Skip to main content

Coveralls Repository Token

Description#

General#

  • Documentation: https://docs.coveralls.io/api-introduction
  • Summary: Coveralls is a developments tool that helps monitoring code coverage. Results of tests and source code can be sent via an API using a dedicated token. This detector aims at catching those tokens.
  • IPs allowlist: This feature is not mentioned in the documentation.
  • Scopes: Tokens are linked to a single repository.

Revoke the secret#

Tokens can be regenerated from the repository page on Coveralls dashboard.

Check for suspicious activity#

This token is used to create builds. You can see in the list of builds if there is any incoherent information.

Details for Coveralls token#

  • Family: Api

  • Category: Code analysis

  • Company: Coveralls

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 2.62

  • Prefixed: False

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - coveralls

Examples#

- text: >    coveralls_repo_token=QEAuo5Pufwd2TGqQiqt3a1HWWp3i9mRTF  apikey: QEAuo5Pufwd2TGqQiqt3a1HWWp3i9mRTF