checklist.day

eslint-plugin-no-secrets

JSON →
library 2.3.3 ·javascript
verified May 27, 2026
auth-securitytestingtype-stubs

An ESLint plugin that provides a single rule (`no-secrets`) to detect potential secrets, API keys, tokens, or other sensitive data hardcoded in source code. Version 2.3.3 (stable, maintained as of early 2025) supports Node >=18 and npm >=8. It uses a configurable regex-based pattern matching approach, with a default set of patterns for common secret formats (e.g., AWS keys, GitHub tokens, private keys). Unlike generic secret scanners, it integrates directly into ESLint workflows and supports per-file ignore lists via inline comments. The rule can be tuned by adding custom patterns or adjusting entropy thresholds. Ships TypeScript definitions.

Traffic · last 30 days ↓65% vs prev 7d · indexed Sat Apr 25 · updated Tue Jun 09

total hits 27
actors 7 distinct systems
last hit 2d ago AhrefsBot
ByteDance
6
Amazonbot
4
MetaBot
4
GPTBot
2
Script
1
Search engines
1
Humans
6

top countries 🇺🇸 United States · 🇸🇬 Singapore · VN · 🇨🇦 Canada · 🇬🇧 United Kingdom

Resources

githubgithub.com/nickdeis/eslint-plugin-no-secrets ↗
packagewww.npmjs.com/package/eslint-plugin-no-secrets ↗

API endpoints

full doc /v1/registry/eslint-plugin-no-secrets
install /v1/registry/eslint-plugin-no-secrets/install
compatibility /v1/registry/eslint-plugin-no-secrets/compatibility