Invisible Characters Check
The following rule type is available for detecting invisible characters in pull requests.
stacklok/invisible_characters_check
- Check for invisible characters in pull requests
For every pull request submitted to a repository, this rule will check if the pull request adds a new change patch with invisible characters. If it does, the rule will fail and the pull request will be commented on.
This detects and highlights the use of invisible characters that could potentially hide malicious code.
The characters classified as "invisible" can be found at https://invisible-characters.com/
For more information on the potential security implications, see https://www.usenix.org/system/files/usenixsecurity23-boucher.pdf
Entity
pull_request
Type
stacklok/invisible_characters_check
Rule parameters
The stacklok/invisible_characters_check
rule supports the following parameters:
- None
Rule definition options
The stacklok/invisible_characters_check
rule supports the following options:
- None