Skip to main content

Coveralls Personal Token



  • Documentation:
  • Summary: Coveralls is a developments tool that helps monitoring code coverage. Repositories on Coveralls can be managed via an API using a dedicated token. This detector aims at catching those tokens.
  • IPs allowlist: This feature is not mentioned in the documentation.
  • Scopes: All tokens have the same permissions.

Revoke the secret#

Tokens can be deleted or created from the user's account page.

Check for suspicious activity#

The web application shows a last used date for each token.

Details for Coveralls personal token#

  • Category: Development tool

  • Company: Coveralls

  • High recall: False

  • Validity check available: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.08

  • Prefixed: False

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - coveralls


- text: >    coveralls_token=QEAuo5Pufwd2TGqQiqt3a1HWWp3i9mRTFd4eS  apikey: QEAuo5Pufwd2TGqQiqt3a1HWWp3i9mRTFd4eS