Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

gitlab-ci-verify

Package Overview
Dependencies
Maintainers
1
Versions
58
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

gitlab-ci-verify

Validate and lint your gitlab ci files using ShellCheck, the Gitlab API and curated checks

pipPyPI
Version
2.4.4
Maintainers
1

gitlab-ci-verify

GitHub Release PyPI version PyPI - Downloads DockerHub Pulls GitHub all releases download count CircleCI codecov Renovate Quality Gate Status Maintainability Rating Go Report Card Security Rating


Validate and lint your gitlab ci files using ShellCheck, the Gitlab API, curated checks or even build your own checks

Features

  • ShellCheck for scripts
  • Validation against Pipeline Lint API for project
  • Curated checks for common mistakes (feel free to contribute new ones)
  • Automatic detection of the current gitlab project with an option to overwrite
  • Available as pre-commit hook
  • Usable to valid dynamically generated pipelines using the python wrapper
  • Support for gitlab.com and self-hosted instances
  • Support for custom policies written in Rego
  • Resolve and validate includes (how it works and limitations)

Installation

See the Installation section in the documentation.

Documentation

You can find the full documentation on GitHub Pages, including:

  • How it works
  • How to add new checks
  • How to write custom policies using rego
  • How to authenticate with GitLab

Motivation

Unfortunately, GitLab didn't provide a tool to validate CI configuration for quite a while. Now that changed with the glab CLI providing glab ci lint but it is quite limited and under the hood just calls the new CI Lint API.

Throughout the years quite some tools evolved, but most of them are either outdated, painful to use or install, and basically also provide the lint functionality from the API.

As most of the logic in pipelines is written in shell scripts via the *script attributes these are lacking completely from all tools out there as well as the official lint API.

The goal of gitlab-ci-verify is to provide the stock CI Lint functionality plus shellcheck. Completed in the future some rules to lint that common patterns are working as intended by GitLab and void them from being pushed and leading to unexpected behavior.

Contributing

I love your input! I want to make contributing to this project as easy and transparent as possible, whether it's:

  • Reporting a bug
  • Discussing the current state of the configuration
  • Submitting a fix
  • Proposing new features
  • Becoming a maintainer

To get started, please read the Contribution Guidelines.

Credits

This whole project wouldn't be possible with the great work of the following libraries/tools:

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover

Research

/

Security News

Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover

A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.

By Kirill Boychenko  -  Nov 12, 2025