azu
Hi, the npm package seems to be out of date (at 0.0.1). Please update the package version and update npm. Thanks.
CodeQL detect ReDoS on packages/@secretlint/secretlint-rule-npm/src/index.ts:45 > This that depends on may run slow on strings starting with 'http://' and with many repetitions of 'http://a/'. https://github.com/secretlint/secretlint/blob/0c5db4066a61375b7954b716f952aedd16357b1b/packages/%40secretlint/secretlint-rule-npm/src/index.ts#L45-L45 Tracking issue for: - [...
TODO: currently formatter can not get correct version. _Originally posted by @azu in https://github.com/secretlint/secretlint/pull/217#discussion_r817496094_ should secretlint pass own version to formatter?
https://github.com/nrwl/precise-commits/blob/master/README.md ? we need to think masking(fixing) for credential.
Currently, secretlint-rule-{npm/github} does not check CRC32 in tokens. we want to suport it. ## PoC ```js // https://gist.github.com/kevinyan815/f71b2f5ca3541631abd2e50f3929739b function toBase62(n) { if (n === 0) { return '0'; } const...
TODO: publish-artifact should be independent. fix #179
We need to write tests for `secretlint --init`. Also, add test for config-creator package.
We want to add documents that run secretlint only on changed files on Pull Request. ```yaml name: Secretlint on: [pull_request] # secretlint + git diff on Pull Request # https://github.com/secretlint/secretlint...
[@secretlint/secretlint-rule-no-dotenv](https://github.com/secretlint/secretlint/tree/master/packages/%40secretlint/secretlint-rule-no-dotenv) is file name based rule. We want to provide that the user can ignore specific files like `.env.local`. Of course, `.secretlintignore` allows us to define it. However, it should...