secretlint

Pluggable linting tool to prevent committing credential.

MIT License

Downloads
2.1M
Stars
810
Committers
26
View Code on GitHub View on X
Ecosystems: Git, Node.js, Docker

Bot releases are visible (Hide)

secretlint - v7.0.4

Published by github-actions[bot] about 1 year ago

What's Changed

This release includes various fixes for Windows.

  • #593
  • #589

Bug Fixes

CI

Dependency Updates

Full Changelog: https://github.com/secretlint/secretlint/compare/v7.0.3...v7.0.4

secretlint - v7.0.3

Published by github-actions[bot] over 1 year ago

What's Changed

Bug Fixes

Testing

Dependency Updates

New Contributors

Full Changelog: https://github.com/secretlint/secretlint/compare/v7.0.2...7.0.3

secretlint - v7.0.2

Published by github-actions[bot] over 1 year ago

What's Changed

Bug Fixes

Full Changelog: https://github.com/secretlint/secretlint/compare/v7.0.1...7.0.2

secretlint - v7.0.1

Published by github-actions[bot] over 1 year ago

What's Changed

Bug Fixes

Dependency Updates

New Contributors

Full Changelog: https://github.com/secretlint/secretlint/compare/v7.0.0...7.0.1

secretlint - v7.0.0

Published by github-actions[bot] over 1 year ago

This release convert almost secretlint packages to Pure ESM 🎉

Breaking Changes

  • Require Node.js 18+ #538
    • package code format is ES2022
  • Update Docker image based on Node.js 18 #468
  • Update Exit Status #547
    • Secretlint exits with the following values
    • 0: Linting succeeded, no errors found
    • 1: Linting failed, errors found
    • 2: Unexpected error occurred, fatal error
    • Previously, these values are not defined
  • Add new "json" formatter for secretlint #45
    • output format is changed from old "json" formatter
  • Convert packages to Pure ESM package
    • PRs: #527 #530
    • If your scripts are CommonJS, you need to dynamic import import("@secretlint/core").
    • For command line/Docker user, No change anything!
  • Convert @secretlint/types to dual package
  • @secretlint/tester is migrated to ESM, But we can load it using dynamic import from CJS
    • @secretlint/tester uses node:test instead of Mocha
    • Also, Support URL object in snapshotDirectory option.

It means that you can still write your rule in CommonJS.
You can migrate your snapshot testing code to secretlint v7 by following:

CommonJS Edition:

- import { snapshot } from "@secretlint/tester";
import path from "path";
import { creator as rule } from "../src/index";
+ import test from "node:test";
- describe("@secretlint/secretlint-rule-example", () => {
+ test("@secretlint/secretlint-rule-example", async (t) => {
+      const snapshot = (await import("@secretlint/tester")).snapshot;
-      snapshot({
+      await snapshot({
          defaultConfig: {
              rules: [
                  {
                      id: "@secretlint/secretlint-rule-preset-canary",
                      rule,
                      rules: [],
                      options: {},
                  },
              ],
          },
          updateSnapshot: !!process.env.UPDATE_SNAPSHOT,
          snapshotDirectory: path.join(__dirname, "snapshots"),
      }).forEach((name, test) => {
-          it(name, async function () {
+          return it(name, async (context) => {
              const status = await test();
              if (status === "skip") {
-                  this.skip();
+                  context.skip();
              }
          });
      });
  });

Of course, you can write test in ESM and rule.

import test from "node:test";
import { snapshot } "@secretlint/teter";
import { creator as rule } from "../src/index.js";
test("@secretlint/secretlint-rule-example", async (t) => {
    return snapshot({
        defaultConfig: {
            rules: [
                {
                    id: "@secretlint/secretlint-rule-example",
                    rule,
                    options: {},
                },
            ],
        },
        updateSnapshot: !!process.env.UPDATE_SNAPSHOT,
        snapshotDirectory: new URL("snapshots", import.meta.url),
    }).forEach((name, test) => {
        return t.test(name, async (context) => {
            const status = await test();
            if (status === "skip") {
                context.skip();
            }
        });
    });
});

And run tests via Node.js Test runner

$ node --test test/index.test.js
# or
$ node --loader ts-node/esm --test test/index.test.ts

For more details, see https://github.com/secretlint/secretlint/blob/master/docs/secretlint-rule.md and Node.js Test runner

Change Logs

Breaking Changes

Bug Fixes

Documentation

Dependency Updates

Other Changes

Full Changelog: https://github.com/secretlint/secretlint/compare/v6.2.4...7.0.0

secretlint - v6.2.4

Published by github-actions[bot] over 1 year ago

What's Changed

Security Fixes

It will resolve vulnerability issues with semver.

Dependency Updates

Full Changelog: https://github.com/secretlint/secretlint/compare/v6.2.3...6.2.4

secretlint - v6.2.3

Published by github-actions[bot] over 1 year ago

What's Changed

Refactoring

Full Changelog: https://github.com/secretlint/secretlint/compare/v6.2.2...6.2.3

secretlint - v6.2.2

Published by github-actions[bot] over 1 year ago

What's Changed

Bug Fixes

Full Changelog: https://github.com/secretlint/secretlint/compare/v6.2.1...6.2.2

secretlint - v6.2.1

Published by github-actions[bot] over 1 year ago

What's Changed

Features

Documentation

Dependency Updates

Full Changelog: https://github.com/secretlint/secretlint/compare/v6.2.0...6.2.1

secretlint - v6.2.0

Published by github-actions[bot] over 1 year ago

What's Changed

Features

Documentation

CI

Dependency Updates

New Contributors

Full Changelog: https://github.com/secretlint/secretlint/compare/v6.1.0...6.2.0

secretlint - v6.1.0

Published by github-actions[bot] over 1 year ago

What's Changed

Features

Docker Image includes @secretlint/secretlint-rule-pattern by default.

Dependency Updates

New Contributors

Full Changelog: https://github.com/secretlint/secretlint/compare/v6.0.2...6.1.0

secretlint - v6.0.2

Published by github-actions[bot] almost 2 years ago

Fixes

  • filter-comment: fix secretlint-disable comment parsing (#372) (df75539)

Fix to parse Markdown comment(<!-- secretlint-disable -->) correctly.

secretlint - v6.0.1

Published by github-actions[bot] almost 2 years ago

Breaking Changes

Add "sourceContent" and "sourceContentType" to result #362

This change only affect to rule creator.

  • command line user: No need to change
  • rule creator: Need to update snapshot

This change add "sourceContent" and "sourceContentType" to secretlint result

{
    "filePath": "[SNAPSHOT]/ng.secret/input.txt",
+    "sourceContent": "THIS IS SECRET.",
+    "sourceContentType": "text",
     "messages": []
}

Drop Node.js 14 support

Secretlint no longer tests on Node.js 14.

Supported Versions:

  • Node.js 16.x
  • Node.js 18.x

Features

  • add --format=mask-result #358

secretlint does not have --fix flag, However you can use --format=mask-result --output input.file instead of it.

For example, you can mask the secrets of .zsh_history file.

$ npx @secretlint/quick-start .zsh_history --format=mask-result
# output masked result

You can overwrite .zsh_history file with masked result.

$ npx @secretlint/quick-start .zsh_history --format=mask-result --output .zsh_history

📝 It will mitigate software supply chain attack like PyTorch-nightly's torchtriton issue.

secretlint - v5.3.0

Published by github-actions[bot] almost 2 years ago

Features

  • secretlint-rule-github: support for fine-grained personal access tokens (#322) (9eae766) by @rhysd

GitHub introduced new personal access tokens system (it's still in beta as of now).

Secretlint can now detect the new fine-grained personal access tokens.

secretlint - v5.2.4

Published by github-actions[bot] about 2 years ago

Bug Fixes

secretlint - v5.2.3

Published by github-actions[bot] over 2 years ago

Bug Fixes

  • fix secretlintignore resolving logic (30a4f16)
  • support - in "allows" options (d22becc) #285
secretlint - v5.2.2

Published by github-actions[bot] over 2 years ago

Features

  • Docker: install sarif formatter to docker image #279

What's Changed

New Contributors

Full Changelog: https://github.com/secretlint/secretlint/compare/v5.2.1...v5.2.2

secretlint - v5.2.1

Published by github-actions[bot] over 2 years ago

Bug Fixes

What's Changed

Full Changelog: https://github.com/secretlint/secretlint/compare/v5.2.0...v5.2.1

secretlint - v5.2.0

Published by github-actions[bot] over 2 years ago

Features

  • Add @secretlint/secretlint-rule-shopify that detects Shopify API keys (a897bea) #247
  • canary: add shopify to canary preset (118c7b3)
  • recommend: add shopify to recommended preset (1f166a3)
secretlint - v5.1.3

Published by github-actions[bot] over 2 years ago

Features

  • Docker: support arm64 for image #253 #252 by @korosuke613

Now, Secretlint Docker Image supports linux/amd64 and linux/arm64 architectures.

This release does not change secretlint it-self.

📝 v5.1.3 is re-publish version of v5.1.2.

Package Rankings
Top 1.87% on Npmjs.org
Badges
Extracted from project README
Actions Status
Related Projects
commitlint

commitlint - Lint commit messages for Dart and Flutter projects

09 Jan 2023 12
commitlint

📓 Lint commit messages

12 Feb 2016 16,090
git-validator

Git hooks and code style Validator.

06 Mar 2023 38