Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

gh-lint

Package Overview
Dependencies
Maintainers
2
Versions
21
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

gh-lint

Rule-based command-line tool for auditing GitHub repositories

  • 0.6.1
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
23
increased by109.09%
Maintainers
2
Weekly downloads
 
Created
Source

gh-lint

Rule-based command-line tool for monitoring GitHub repositories

Build Status npm version Coverage Status

Install

npm install -g gh-lint

Usage

ghlint -c config.json -u $GITHUB_USERNAME -p $GITHUB_TOKEN

where config.json is a configuration file described by this schema.

You can define rules for organisations, teams and specific repos.

Rules

Repo rules
  • repo-description: check that repo has description specified in GitHub UI
  • repo-homepage: check that repo has homepage specified in GitHub UI
  • repo-team: check that repo is assigned to one of specified teams
Branch rules
  • branch-default: check that default branch is master
  • branch-protection: check that master branch is protected
Commit rules

By default, these rules analyse the commits for the last 30 days. It can be changed using options --since and --until (see below).

  • commit-name: check that commit names satisfy semantic commit conventions

Options

  • -c (or --config) - configuration file location
  • -u (or --user) - GitHub username
  • -p (or --pass) - GitHub password
  • -a (or --after) / -b (or --before) - only validate repositories in organizations and in teams that were changed after/before this date (also can be date-time or the integer number of days). These options have no effect on repositories that are explicitely specified.
  • --since / --until - validate commits since/until this date (also can be date-time or the integer number of days)
  • --tap - output results in TAP format

License

MIT

Keywords

FAQs

Package last updated on 25 Jun 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc