@secretlint/secretlint-rule-github
Advanced tools
A secretlint rule for GitHub.
Install with npm:
npm install @secretlint/secretlint-rule-github
Via .secretlintrc.json(Recommended)
{
"rules": [
{
"id": "@secretlint/secretlint-rule-github"
}
]
}
found GitHub Token({{typeName}}): {{KEY}}
Disallow to write GitHub Token.
ghp_ for Personal Access Tokensgho_ for OAuth Access tokensghu_ for GitHub App user-to-server tokensghs_ for GitHub App server-to-server tokensghr_ for GitHub App refresh tokensgithub_pat_ for fine-grained personal access tokensThis rule can detect a new format of GitHub Token.
allows: string[]
See Releases page.
Install devDependencies and Run npm test:
npm test
Pull requests and stars are always welcome.
For bugs and feature requests, please create an issue.
git checkout -b my-new-featuregit commit -am 'Add some feature'git push origin my-new-featureMIT © azu
FAQs
A secretlint rule for sendgrid api keys.
We found that @secretlint/secretlint-rule-github demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Vite releases Rolldown-Vite, a Rust-based bundler preview offering faster builds and lower memory usage as a drop-in replacement for Vite.
Research
Security News
A malicious npm typosquat uses remote commands to silently delete entire project directories after a single mistyped install.
Research
Security News
Malicious PyPI package semantic-types steals Solana private keys via transitive dependency installs using monkey patching and blockchain exfiltration.