ghsec

Crates.ioghsec
lib.rsghsec
version0.5.0
sourcesrc
created_at2023-12-27 23:56:03.26536
updated_at2023-12-27 23:56:03.26536
descriptionGitHub Security Linter
homepagehttps://vtavernier.github.io/ghsec/
repositoryhttps://github.com/vtavernier/ghsec.git
max_upload_size
id1081961
size90,817
Alixinne (alixinne)

documentation

README

ghsec

main

ghsec is an opinionated linter (with fixes) for public GitHub repository security. It helps diagnose and fix potential security issues caused by GitHub repository settings that are usually too open by default.

Installation

From source

cargo install --force --locked ghsec

With cargo-binstall

cargo binstall ghsec

Usage

You will need a personal access token with admin access level to your repositories. Currently, this tool has only been tested with classic tokens with the repo scope.

# Provide a GitHub personal access token with admin access to your repositories
export GITHUB_TOKEN=ghp_.....

# Run the checks
ghsec

# Run the checks and fix the issues, if possible
ghsec --fix

# You can also specify repositories to check using a unix-style glob
ghsec 'workflows-*'

Supported checks

License

This project is licensed under the MIT License.

Commit count: 36

cargo fmt