Добавлено правило для работы с gitea через токен
This commit is contained in:
24
.cursor/rules/gitea-token.mdc
Normal file
24
.cursor/rules/gitea-token.mdc
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
---
|
||||||
|
description: Safe use of Gitea API token
|
||||||
|
globs:
|
||||||
|
alwaysApply: true
|
||||||
|
---
|
||||||
|
|
||||||
|
Rule: Gitea API token access and usage
|
||||||
|
|
||||||
|
Source of token:
|
||||||
|
- Environment variable `GITEA_TOKEN` must be set in the shell/session.
|
||||||
|
|
||||||
|
Security:
|
||||||
|
- Never print the token value to chat, logs, diffs, or console output.
|
||||||
|
- Do not hardcode the token.
|
||||||
|
- Do not store the token unencrypted on disk. Prefer environment variables or a secret manager.
|
||||||
|
|
||||||
|
Setup:
|
||||||
|
- Ensure `GITEA_TOKEN` is set before use (e.g., via secure secret manager or manual export without echoing the value).
|
||||||
|
|
||||||
|
HTTP:
|
||||||
|
- Add header: `Authorization: token $GITEA_TOKEN`.
|
||||||
|
|
||||||
|
CLI/Scripts:
|
||||||
|
- Pass `GITEA_TOKEN` to commands/scripts without printing its value.
|
||||||
Reference in New Issue
Block a user