secure-repo icon indicating copy to clipboard operation
secure-repo copied to clipboard

Published 20 hours ago verified publisher icon step-security

[KB] Add KB for gitleaks/gitleaks-action

Open step-security-bot opened this issue 2 years ago • 1 comments

Knowledge Base is missing for gitleaks/gitleaks-action.

step-security-bot avatar Aug 05 '22 20:08 step-security-bot

Analysis

Action Name: gitleaks/gitleaks-action
Action Type: Node
GITHUB_TOKEN Matches: token,GITHUB_TOKEN,github_token
Top language: JavaScript
Stars: 128
Private: false
Forks: 78

Endpoints Found

Endpoint Permission
pulls.create write
pulls.createReview write
repos.get read
repos.getLatestRelease read

FollowUp Links.

https://github.com/gitleaks/gitleaks-action/blob/f65dee2ef48e96e7a5a2b775b131c3d81b2e73ea/src/gitleaks.js https://github.com/gitleaks/gitleaks-action/blob/f2f91c818f5cd695ba27332127a4fcee1a997838/src/index.js

action-security.yml

name: Gitleaks
github-token:
  environment-variable-name: <FigureOutYourself>
    is-default: false
  permissions:
    pull-requests: write
    contents: read

step-security-bot avatar Aug 05 '22 20:08 step-security-bot