A secretlint rule for npm.
Install with npm:
npm install @secretlint/secretlint-rule-npm
Via .secretlintrc.json
(Recommended)
{
"rules": [
{
"id": "@secretlint/secretlint-rule-npm"
}
]
}
found GitHub Token: {{TOKEN}}
Disallow to use https://<token>@github.com/owner/repo.git
in package.json
or package-lock.json
.
Often, https://<token>@github.com/owner/repo.git
is used for installing module from private repository.
If you want to use some module as private, please use private registry like npm, GitHub Package Registry, or Verdaccio.
found npmrc authToken: {{TOKEN}}
Disallow to include <registry>:_authToken=<TOKEN>
in .npmrc
.
The TOKEN
is credential data.
found npm access token: {{TOKEN}}
Disallow to include npm access token.
The TOKEN
is credential data.
-
allows: string[]
- Allows a list of RegExp-like String
See Releases page.
Install devDependencies and Run npm test
:
npm test
Pull requests and stars are always welcome.
For bugs and feature requests, please create an issue.
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request :D
MIT © azu