PackageCloud Token
Description
General
- Documentation: https://packagecloud.io/docs/api
- Summary: PackageCloud is a SaaS solution to manage all artifacts and packages in the same place. Developers can publish and download packages from various sources, for instance, Java, Python, Ruby, Node. PackageCloud provides both a CLI and an API to interact with repositories. An access token is an alternative to using username and password for authenticating to packagecloud.
- IPs allowlist:
- Scopes: PackageCloud has three types of tokens:
- API token: Can create master, read tokens, upload and download artifacts.
- Master token: Can create read tokens.
- Read token: Can read repositories metadata. At this time, only the API token detection is supported.
Revoke the secret
Access tokens can be revoked from PackageCloud's website, here.
Check for suspicious activity
This is not mentioned in the documentation.
Details for Packagecloud api token
-
Family: Api
-
Category: Package registry
-
Company: PackageCloud
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: True
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 0.25
-
Prefixed: False
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- packagecloud
Examples
- text: PACKAGECLOUD_TOKEN=f77c055cba2c7b77700fb436f3b8931142f7a0799913fe4f
apikey: f77c055cba2c7b77700fb436f3b8931142f7a0799913fe4f
- text: 'curl https://f77c055cba2c7b77700fb436f3b8931142f7a0799913fe4f:@packagecloud.io/api/v1/distributions.json'
apikey: f77c055cba2c7b77700fb436f3b8931142f7a0799913fe4f
- text: 'curl -u f77c055cba2c7b77700fb436f3b8931142f7a0799913fe4f: https://packagecloud.io/api/v1/distributions.json'
apikey: f77c055cba2c7b77700fb436f3b8931142f7a0799913fe4f
