CybserSecurity News

secretlint: Pluggable linting tool to prevent committing credential

Written by

ddos

in

Secretlint

Secretlint is that Pluggable linting tool to prevent committing credentials.

Feature

  • Scanner: Found credentials in a project and report these
  • Project Friendly: Easy to set up your project and integrate CI services
  • Pre-Commit Hook: Prevent committing credential files
  • Pluggable: Allow creating custom rule and flexible configuration
  • Documentation: Describe the reason that rule detect it as secret

Use Cases

Hide secrets in lint error message

Secretlint support --maskSecrets option that mask secrets in lint error message. It is useful that you want to hide secrets in CI logs.

[pastacode lang=”markup” manual=”%24%20secretlint%20–maskSecrets%20%22**%2F*%22″ message=”” highlight=”” provider=”manual”/]

Fix secrets

Secretlint can not fix the secrets automatically. However, It is useful that --format=mask-result mask the secrets of input file.

For example, you can mask the secrets of .zsh_history file and overwrite it.

[pastacode lang=”markup” manual=”%24%20secretlint%20.zsh_history%20–format%3Dmask-result%20–output%3D.zsh_history” message=”” highlight=”” provider=”manual”/]

Browser

Secretlint WebExtension works on your browser.

This web extension aim to founds credentials that are included in your request/response.

Secretlint WebExtension integrates to DevTools in Chrome/Firefox. This extension helps web developers to notice exposed credentials.

Rule Packages

Secretlint rules has been implemented as separated modules.

Also, Secretlint provide rule preset that includes recommened rule set.

Install & Use

Copyright (c) 2020 azu

More posts