Security
Security Check Feature
Repomix uses Secretlint to detect sensitive information in your files:
- API keys
- Access tokens
- Credentials
- Private keys
- Environment variables
Configuration
Security checks are enabled by default.
Disable via CLI:
bash
repomix --no-security-checkOr in repomix.config.json:
json
{
"security": {
"enableSecurityCheck": false
}
}Security Measures
- Binary File Handling: Binary file contents are excluded from output, but their paths are listed in the directory structure for complete repository overview
- Git-Aware: Respects
.gitignorepatterns - Automated Detection: Scans for common security issues:
- AWS credentials
- Database connection strings
- Authentication tokens
- Private keys
When Security Check Finds Issues
Example output:
bash
🔍 Security Check:
──────────────────
2 suspicious file(s) detected and excluded:
1. config/credentials.json
- Found AWS access key
2. .env.local
- Found database passwordBest Practices
- Always review output before sharing
- Use
.repomixignorefor sensitive paths - Keep security checks enabled
- Remove sensitive files from repository
Reporting Security Issues
Found a security vulnerability? Please:
- Do not open a public issue
- Email: koukun0120@gmail.com
- Or use GitHub Security Advisories