@secretlint/secretlint-rule-npm
v9.0.0
Published
A secretlint rule for npm.
Downloads
47,770
Readme
@secretlint/secretlint-rule-npm
A secretlint rule for npm.
Install
Install with npm:
npm install @secretlint/secretlint-rule-npm
Usage
Via .secretlintrc.json
(Recommended)
{
"rules": [
{
"id": "@secretlint/secretlint-rule-npm"
}
]
}
MessageIDs
PackageJSON_xOauthToken
found GitHub Token: {{TOKEN}}
Disallow to use https://<token>@github.com/owner/repo.git
in package.json
or package-lock.json
.
Often, https://<token>@github.com/owner/repo.git
is used for installing module from private repository.
If you want to use some module as private, please use private registry like npm, GitHub Package Registry, or Verdaccio.
Npmrc_authToken
found npmrc authToken: {{TOKEN}}
Disallow to include <registry>:_authToken=<TOKEN>
in .npmrc
.
The TOKEN
is credential data.
NPM_ACCESS_TOKEN
found npm access token: {{TOKEN}}
Disallow to include npm access token.
The TOKEN
is credential data.
Options
allows: string[]
- Allows a list of RegExp-like String
Changelog
See Releases page.
Running tests
Install devDependencies and Run npm test
:
npm test
Contributing
Pull requests and stars are always welcome.
For bugs and feature requests, please create an issue.
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request :D
Author
License
MIT © azu