You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Use reviewdog.yml in the root project to run reviewdog might be useful.
For now, we have to add -ci or -diff arg in accordance with the situation, so we cannot run lint easily both in local and CI server.
By using reviewdog conf file, we can run reviewdog $ reviewdog [-diff="git diff master"] or $ reviewdog -ci=droneio. It's really easy to run and easy to integrate with editor or commit hook.
Security
In CI server, reviewdog needs secret GitHub API token and attackers can create pull-request to get secret token if CI service is not secure.
Drone.io handles this problem with checksum of yml file, but if we introduce reviewdog conf file, checksum of drone.yml doesn't protect the secret token.
To handle this problem, reviewdog can store secret token in memory, remove secret env var, and run linter commands
The text was updated successfully, but these errors were encountered:
Use reviewdog.yml in the root project to run reviewdog might be useful.
For now, we have to add
-ci
or-diff
arg in accordance with the situation, so we cannot run lint easily both in local and CI server.By using reviewdog conf file, we can run reviewdog
$ reviewdog [-diff="git diff master"]
or$ reviewdog -ci=droneio
. It's really easy to run and easy to integrate with editor or commit hook.Security
In CI server, reviewdog needs secret GitHub API token and attackers can create pull-request to get secret token if CI service is not secure.
Drone.io handles this problem with checksum of yml file, but if we introduce reviewdog conf file, checksum of drone.yml doesn't protect the secret token.
To handle this problem, reviewdog can store secret token in memory, remove secret env var, and run linter commands
The text was updated successfully, but these errors were encountered: