{"id":19858724,"url":"https://github.com/reviewdog/action-detect-secrets","last_synced_at":"2025-07-12T04:42:26.936Z","repository":{"id":37089870,"uuid":"347786515","full_name":"reviewdog/action-detect-secrets","owner":"reviewdog","description":"GitHub Action: Run detect-secrets with reviewdog","archived":false,"fork":false,"pushed_at":"2025-04-09T07:33:29.000Z","size":89,"stargazers_count":23,"open_issues_count":5,"forks_count":11,"subscribers_count":35,"default_branch":"master","last_synced_at":"2025-04-24T18:55:38.758Z","etag":null,"topics":["detect-secrets","github-actions","review","reviewdog","security"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/reviewdog.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["reviewdog"],"open_collective":"reviewdog","patreon":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2021-03-15T00:10:19.000Z","updated_at":"2025-03-18T18:34:05.000Z","dependencies_parsed_at":"2023-12-19T16:06:06.933Z","dependency_job_id":"b94ec993-df6d-4fb4-8c51-af02d7759de0","html_url":"https://github.com/reviewdog/action-detect-secrets","commit_stats":{"total_commits":32,"total_committers":6,"mean_commits":5.333333333333333,"dds":0.5,"last_synced_commit":"2c14c1ff638516f39eeb97a927f95d28d9dbb62d"},"previous_names":[],"tags_count":86,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reviewdog%2Faction-detect-secrets","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reviewdog%2Faction-detect-secrets/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reviewdog%2Faction-detect-secrets/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reviewdog%2Faction-detect-secrets/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/reviewdog","download_url":"https://codeload.github.com/reviewdog/action-detect-secrets/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251972475,"owners_count":21673612,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["detect-secrets","github-actions","review","reviewdog","security"],"created_at":"2024-11-12T14:24:19.197Z","updated_at":"2025-05-02T02:31:10.778Z","avatar_url":"https://github.com/reviewdog.png","language":"Python","funding_links":["https://github.com/sponsors/reviewdog","https://opencollective.com/reviewdog"],"categories":["Python"],"sub_categories":[],"readme":"# GitHub Action: Run detect-secrets with reviewdog\n\nThis action runs [detect-secrets](https://github.com/Yelp/detect-secrets) with\n[reviewdog](https://github.com/reviewdog/reviewdog) on pull requests to improve\ncode review experience.\n\n![detect-secrets-1](https://user-images.githubusercontent.com/3680861/112022952-6fcd7800-8b3b-11eb-8973-86a8a747d757.png)\n\n## Inputs\n\n### `github_token`\n\n**Required**. Must be in form of `github_token: ${{ secrets.github_token }}`'.\n\n### `workdir`\n\nOptional. The directory from which to look for and run detect-secrets. Default '.'\n\n### `filter_mode`\n\nOptional. Reviewdog filter mode [added, diff_context, file, nofilter]\nIt's the same as the `-filter-mode` flag of reviewdog.\n\n### `fail_level`\n\nOptional. If set to `none`, always use exit code 0 for reviewdog.\nOtherwise, exit code 1 for reviewdog if it finds at least 1 issue with severity greater than or equal to the given level.\nPossible values: [`none`, `any`, `info`, `warning`, `error`]\nDefault is `none`.\n\n### `fail_on_error`\n\nDeprecated, use `fail_level` instead.\nWhether reviewdog should fail when errors are found. [true,false]\nThis is useful for failing CI builds in addition to adding comments when errors are found.\nIt's the same as the `-fail-on-error` flag of reviewdog.\n\n### `level`\n\nOptional. Report level for reviewdog [info,warning,error].\nIt's same as `-level` flag of reviewdog.\n\n### `reporter`\n\nReporter of reviewdog command [github-pr-check,github-pr-review,github-check].\nDefault is github-pr-check.\ngithub-pr-review can use Markdown and add a link to rule page in reviewdog reports.\n\n### `reviewdog_flags`\n\nOptional. Additional reviewdog flags.\n\n### `detect_secrets_flags`\n\nOptional. Flags and args of detect-secrets command. The default is `--all-files --force-use-all-plugins`. \nThis can be used to [exclude paths, secrets or lines to ignore false positives](https://github.com/Yelp/detect-secrets?tab=readme-ov-file#filters).\n\n### `baseline_path`\n\nOptional. The path to provide to `--baseline` argument of detect-secrets command.\nIf provided, the baseline file will be updated with newly discovered secrets, otherwise it will be created.\nThe default is empty, so baseline created or overwritten.\n\n## Example usage\n\n### [.github/workflows/reviewdog.yml](.github/workflows/reviewdog.yml)\n\n```yml\nname: reviewdog\non: [pull_request]\njobs:\n  detect-secrets:\n    runs-on: ubuntu-latest\n    steps:\n    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2\n    - name: detect-secrets\n      uses: reviewdog/action-detect-secrets@bc63f9282b0cee5af6187043f8e79e80e7f6ffe3 # v0.28.3\n      with:\n        reporter: github-pr-review # Change reporter.\n```\n\n## Configuration\n\n### Preventing false positives\n\nSince the detect-secrets CLI can report false positives, it is likely you will have to configure it by using the `detect_secrets_flags` input to ignore any or use inline comments. There are [4 filtering options to ignore false positives](https://github.com/Yelp/detect-secrets?tab=readme-ov-file#filters):\n\n- [Excluding file paths](https://github.com/Yelp/detect-secrets?tab=readme-ov-file#--exclude-files)\n- [Excluding lines](https://github.com/Yelp/detect-secrets?tab=readme-ov-file#--exclude-lines)\n- [Excluding secrets](https://github.com/Yelp/detect-secrets?tab=readme-ov-file#--exclude-secrets)\n- [Inlining exclude comments](https://github.com/Yelp/detect-secrets?tab=readme-ov-file#inline-allowlisting-1)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Freviewdog%2Faction-detect-secrets","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Freviewdog%2Faction-detect-secrets","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Freviewdog%2Faction-detect-secrets/lists"}