Do you store your Discord bot token in plaintext? Don't get caught with your pants down. Strap in!

Botstrap is a Python library suit of power armor that perfectly fits your Discord bot. It offers:

• 🔐 Secure encryption and password protection to keep your bot tokens safe
• 🤹 A straightforward way to manage multiple tokens and/or bot configurations
• 🌈 An intuitive, colorful, and customizable command-line interface for your bot
• 🤝 Out-of-the-box compatibility with all of the most popular Python Discord libraries
• ... and more to come!

Python 3.10 or higher is required. It's also generally a good idea to upgrade pip (python -m pip install -U pip).

pip install -U botstrap

For additional/alternative installation instructions, see the documentation.

Coming soon! In the meantime, check out:

• The examples directory
• Starter bot templates for various Discord libraries
• And most importantly: The extremely detailed Botstrap API Reference

Adding one or both of Botstrap's pre-commit hooks to your git workflow is an easy and seamless way to improve the security of your codebase. (If you're unfamiliar with pre-commit, here's its quickstart guide. Highly recommend!)

See below for descriptions of the available hooks, and add the one(s) you like to your .pre-commit-config.yaml:

- repo: https://github.com/nuztalgia/botstrap
  rev: 0.2.9
  hooks:
    - id: detect-discord-bot-tokens
    - id: detect-encrypted-tokens

This hook checks the contents of your added/changed files every time you git commit, and raises an error if it finds any unencrypted bot tokens. It won't catch any plaintext tokens that you've .gitignore-d or already committed, but it will prevent you from accidentally committing new ones.

Note: This hook is especially useful for bots whose tokens aren't secured by the main Botstrap library - including bots written in languages other than Python! ✨

Although it isn't quite as dangerous to commit your encrypted bot tokens, doing so is still very much a security risk. This hook prevents that from happening by raising an error if you try to git commit a file whose name matches the pattern used by Botstrap's encrypted token files. (Hint: Keep this hook happy by adding *.key to your .gitignore.)

Let everyone know your Discord bot is secure by adding a badge to your repository's README.md:

[![Botstrap](https://img.shields.io/endpoint?url=https%3A%2F%2Fraw.githubusercontent.com%2Fnuztalgia%2Fbotstrap%2Fmain%2F.github%2Fbadges%2Fbotstrap-on.json)](https://github.com/nuztalgia/botstrap)

You can replace botstrap-on in the above snippet with the text on one of the other badges (e.g. tokens-secure).

For more granular customization options, check out the available style parameters on shields.io.

Copyright © 2022 Nuztalgia. Released under the Apache License, Version 2.0.