Skip to main content

Coveralls Repository Token



  • Documentation:
  • Summary: Coveralls is a developments tool that helps monitoring code coverage. Results of tests and source code can be sent via an API using a dedicated token. This detector aims at catching those tokens.
  • IPs allowlist: This feature is not mentioned in the documentation.
  • Scopes: Tokens are linked to a single repository.

Revoke the secret#

Tokens can be regenerated from the repository page on Coveralls dashboard.

Check for suspicious activity#

This token is used to create builds. It is possible to see in the list of builds if there is any incoherent information.

Details for Coveralls token#

  • Family: Api

  • Category: Code analysis

  • Company: Coveralls

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 2.62

  • Prefixed: False

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - coveralls


- text: |    coveralls_repo_token=DEAmb5Pefef2TOqDvdt3f7HGWp3m9mGTD  apikey: DEAmb5Pefef2TOqDvdt3f7HGWp3m9mGTD