A violation against the SAP Open Source standards have been detected.
Rule: rl-secret_rotation
*Message: The following GitHub Actions secret has not been rotated within the last 12 months:
Recommended actions:
- Replace long-lived secrets with OIDC (OpenID Connect) tokens where possible
- For required static credentials (API keys, tokens), rotate them at least annually
- Review and remove any unused secrets*
Description: Checks if all GitHub Actions secrets have been rotated within the last 12 months. Long-lived secrets should be replaced with OIDC tokens where possible, and required static credentials must be rotated annually.
Documentation
A violation against the SAP Open Source standards have been detected.
Rule: rl-secret_rotation
*Message: The following GitHub Actions secret has not been rotated within the last 12 months:
Recommended actions:
Description: Checks if all GitHub Actions secrets have been rotated within the last 12 months. Long-lived secrets should be replaced with OIDC tokens where possible, and required static credentials must be rotated annually.
Documentation