Skip to content

v0.5.2 - SECURITY CHECK

Latest

Choose a tag to compare

@Gencayolgun Gencayolgun released this 24 Jun 22:21

v0.5.2 - SECURITY CHECK

Added

codedna security-check - Pre-release security scanner that catches:

  • Personal machine paths in code/README (e.g. /Users/yourname/)
  • Tracked secrets (.npmrc, .env* in git)
  • Secret patterns (npm, GitHub PAT, OpenAI, Anthropic, PyPI, generic API keys)
  • Missing .gitignore rules for sensitive files

Usage

codedna security-check             # scan cwd
codedna security-check --path /path/to/repo
codedna security-check --strict     # exit 1 on warnings too

Output

  • 4 categories: Personal Path, Tracked Secret, Secret Pattern, .gitignore
  • Legacy CLI aesthetic (bold headers, emoji markers, summary panel)
  • Critical response: exit 1 on personal paths, tracked secrets, or missing .env rules

Install

pip install --upgrade codedna
# or
uv tool install --force 'codedna==0.5.2'