{"id":19855,"library":"eslint-plugin-no-secrets","title":"eslint-plugin-no-secrets","description":"An ESLint plugin that provides a single rule (`no-secrets`) to detect potential secrets, API keys, tokens, or other sensitive data hardcoded in source code. Version 2.3.3 (stable, maintained as of early 2025) supports Node >=18 and npm >=8. It uses a configurable regex-based pattern matching approach, with a default set of patterns for common secret formats (e.g., AWS keys, GitHub tokens, private keys). Unlike generic secret scanners, it integrates directly into ESLint workflows and supports per-file ignore lists via inline comments. The rule can be tuned by adding custom patterns or adjusting entropy thresholds. Ships TypeScript definitions.","status":"active","version":"2.3.3","language":"javascript","source_language":"en","source_url":"https://github.com/nickdeis/eslint-plugin-no-secrets","tags":["javascript","eslint","eslint-plugin","security","secure","secrets","lint","eslintplugin","typescript"],"install":[{"cmd":"npm install eslint-plugin-no-secrets","lang":"bash","label":"npm"},{"cmd":"yarn add eslint-plugin-no-secrets","lang":"bash","label":"yarn"},{"cmd":"pnpm add eslint-plugin-no-secrets","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"peer dependency; plugin runs as an ESLint rule","package":"eslint","optional":false}],"imports":[{"note":"ESM module; default export is the plugin object. Require still works for CommonJS projects using dynamic import or bundler interop, but direct CJS require may not work in Node ESM-only environments.","wrong":"const noSecrets = require('eslint-plugin-no-secrets');","symbol":"default","correct":"import noSecrets from 'eslint-plugin-no-secrets';"},{"note":"Named export for accessing the rule map. CJS require is available but discouraged in ESM projects.","wrong":"const { rules } = require('eslint-plugin-no-secrets');","symbol":"rules","correct":"import { rules } from 'eslint-plugin-no-secrets';"},{"note":"Named export for preset configurations (e.g., configs.recommended). Available as named export from package root.","wrong":"","symbol":"configs","correct":"import { configs } from 'eslint-plugin-no-secrets';"}],"quickstart":{"code":"// .eslintrc.js (ESM)\nexport default {\n  plugins: {\n    'no-secrets': (await import('eslint-plugin-no-secrets')).default\n  },\n  rules: {\n    'no-secrets/no-secrets': 'error',\n  },\n};","lang":"javascript","description":"Shows how to enable the `no-secrets` plugin and rule in an ESLint flat config (ESM). Uses dynamic import because the plugin is ESM by default."},"warnings":[{"fix":"Tune patterns per project, add violations to ignore list via inline comment `// eslint-disable-next-line no-secrets/no-secrets` or configure `ignore` option in rule settings.","message":"Rule may flag false positives for non-secret strings that match regex patterns (e.g., '12345' as an API key).","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Adjust `entropy` option threshold or add `ignore` patterns to exclude known non-secrets.","message":"High-entropy detection can mark random-looking strings (e.g., UUIDs) as secrets.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Upgrade ESLint to version 5 or later.","message":"Plugin requires ESLint >=5; older ESLint versions will not work.","severity":"gotcha","affected_versions":">=2.0.0"},{"fix":"Upgrade Node to >=18 and npm to >=8.","message":"Version 2.0.0 dropped support for Node <18 and npm <8. Breaking for projects on older runtimes.","severity":"breaking","affected_versions":"2.0.0 - 2.3.3"},{"fix":"Switch to flat config format with explicit plugin import and rules declaration.","message":"The old `.eslintrc`-style configuration using `extends: ['plugin:no-secrets/recommended']` is deprecated in favor of flat config.","severity":"deprecated","affected_versions":">=2.0.0"}],"env_vars":null,"last_verified":"2026-04-25T00:00:00.000Z","next_check":"2026-07-24T00:00:00.000Z","problems":[{"fix":"Run `npm install eslint-plugin-no-secrets --save-dev`.","cause":"Plugin not installed or not in node_modules.","error":"ESLint couldn't find the plugin \"eslint-plugin-no-secrets\"."},{"fix":"Add 'no-secrets' to plugins array in ESLint config.","cause":"Plugin not registered in ESLint config.","error":"Definition for rule 'no-secrets/no-secrets' was not found."},{"fix":"Use `await import('eslint-plugin-no-secrets')` or ensure the package is installed.","cause":"Missing or wrong import path in flat config.","error":"Cannot find module 'eslint-plugin-no-secrets'"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}