v0.5.2 - SECURITY CHECK
Added
codedna security-check - Pre-release security scanner that catches:
- Personal machine paths in code/README (e.g. /Users/yourname/)
- Tracked secrets (.npmrc, .env* in git)
- Secret patterns (npm, GitHub PAT, OpenAI, Anthropic, PyPI, generic API keys)
- Missing .gitignore rules for sensitive files
Usage
codedna security-check # scan cwd
codedna security-check --path /path/to/repo
codedna security-check --strict # exit 1 on warnings tooOutput
- 4 categories: Personal Path, Tracked Secret, Secret Pattern, .gitignore
- Legacy CLI aesthetic (bold headers, emoji markers, summary panel)
- Critical response: exit 1 on personal paths, tracked secrets, or missing .env rules
Install
pip install --upgrade codedna
# or
uv tool install --force 'codedna==0.5.2'