Coveralls Repository Token

Description

General

• Documentation: https://docs.coveralls.io/api-introduction
• Summary: Coveralls is a developments tool that helps monitoring code coverage. Results of tests and source code can be sent via an API using a dedicated token. This detector aims at catching those tokens.
• IPs allowlist: This feature is not mentioned in the documentation.
• Scopes: Tokens are linked to a single repository.

Revoke the secret

Tokens can be regenerated from the repository page on Coveralls dashboard.

Check for suspicious activity

This token is used to create builds. It is possible to see in the list of builds if there is any incoherent information.

Details for Coveralls token

• Family: Api

• Category: Code analysis

• Company: Coveralls

• High recall: False

• Validity check available: True

• On-premise instances exist: True

• Only valid secrets raise an alert: False

• Minimum number of matches: 1

• Occurrences found for one million commits: 0.5

• Prefixed: False

• PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - coveralls

Examples

- text: |
    coveralls_repo_token=DEAmb5Pefef2TOqDvdt3f7HGWp3m9mGTD
  apikey: DEAmb5Pefef2TOqDvdt3f7HGWp3m9mGTD