent_otel_span + _add_otel_traceparent_to_data(data, request=request) ### END-USER SPECIFIC PARAMS ### if user_api_key_dict.allowed_model_region is not None: @@ -169,3 +172,23 @@ async def add_litellm_data_to_request( } # add the team-specific configs to the completion call return data + + +def _add_otel_traceparent_to_data(data: dict, request: Request): + from litellm.proxy.proxy_server import open_telemetry_logger + if data is None: + return + if open_telemetry_logger is None: + # if user is not use OTEL don't send extra_headers + # relevant issue: https://github.com/BerriAI/litellm/issues/4448 + return + if request.headers: + if "traceparent" in request.headers: + # we want to forward this to the LLM Provider + # Relevant issue: https://github.com/BerriAI/litellm/issues/4419 + # pass this in extra_headers + if "extra_headers" not in data: + data["extra_headers"] = {} + _exra_headers = data["extra_headers"] + if "traceparent" not in _exra_headers: + _exra_headers["traceparent"] = request.headers["traceparent"] diff --git a/litellm/proxy/proxy_server.py b/litellm/proxy/proxy_server.py index 8844dc54d7..553c8a48cb 100644 --- a/litellm/proxy/proxy_server.py +++ b/litellm/proxy/proxy_server.py @@ -2956,6 +2956,11 @@ async def chat_completion( if isinstance(data["model"], str) and data["model"] in litellm.model_alias_map: data["model"] = litellm.model_alias_map[data["model"]] + ### CALL HOOKS ### - modify/reject incoming data before calling the model + data = await proxy_logging_obj.pre_call_hook( # type: ignore + user_api_key_dict=user_api_key_dict, data=data, call_type="completion" + ) + ## LOGGING OBJECT ## - initialize logging object for logging success/failure events for call data["litellm_call_id"] = str(uuid.uuid4()) logging_obj, data = litellm.utils.function_setup( @@ -2967,11 +2972,6 @@ async def chat_completion( data["litellm_logging_obj"] = logging_obj - ### CALL HOOKS ### - modify/reject incoming data before calling the model - data = await proxy_logging_obj.pre_call_hook( # type: ignore - user_api_key_dict=user_api_key_dict, data=data, call_type="completion" - ) - tasks = [] tasks.append( proxy_logging_obj.during_call_hook( @@ -6300,7 +6300,7 @@ async def model_info_v2( raise HTTPException( status_code=500, detail={ - "error": f"Invalid llm model list. llm_model_list={llm_model_list}" + "error": f"No model list passed, models={llm_model_list}. You can add a model through the config.yaml or on the LiteLLM Admin UI." }, ) diff --git a/litellm/tests/test_amazing_vertex_completion.py b/litellm/tests/test_amazing_vertex_completion.py index c9e5501a8c..901d68ef3d 100644 --- a/litellm/tests/test_amazing_vertex_completion.py +++ b/litellm/tests/test_amazing_vertex_completion.py @@ -329,11 +329,14 @@ def test_vertex_ai(): "code-gecko@001", "code-gecko@002", "code-gecko@latest", + "codechat-bison@latest", "code-bison@001", "text-bison@001", "gemini-1.5-pro", "gemini-1.5-pro-preview-0215", - ]: + ] or ( + "gecko" in model or "32k" in model or "ultra" in model or "002" in model + ): # our account does not have access to this model continue print("making request", model) @@ -381,12 +384,15 @@ def test_vertex_ai_stream(): "code-gecko@001", "code-gecko@002", "code-gecko@latest", + "codechat-bison@latest", "code-bison@001", "text-bison@001", "gemini-1.5-pro", "gemini-1.5-pro-preview-0215", - ]: - # ouraccount does not have access to this model + ] or ( + "gecko" in model or "32k" in model or "ultra" in model or "002" in model + ): + # our account does not have access to this model continue print("making request", model) response = completion( @@ -433,11 +439,12 @@ async def test_async_vertexai_response(): "code-gecko@001", "code-gecko@002", "code-gecko@latest", + "codechat-bison@latest", "code-bison@001", "text-bison@001", "gemini-1.5-pro", "gemini-1.5-pro-preview-0215", - ]: + ] or ("gecko" in model or "32k" in model or "ultra" in model or "002" in model): # our account does not have access to this model continue try: @@ -479,11 +486,12 @@ async def test_async_vertexai_streaming_response(): "code-gecko@001", "code-gecko@002", "code-gecko@latest", + "codechat-bison@latest", "code-bison@001", "text-bison@001", "gemini-1.5-pro", "gemini-1.5-pro-preview-0215", - ]: + ] or ("gecko" in model or "32k" in model or "ultra" in model or "002" in model): # our account does not have access to this model continue try: diff --git a/litellm/tests/test_completion.py b/litellm/tests/test_completion.py index a3b0e6ea26..5138e9b61b 100644 --- a/litellm/tests/test_completion.py +++ b/litellm/tests/test_completion.py @@ -11,7 +11,7 @@ import os sys.path.insert( 0, os.path.abspath("../..") -) # Adds the parent directory to the system path +) # Adds-the parent directory to the system path import os from unittest.mock import MagicMock, patch @@ -1222,44 +1222,6 @@ def test_completion_fireworks_ai(): pytest.fail(f"Error occurred: {e}") -def test_fireworks_ai_tool_calling(): - litellm.set_verbose = True - model_name = "fireworks_ai/accounts/fireworks/models/firefunction-v2" - tools = [ - { - "type": "function", - "function": { - "name": "get_current_weather", - "description": "Get the current weather in a given location", - "parameters": { - "type": "object", - "properties": { - "location": { - "type": "string", - "description": "The city and state, e.g. San Francisco, CA", - }, - "unit": {"type": "string", "enum": ["celsius", "fahrenheit"]}, - }, - "required": ["location"], - }, - }, - } - ] - messages = [ - { - "role": "user", - "content": "What's the weather like in Boston today in Fahrenheit?", - } - ] - response = completion( - model=model_name, - messages=messages, - tools=tools, - tool_choice="required", - ) - print(response) - - @pytest.mark.skip(reason="this test is flaky") def test_completion_perplexity_api(): try: @@ -3508,6 +3470,30 @@ def test_completion_deep_infra_mistral(): # test_completion_deep_infra_mistral() +@pytest.mark.skip(reason="Local test - don't have a volcengine account as yet") +def test_completion_volcengine(): + litellm.set_verbose = True + model_name = "volcengine/" + try: + response = completion( + model=model_name, + messages=[ + { + "role": "user", + "content": "What's the weather like in Boston today in Fahrenheit?", + } + ], + api_key="", + ) + # Add any assertions here to check the response + print(response) + + except litellm.exceptions.Timeout as e: + pass + except Exception as e: + pytest.fail(f"Error occurred: {e}") + + def test_completion_nvidia_nim(): model_name = "nvidia_nim/databricks/dbrx-instruct" try: diff --git a/litellm/tests/test_completion_cost.py b/litellm/tests/test_completion_cost.py index 017d3ef723..bffb68e0e5 100644 --- a/litellm/tests/test_completion_cost.py +++ b/litellm/tests/test_completion_cost.py @@ -712,6 +712,7 @@ def test_vertex_ai_claude_completion_cost(): assert cost == predicted_cost + @pytest.mark.parametrize("sync_mode", [True, False]) @pytest.mark.asyncio async def test_completion_cost_hidden_params(sync_mode): @@ -730,3 +731,11 @@ async def test_completion_cost_hidden_params(sync_mode): assert "response_cost" in response._hidden_params assert isinstance(response._hidden_params["response_cost"], float) + +def test_vertex_ai_gemini_predict_cost(): + model = "gemini-1.5-flash" + messages = [{"role": "user", "content": "Hey, hows it going???"}] + predictive_cost = completion_cost(model=model, messages=messages) + + assert predictive_cost > 0 + diff --git a/litellm/tests/test_prompt_factory.py b/litellm/tests/test_prompt_factory.py index b3aafab6e6..5a368f92d3 100644 --- a/litellm/tests/test_prompt_factory.py +++ b/litellm/tests/test_prompt_factory.py @@ -1,7 +1,8 @@ #### What this tests #### # This tests if prompts are being correctly formatted -import sys import os +import sys + import pytest sys.path.insert(0, os.path.abspath("../..")) @@ -10,12 +11,13 @@ sys.path.insert(0, os.path.abspath("../..")) import litellm from litellm import completion from litellm.llms.prompt_templates.factory import ( - anthropic_pt, + _bedrock_tools_pt, anthropic_messages_pt, + anthropic_pt, claude_2_1_pt, + convert_url_to_base64, llama_2_chat_pt, prompt_factory, - _bedrock_tools_pt, ) @@ -153,3 +155,11 @@ def test_bedrock_tool_calling_pt(): converted_tools = _bedrock_tools_pt(tools=tools) print(converted_tools) + + +def test_convert_url_to_img(): + response_url = convert_url_to_base64( + url="https://images.pexels.com/photos/1319515/pexels-photo-1319515.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1" + ) + + assert "image/jpeg" in response_url diff --git a/litellm/tests/test_secret_detect_hook.py b/litellm/tests/test_secret_detect_hook.py index a1bf10ebad..2c20071646 100644 --- a/litellm/tests/test_secret_detect_hook.py +++ b/litellm/tests/test_secret_detect_hook.py @@ -21,15 +21,20 @@ sys.path.insert( 0, os.path.abspath("../..") ) # Adds the parent directory to the system path import pytest +from fastapi import Request, Response +from starlette.datastructures import URL import litellm from litellm import Router, mock_completion from litellm.caching import DualCache +from litellm.integrations.custom_logger import CustomLogger from litellm.proxy._types import UserAPIKeyAuth from litellm.proxy.enterprise.enterprise_hooks.secret_detection import ( _ENTERPRISE_SecretDetection, ) +from litellm.proxy.proxy_server import chat_completion from litellm.proxy.utils import ProxyLogging, hash_token +from litellm.router import Router ### UNIT TESTS FOR OpenAI Moderation ### @@ -64,6 +69,10 @@ async def test_basic_secret_detection_chat(): "role": "user", "content": "this is my OPENAI_API_KEY = 'sk_1234567890abcdef'", }, + { + "role": "user", + "content": "My hi API Key is sk-Pc4nlxVoMz41290028TbMCxx, does it seem to be in the correct format?", + }, {"role": "user", "content": "i think it is +1 412-555-5555"}, ], "model": "gpt-3.5-turbo", @@ -88,6 +97,10 @@ async def test_basic_secret_detection_chat(): "content": "Hello! I'm doing well. How can I assist you today?", }, {"role": "user", "content": "this is my OPENAI_API_KEY = '[REDACTED]'"}, + { + "role": "user", + "content": "My hi API Key is [REDACTED], does it seem to be in the correct format?", + }, {"role": "user", "content": "i think it is +1 412-555-5555"}, ], "model": "gpt-3.5-turbo", @@ -214,3 +227,82 @@ async def test_basic_secret_detection_embeddings_list(): ], "model": "gpt-3.5-turbo", } + + +class testLogger(CustomLogger): + + def __init__(self): + self.logged_message = None + + async def async_log_success_event(self, kwargs, response_obj, start_time, end_time): + print(f"On Async Success") + + self.logged_message = kwargs.get("messages") + + +router = Router( + model_list=[ + { + "model_name": "fake-model", + "litellm_params": { + "model": "openai/fake", + "api_base": "https://exampleopenaiendpoint-production.up.railway.app/", + "api_key": "sk-12345", + }, + } + ] +) + + +@pytest.mark.asyncio +async def test_chat_completion_request_with_redaction(): + """ + IMPORTANT Enterprise Test - Do not delete it: + Makes a /chat/completions request on LiteLLM Proxy + + Ensures that the secret is redacted EVEN on the callback + """ + from litellm.proxy import proxy_server + + setattr(proxy_server, "llm_router", router) + _test_logger = testLogger() + litellm.callbacks = [_ENTERPRISE_SecretDetection(), _test_logger] + litellm.set_verbose = True + + # Prepare the query string + query_params = "param1=value1¶m2=value2" + + # Create the Request object with query parameters + request = Request( + scope={ + "type": "http", + "method": "POST", + "headers": [(b"content-type", b"application/json")], + "query_string": query_params.encode(), + } + ) + + request._url = URL(url="/chat/completions") + + async def return_body(): + return b'{"model": "fake-model", "messages": [{"role": "user", "content": "Hello here is my OPENAI_API_KEY = sk-12345"}]}' + + request.body = return_body + + response = await chat_completion( + request=request, + user_api_key_dict=UserAPIKeyAuth( + api_key="sk-12345", + token="hashed_sk-12345", + ), + fastapi_response=Response(), + ) + + await asyncio.sleep(3) + + print("Info in callback after running request=", _test_logger.logged_message) + + assert _test_logger.logged_message == [ + {"role": "user", "content": "Hello here is my OPENAI_API_KEY = [REDACTED]"} + ] + pass diff --git a/litellm/types/utils.py b/litellm/types/utils.py index f2b161128c..a63e34738a 100644 --- a/litellm/types/utils.py +++ b/litellm/types/utils.py @@ -168,11 +168,13 @@ class Function(OpenAIObject): def __init__( self, - arguments: Union[Dict, str], + arguments: Optional[Union[Dict, str]], name: Optional[str] = None, **params, ): - if isinstance(arguments, Dict): + if arguments is None: + arguments = "" + elif isinstance(arguments, Dict): arguments = json.dumps(arguments) else: arguments = arguments diff --git a/litellm/utils.py b/litellm/utils.py index 0f5ff68633..53f5f98486 100644 --- a/litellm/utils.py +++ b/litellm/utils.py @@ -2435,6 +2435,7 @@ def get_optional_params( and custom_llm_provider != "together_ai" and custom_llm_provider != "groq" and custom_llm_provider != "nvidia_nim" + and custom_llm_provider != "volcengine" and custom_llm_provider != "deepseek" and custom_llm_provider != "codestral" and custom_llm_provider != "mistral" @@ -3111,6 +3112,17 @@ def get_optional_params( optional_params=optional_params, model=model, ) + elif custom_llm_provider == "volcengine": + supported_params = get_supported_openai_params( + model=model, custom_llm_provider=custom_llm_provider + ) + _check_valid_arg(supported_params=supported_params) + optional_params = litellm.VolcEngineConfig().map_openai_params( + non_default_params=non_default_params, + optional_params=optional_params, + model=model, + ) + elif custom_llm_provider == "groq": supported_params = get_supported_openai_params( model=model, custom_llm_provider=custom_llm_provider @@ -3681,6 +3693,8 @@ def get_supported_openai_params( return litellm.FireworksAIConfig().get_supported_openai_params() elif custom_llm_provider == "nvidia_nim": return litellm.NvidiaNimConfig().get_supported_openai_params() + elif custom_llm_provider == "volcengine": + return litellm.VolcEngineConfig().get_supported_openai_params(model=model) elif custom_llm_provider == "groq": return [ "temperature", @@ -3692,6 +3706,8 @@ def get_supported_openai_params( "tool_choice", "response_format", "seed", + "extra_headers", + "extra_body", ] elif custom_llm_provider == "deepseek": return [ @@ -4045,6 +4061,10 @@ def get_llm_provider( # nvidia_nim is openai compatible, we just need to set this to custom_openai and have the api_base be https://api.endpoints.anyscale.com/v1 api_base = "https://integrate.api.nvidia.com/v1" dynamic_api_key = get_secret("NVIDIA_NIM_API_KEY") + elif custom_llm_provider == "volcengine": + # volcengine is openai compatible, we just need to set this to custom_openai and have the api_base be https://api.endpoints.anyscale.com/v1 + api_base = "https://ark.cn-beijing.volces.com/api/v3" + dynamic_api_key = get_secret("VOLCENGINE_API_KEY") elif custom_llm_provider == "codestral": # codestral is openai compatible, we just need to set this to custom_openai and have the api_base be https://codestral.mistral.ai/v1 api_base = "https://codestral.mistral.ai/v1" @@ -4967,6 +4987,11 @@ def validate_environment(model: Optional[str] = None) -> dict: keys_in_environment = True else: missing_keys.append("NVIDIA_NIM_API_KEY") + elif custom_llm_provider == "volcengine": + if "VOLCENGINE_API_KEY" in os.environ: + keys_in_environment = True + else: + missing_keys.append("VOLCENGINE_API_KEY") elif ( custom_llm_provider == "codestral" or custom_llm_provider == "text-completion-codestral" @@ -7802,6 +7827,7 @@ class CustomStreamWrapper: "", "", "<|im_end|>", + "<|im_start|>", ] self.holding_chunk = "" self.complete_response = "" diff --git a/model_prices_and_context_window.json b/model_prices_and_context_window.json index acd03aeea8..415041dcbf 100644 --- a/model_prices_and_context_window.json +++ b/model_prices_and_context_window.json @@ -863,6 +863,46 @@ "litellm_provider": "deepseek", "mode": "chat" }, + "codestral/codestral-latest": { + "max_tokens": 8191, + "max_input_tokens": 32000, + "max_output_tokens": 8191, + "input_cost_per_token": 0.000000, + "output_cost_per_token": 0.000000, + "litellm_provider": "codestral", + "mode": "chat", + "source": "https://docs.mistral.ai/capabilities/code_generation/" + }, + "codestral/codestral-2405": { + "max_tokens": 8191, + "max_input_tokens": 32000, + "max_output_tokens": 8191, + "input_cost_per_token": 0.000000, + "output_cost_per_token": 0.000000, + "litellm_provider": "codestral", + "mode": "chat", + "source": "https://docs.mistral.ai/capabilities/code_generation/" + }, + "text-completion-codestral/codestral-latest": { + "max_tokens": 8191, + "max_input_tokens": 32000, + "max_output_tokens": 8191, + "input_cost_per_token": 0.000000, + "output_cost_per_token": 0.000000, + "litellm_provider": "text-completion-codestral", + "mode": "completion", + "source": "https://docs.mistral.ai/capabilities/code_generation/" + }, + "text-completion-codestral/codestral-2405": { + "max_tokens": 8191, + "max_input_tokens": 32000, + "max_output_tokens": 8191, + "input_cost_per_token": 0.000000, + "output_cost_per_token": 0.000000, + "litellm_provider": "text-completion-codestral", + "mode": "completion", + "source": "https://docs.mistral.ai/capabilities/code_generation/" + }, "deepseek-coder": { "max_tokens": 4096, "max_input_tokens": 32000, @@ -1028,21 +1068,55 @@ "tool_use_system_prompt_tokens": 159 }, "text-bison": { - "max_tokens": 1024, + "max_tokens": 2048, "max_input_tokens": 8192, - "max_output_tokens": 1024, - "input_cost_per_token": 0.000000125, - "output_cost_per_token": 0.000000125, + "max_output_tokens": 2048, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-text-models", "mode": "completion", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" }, "text-bison@001": { + "max_tokens": 1024, + "max_input_tokens": 8192, + "max_output_tokens": 1024, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "text-bison@002": { + "max_tokens": 1024, + "max_input_tokens": 8192, + "max_output_tokens": 1024, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "text-bison32k": { "max_tokens": 1024, "max_input_tokens": 8192, "max_output_tokens": 1024, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "text-bison32k@002": { + "max_tokens": 1024, + "max_input_tokens": 8192, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-text-models", "mode": "completion", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1073,6 +1147,8 @@ "max_output_tokens": 4096, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1083,6 +1159,8 @@ "max_output_tokens": 4096, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1093,6 +1171,8 @@ "max_output_tokens": 4096, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1103,6 +1183,20 @@ "max_output_tokens": 8192, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-chat-models", + "mode": "chat", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "chat-bison-32k@002": { + "max_tokens": 8192, + "max_input_tokens": 32000, + "max_output_tokens": 8192, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1113,6 +1207,8 @@ "max_output_tokens": 1024, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-code-text-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1123,6 +1219,44 @@ "max_output_tokens": 1024, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "code-bison@002": { + "max_tokens": 1024, + "max_input_tokens": 6144, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "code-bison32k": { + "max_tokens": 1024, + "max_input_tokens": 6144, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "code-bison-32k@002": { + "max_tokens": 1024, + "max_input_tokens": 6144, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-code-text-models", "mode": "completion", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1157,12 +1291,36 @@ "mode": "completion", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" }, + "code-gecko-latest": { + "max_tokens": 64, + "max_input_tokens": 2048, + "max_output_tokens": 64, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "litellm_provider": "vertex_ai-code-text-models", + "mode": "completion", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "codechat-bison@latest": { + "max_tokens": 1024, + "max_input_tokens": 6144, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-chat-models", + "mode": "chat", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, "codechat-bison": { "max_tokens": 1024, "max_input_tokens": 6144, "max_output_tokens": 1024, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-code-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1173,6 +1331,20 @@ "max_output_tokens": 1024, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-chat-models", + "mode": "chat", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "codechat-bison@002": { + "max_tokens": 1024, + "max_input_tokens": 6144, + "max_output_tokens": 1024, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-code-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1183,6 +1355,20 @@ "max_output_tokens": 8192, "input_cost_per_token": 0.000000125, "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, + "litellm_provider": "vertex_ai-code-chat-models", + "mode": "chat", + "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "codechat-bison-32k@002": { + "max_tokens": 8192, + "max_input_tokens": 32000, + "max_output_tokens": 8192, + "input_cost_per_token": 0.000000125, + "output_cost_per_token": 0.000000125, + "input_cost_per_character": 0.00000025, + "output_cost_per_character": 0.0000005, "litellm_provider": "vertex_ai-code-chat-models", "mode": "chat", "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" @@ -1232,6 +1418,36 @@ "supports_function_calling": true, "source": "https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" }, + "gemini-1.0-ultra": { + "max_tokens": 8192, + "max_input_tokens": 8192, + "max_output_tokens": 2048, + "input_cost_per_image": 0.0025, + "input_cost_per_video_per_second": 0.002, + "input_cost_per_token": 0.0000005, + "input_cost_per_character": 0.000000125, + "output_cost_per_token": 0.0000015, + "output_cost_per_character": 0.000000375, + "litellm_provider": "vertex_ai-language-models", + "mode": "chat", + "supports_function_calling": true, + "source": "As of Jun, 2024. There is no available doc on vertex ai pricing gemini-1.0-ultra-001. Using gemini-1.0-pro pricing. Got max_tokens info here: https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, + "gemini-1.0-ultra-001": { + "max_tokens": 8192, + "max_input_tokens": 8192, + "max_output_tokens": 2048, + "input_cost_per_image": 0.0025, + "input_cost_per_video_per_second": 0.002, + "input_cost_per_token": 0.0000005, + "input_cost_per_character": 0.000000125, + "output_cost_per_token": 0.0000015, + "output_cost_per_character": 0.000000375, + "litellm_provider": "vertex_ai-language-models", + "mode": "chat", + "supports_function_calling": true, + "source": "As of Jun, 2024. There is no available doc on vertex ai pricing gemini-1.0-ultra-001. Using gemini-1.0-pro pricing. Got max_tokens info here: https://cloud.google.com/vertex-ai/generative-ai/docs/learn/models#foundation_models" + }, "gemini-1.0-pro-002": { "max_tokens": 8192, "max_input_tokens": 32760, diff --git a/poetry.lock b/poetry.lock index 290d19f7a9..88927576c4 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 1.8.3 and should not be changed by hand. +# This file is automatically @generated by Poetry 1.7.1 and should not be changed by hand. [[package]] name = "aiohttp" @@ -343,13 +343,13 @@ uvloop = ["uvloop (>=0.15.2)"] [[package]] name = "cachetools" -version = "5.3.3" +version = "5.3.1" description = "Extensible memoizing collections and decorators" -optional = true +optional = false python-versions = ">=3.7" files = [ - {file = "cachetools-5.3.3-py3-none-any.whl", hash = "sha256:0abad1021d3f8325b2fc1d2e9c8b9c9d57b04c3932657a72465447332c24d945"}, - {file = "cachetools-5.3.3.tar.gz", hash = "sha256:ba29e2dfa0b8b556606f097407ed1aa62080ee108ab0dc5ec9d6a723a007d105"}, + {file = "cachetools-5.3.1-py3-none-any.whl", hash = "sha256:95ef631eeaea14ba2e36f06437f36463aac3a096799e876ee55e5cdccb102590"}, + {file = "cachetools-5.3.1.tar.gz", hash = "sha256:dce83f2d9b4e1f732a8cd44af8e8fab2dbe46201467fc98b3ef8f269092bf62b"}, ] [[package]] @@ -3300,4 +3300,4 @@ proxy = ["PyJWT", "apscheduler", "backoff", "cryptography", "fastapi", "fastapi- [metadata] lock-version = "2.0" python-versions = ">=3.8.1,<4.0, !=3.9.7" -content-hash = "f400d2f686954c2b12b0ee88546f31d52ebc8e323a3ec850dc46d74748d38cdf" +content-hash = "022481b965a1a6524cc25d52eff59592779aafdf03dc6159c834b9519079f549" diff --git a/pyproject.toml b/pyproject.toml index 321f44b23b..f7f52b8cc4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "litellm" -version = "1.40.27" +version = "1.40.30" description = "Library to easily interface with LLM API providers" authors = ["BerriAI"] license = "MIT" @@ -90,7 +90,7 @@ requires = ["poetry-core", "wheel"] build-backend = "poetry.core.masonry.api" [tool.commitizen] -version = "1.40.27" +version = "1.40.30" version_files = [ "pyproject.toml:^version" ]