Invisible Characters Check

The following rule type is available for detecting invisible characters in pull requests.

`stacklok/invisible_characters_check` - Check for invisible characters in pull requests

For every pull request submitted to a repository, this rule will check if the pull request adds a new change patch with invisible characters. If it does, the rule will fail and the pull request will be commented on.

This detects and highlights the use of invisible characters that could potentially hide malicious code.

The characters classified as "invisible" can be found at https://invisible-characters.com/

For more information on the potential security implications, see https://www.usenix.org/system/files/usenixsecurity23-boucher.pdf

Entity

pull_request

Type

stacklok/invisible_characters_check

Rule parameters

The stacklok/invisible_characters_check rule supports the following parameters:

None

Rule definition options

The stacklok/invisible_characters_check rule supports the following options:

None

stacklok/invisible_characters_check - Check for invisible characters in pull requests​

Entity​

Type​

Rule parameters​

Rule definition options​

`stacklok/invisible_characters_check` - Check for invisible characters in pull requests

Entity

Type

Rule parameters

Rule definition options