Skip to content

feat: Redacted website + bilingual user manuals; migrate to HodeTech org#9

Merged
cemililik merged 7 commits into
mainfrom
feat/website-and-user-manuals
May 24, 2026
Merged

feat: Redacted website + bilingual user manuals; migrate to HodeTech org#9
cemililik merged 7 commits into
mainfrom
feat/website-and-user-manuals

Conversation

@cemililik

Copy link
Copy Markdown
Collaborator

Overview

Two related changes:

  1. Website + bilingual documentation — a new GitHub Pages site and a complete EN/TR user manual.
  2. Org migration — rename all cemililik references to the HodeTech organization.

1 · Website (site/) + manuals (docs/user-manuals/)

  • Vanilla HTML/CSS/JS, no build step, dark-only "Redacted" classified-dossier theme.
  • Landing page with an animated scan-reveal hero document, case-file table, six watch points, chain-of-custody pipeline, verification breakdown, output formats, and a redacted detector index.
  • Docs portal (docs.html): left nav, hash routing, search, Mermaid diagrams, right-hand "on this page" TOC with scroll-spy.
  • Contact page (contact.html): Formspree-backed form (honeypot, JS + no-JS) + GitHub channels.
  • Client-side EN/TR switching (js/translations.js + js/i18n.js).
  • 52 manual pages (26 EN + 26 TR) across 8 sections, written to match the actual CLI/behavior (no invented features; Slack = message-text only, entropy display-only, --exclude only on scan fs, etc.).
  • Build tool tools/site-build (isolated Go module, goldmark) compiles Markdown → site/js/manuals/*.js.
  • .github/workflows/site-deploy.yml recompiles and deploys site/ to Pages.

2 · HodeTech migration

  • Go module github.com/cemililik/leakwatchgithub.com/HodeTech/leakwatch (go.mod + all imports).
  • Web URLs → github.com/HodeTech/Leakwatch.
  • Container image → ghcr.io/hodetech/leakwatch (GHCR requires lowercase).
  • Homebrew tap → HodeTech/tap; GitHub Action → HodeTech/leakwatch-action.
  • .goreleaser.yml, Formula, action.yml, sonar-project.properties (org hodetech), vscode/package.json (publisher HodeTech).

Verification

  • go build ./... ✓ · go vet ./... ✓ · detector + cmd tests ✓
  • Manuals compile (26 EN + 26 TR); all cross-links resolve; rendering verified (EN/TR, docs, contact).

Follow-ups for the maintainer

  • Set the Formspree form ID in contact.html (YOUR_FORM_ID).
  • Enable Pages: Settings → Pages → Source: GitHub Actions.
  • Create companion repos under the org: HodeTech/homebrew-tap, HodeTech/leakwatch-action.
  • Verify SonarCloud org/projectKey and VS Code publisher match the new org setup.

Notes

  • docs/05-ROADMAP.md keeps one historical cemililik_Leakwatch SonarCloud reference (dated record, intentionally left).
  • Concept prototypes (site-concepts/) are left on disk but untracked — not included in this PR. Say the word to add or delete them.

🤖 Generated with Claude Code

cemililik and others added 6 commits May 23, 2026 20:44
Move the project to the HodeTech organization:

- Go module github.com/cemililik/leakwatch -> github.com/HodeTech/leakwatch
  (go.mod + all internal imports / blank imports)
- Web URLs -> github.com/HodeTech/Leakwatch (README, CLAUDE.md, CONTRIBUTING,
  CODE_OF_CONDUCT, docs/guides, architecture, ROADMAP)
- Container image -> ghcr.io/hodetech/leakwatch (GHCR requires lowercase)
- Homebrew tap -> HodeTech/tap (+ HodeTech/homebrew-tap)
- GitHub Action -> HodeTech/leakwatch-action; action author -> HodeTech
- .goreleaser.yml, Formula/leakwatch.rb, sonar-project.properties (org=hodetech),
  vscode/package.json (publisher=HodeTech)

go build ./... , go vet ./... and detector+cmd tests pass.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Add a GitHub Pages site and a complete bilingual user manual.

Site (site/): vanilla HTML/CSS/JS, no build step, dark-only "Redacted"
classified-dossier theme. Landing page with an animated scan-reveal hero,
a docs portal (left nav, hash routing, search, Mermaid diagrams, right-hand
on-this-page TOC), and a Formspree-backed contact page. Client-side EN/TR
language switching (js/translations.js + js/i18n.js).

Manuals (docs/user-manuals/): 52 pages (26 EN + 26 TR) across 8 sections,
driven by _meta.yaml and written to match the actual CLI/behavior.

Tooling: tools/site-build (isolated Go module, goldmark) compiles the
Markdown manuals into site/js/manuals/*.js. .github/workflows/site-deploy.yml
recompiles and deploys site/ to GitHub Pages.

Note: contact.html posts to Formspree; replace YOUR_FORM_ID with a real form ID.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Address SonarCloud findings on the website:

- site-deploy.yml: move GITHUB_TOKEN permissions from workflow level to the
  jobs that need them (build: contents:read; deploy: pages:write, id-token:write)
  and drop the unused configure-pages step (least privilege).
- Self-host JetBrains Mono + Space Grotesk (latin + latin-ext) under
  site/assets/fonts with css/fonts.css; remove the Google Fonts <link>s and
  preconnects from index/docs/contact. No third-party requests, no missing-SRI
  hotspot, and the site works offline. latin-ext keeps Turkish glyphs correct.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Two internal links pointed at non-existent pages (caught by gemini-code-assist):

- how-it-works (EN+TR): #/configuration/custom-rules -> #/detectors/custom-rules
- installation (EN+TR): #/guides/docker -> #/ci-cd/docker-usage

Regenerated the compiled manual bags. All 278 #/section/page cross-links now
resolve against _meta.yaml.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Add a /playground page where visitors paste text and run Leakwatch's real
detection patterns entirely client-side — nothing is uploaded.

- Patterns are auto-extracted from internal/detector by tools/site-build
  (go/ast -> site/js/detectors.js); Go RE2 ports cleanly to JS regex.
- js/scanner.js applies the keyword pre-filter + regex + Shannon entropy,
  with a min-match-length guard (kills context-gate noise) and a 64 KB cap.
- 62 of 63 detectors run in the browser (entropy-gated generic and runtime
  custom rules stay CLI-only). Honest 'preview, not verified' framing.
- Bilingual (EN/TR); reachable via the nav 'Try it' link and the hero/nav
  'Run scan' buttons (now link to the playground).

Also: hero CTA 'Read the dossier' -> 'Read the docs'; replace the empty
redaction boxes in the detector index with real redacted detector names
that reveal on hover (+ count fixed to 44).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@qodo-code-review

Copy link
Copy Markdown

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, we are unable to review this pull request

The GitHub API does not allow us to fetch diffs exceeding 300 files, and this pull request has 390

@coderabbitai

coderabbitai Bot commented May 24, 2026

Copy link
Copy Markdown

Important

Review skipped

Too many files!

This PR contains 300 files, which is 150 over the limit of 150.

To get a review, narrow the scope:
• coderabbit review --type committed # exclude uncommitted changes
• coderabbit review --dir # limit to a subdirectory
• coderabbit review --base # compare against a closer base

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a9b4fbe0-8ce3-4461-843f-495801a9a122

📥 Commits

Reviewing files that changed from the base of the PR and between b0d849e and e01fe13.

📒 Files selected for processing (300)
  • .github/ISSUE_TEMPLATE/config.yml
  • .github/workflows/site-deploy.yml
  • .goreleaser.yml
  • CLAUDE.md
  • CODE_OF_CONDUCT.md
  • CONTRIBUTING.md
  • Formula/leakwatch.rb
  • README.md
  • action/action.yml
  • cmd/imports.go
  • cmd/init.go
  • cmd/scan_common.go
  • cmd/scan_common_test.go
  • cmd/scan_fs.go
  • cmd/scan_gcs.go
  • cmd/scan_git.go
  • cmd/scan_image.go
  • cmd/scan_repos.go
  • cmd/scan_s3.go
  • cmd/scan_slack.go
  • docs/architecture/03-ARCHITECTURE.md
  • docs/architecture/05-VERIFIER-ANALYSIS.md
  • docs/guides/ci-cd-integration.md
  • docs/guides/container-scanning.md
  • docs/guides/docker-usage.md
  • docs/guides/getting-started.md
  • docs/guides/git-scanning.md
  • docs/guides/slack-scanning.md
  • docs/guides/vscode-extension.md
  • docs/standards/02-RELEASE-STANDARDS.md
  • docs/user-manuals/_meta.yaml
  • docs/user-manuals/en/ci-cd/docker-usage.md
  • docs/user-manuals/en/ci-cd/github-action.md
  • docs/user-manuals/en/ci-cd/other-ci.md
  • docs/user-manuals/en/ci-cd/pre-commit.md
  • docs/user-manuals/en/configuration/config-file.md
  • docs/user-manuals/en/configuration/ignoring-findings.md
  • docs/user-manuals/en/configuration/severity-and-filtering.md
  • docs/user-manuals/en/detectors/custom-rules.md
  • docs/user-manuals/en/detectors/detector-catalog.md
  • docs/user-manuals/en/getting-started/how-it-works.md
  • docs/user-manuals/en/getting-started/installation.md
  • docs/user-manuals/en/getting-started/introduction.md
  • docs/user-manuals/en/getting-started/quick-start.md
  • docs/user-manuals/en/output/output-formats.md
  • docs/user-manuals/en/output/remediation.md
  • docs/user-manuals/en/reference/cli-reference.md
  • docs/user-manuals/en/reference/environment-variables.md
  • docs/user-manuals/en/reference/exit-codes.md
  • docs/user-manuals/en/scanning/cloud-storage.md
  • docs/user-manuals/en/scanning/container-images.md
  • docs/user-manuals/en/scanning/filesystem.md
  • docs/user-manuals/en/scanning/git-history.md
  • docs/user-manuals/en/scanning/multiple-repos.md
  • docs/user-manuals/en/scanning/slack.md
  • docs/user-manuals/en/verification/how-verification-works.md
  • docs/user-manuals/en/verification/verification-coverage.md
  • docs/user-manuals/tr/ci-cd/docker-usage.md
  • docs/user-manuals/tr/ci-cd/github-action.md
  • docs/user-manuals/tr/ci-cd/other-ci.md
  • docs/user-manuals/tr/ci-cd/pre-commit.md
  • docs/user-manuals/tr/configuration/config-file.md
  • docs/user-manuals/tr/configuration/ignoring-findings.md
  • docs/user-manuals/tr/configuration/severity-and-filtering.md
  • docs/user-manuals/tr/detectors/custom-rules.md
  • docs/user-manuals/tr/detectors/detector-catalog.md
  • docs/user-manuals/tr/getting-started/how-it-works.md
  • docs/user-manuals/tr/getting-started/installation.md
  • docs/user-manuals/tr/getting-started/introduction.md
  • docs/user-manuals/tr/getting-started/quick-start.md
  • docs/user-manuals/tr/output/output-formats.md
  • docs/user-manuals/tr/output/remediation.md
  • docs/user-manuals/tr/reference/cli-reference.md
  • docs/user-manuals/tr/reference/environment-variables.md
  • docs/user-manuals/tr/reference/exit-codes.md
  • docs/user-manuals/tr/scanning/cloud-storage.md
  • docs/user-manuals/tr/scanning/container-images.md
  • docs/user-manuals/tr/scanning/filesystem.md
  • docs/user-manuals/tr/scanning/git-history.md
  • docs/user-manuals/tr/scanning/multiple-repos.md
  • docs/user-manuals/tr/scanning/slack.md
  • docs/user-manuals/tr/verification/how-verification-works.md
  • docs/user-manuals/tr/verification/verification-coverage.md
  • go.mod
  • internal/config/config.go
  • internal/detector/airtable/airtable_token.go
  • internal/detector/airtable/airtable_token_test.go
  • internal/detector/anthropic/anthropic_key.go
  • internal/detector/anthropic/anthropic_key_test.go
  • internal/detector/auth0/auth0_token.go
  • internal/detector/auth0/auth0_token_test.go
  • internal/detector/aws/aws_access_key.go
  • internal/detector/aws/aws_access_key_test.go
  • internal/detector/azure/azure_entra.go
  • internal/detector/azure/azure_entra_test.go
  • internal/detector/azure/azure_storage.go
  • internal/detector/azure/azure_storage_test.go
  • internal/detector/bitbucket/bitbucket_password.go
  • internal/detector/bitbucket/bitbucket_password_test.go
  • internal/detector/circleci/circleci_token.go
  • internal/detector/circleci/circleci_token_test.go
  • internal/detector/cloudflare/cloudflare_token.go
  • internal/detector/cloudflare/cloudflare_token_test.go
  • internal/detector/coinbase/coinbase_key.go
  • internal/detector/coinbase/coinbase_key_test.go
  • internal/detector/custom/custom_rule.go
  • internal/detector/custom/custom_rule_test.go
  • internal/detector/databricks/databricks_token.go
  • internal/detector/databricks/databricks_token_test.go
  • internal/detector/datadog/datadog_key.go
  • internal/detector/datadog/datadog_key_test.go
  • internal/detector/dbconn/connection_string.go
  • internal/detector/dbconn/connection_string_test.go
  • internal/detector/deepseek/deepseek_key.go
  • internal/detector/deepseek/deepseek_key_test.go
  • internal/detector/detector.go
  • internal/detector/digitalocean/digitalocean_token.go
  • internal/detector/digitalocean/digitalocean_token_test.go
  • internal/detector/discord/discord_token.go
  • internal/detector/discord/discord_token_test.go
  • internal/detector/dockerhub/dockerhub_token.go
  • internal/detector/dockerhub/dockerhub_token_test.go
  • internal/detector/doppler/doppler_token.go
  • internal/detector/doppler/doppler_token_test.go
  • internal/detector/figma/figma_token.go
  • internal/detector/figma/figma_token_test.go
  • internal/detector/ftp/ftp_cred.go
  • internal/detector/ftp/ftp_cred_test.go
  • internal/detector/gcp/gcp_service_account.go
  • internal/detector/gcp/gcp_service_account_test.go
  • internal/detector/generic/generic_api_key.go
  • internal/detector/generic/generic_api_key_test.go
  • internal/detector/github/github_oauth.go
  • internal/detector/github/github_oauth_test.go
  • internal/detector/github/github_token.go
  • internal/detector/github/github_token_test.go
  • internal/detector/gitlab/gitlab_token.go
  • internal/detector/gitlab/gitlab_token_test.go
  • internal/detector/grafana/grafana_key.go
  • internal/detector/grafana/grafana_key_test.go
  • internal/detector/heroku/heroku_key.go
  • internal/detector/heroku/heroku_key_test.go
  • internal/detector/huggingface/huggingface_token.go
  • internal/detector/huggingface/huggingface_token_test.go
  • internal/detector/infura/infura_key.go
  • internal/detector/infura/infura_key_test.go
  • internal/detector/jwt/jwt.go
  • internal/detector/jwt/jwt_test.go
  • internal/detector/launchdarkly/launchdarkly_key.go
  • internal/detector/launchdarkly/launchdarkly_key_test.go
  • internal/detector/ldap/ldap_cred.go
  • internal/detector/ldap/ldap_cred_test.go
  • internal/detector/linear/linear_key.go
  • internal/detector/linear/linear_key_test.go
  • internal/detector/mailgun/mailgun_key.go
  • internal/detector/mailgun/mailgun_key_test.go
  • internal/detector/newrelic/newrelic_key.go
  • internal/detector/newrelic/newrelic_key_test.go
  • internal/detector/notion/notion_token.go
  • internal/detector/notion/notion_token_test.go
  • internal/detector/npm/npm_token.go
  • internal/detector/npm/npm_token_test.go
  • internal/detector/okta/okta_token.go
  • internal/detector/okta/okta_token_test.go
  • internal/detector/openai/openai_key.go
  • internal/detector/openai/openai_key_test.go
  • internal/detector/pagerduty/pagerduty_key.go
  • internal/detector/pagerduty/pagerduty_key_test.go
  • internal/detector/postmark/postmark_token.go
  • internal/detector/postmark/postmark_token_test.go
  • internal/detector/privatekey/private_key.go
  • internal/detector/privatekey/private_key_test.go
  • internal/detector/pypi/pypi_token.go
  • internal/detector/pypi/pypi_token_test.go
  • internal/detector/rabbitmq/rabbitmq_conn.go
  • internal/detector/rabbitmq/rabbitmq_conn_test.go
  • internal/detector/redis/redis_conn.go
  • internal/detector/redis/redis_conn_test.go
  • internal/detector/registry_count_test.go
  • internal/detector/registry_test.go
  • internal/detector/rubygems/rubygems_key.go
  • internal/detector/rubygems/rubygems_key_test.go
  • internal/detector/sendgrid/sendgrid_key.go
  • internal/detector/sendgrid/sendgrid_key_test.go
  • internal/detector/sentry/sentry_token.go
  • internal/detector/sentry/sentry_token_test.go
  • internal/detector/shopify/shopify_token.go
  • internal/detector/shopify/shopify_token_test.go
  • internal/detector/slack/slack_test.go
  • internal/detector/slack/slack_token.go
  • internal/detector/slack/slack_webhook.go
  • internal/detector/snowflake/snowflake_cred.go
  • internal/detector/snowflake/snowflake_cred_test.go
  • internal/detector/snyk/snyk_key.go
  • internal/detector/snyk/snyk_key_test.go
  • internal/detector/sonarcloud/sonarcloud_token.go
  • internal/detector/sonarcloud/sonarcloud_token_test.go
  • internal/detector/stripe/stripe_key.go
  • internal/detector/stripe/stripe_key_test.go
  • internal/detector/supabase/supabase_key.go
  • internal/detector/supabase/supabase_key_test.go
  • internal/detector/teams/teams_webhook.go
  • internal/detector/teams/teams_webhook_test.go
  • internal/detector/telegram/telegram_matcher_test.go
  • internal/detector/telegram/telegram_token.go
  • internal/detector/telegram/telegram_token_test.go
  • internal/detector/terraform/terraform_token.go
  • internal/detector/terraform/terraform_token_test.go
  • internal/detector/testutil/testutil.go
  • internal/detector/twilio/twilio_key.go
  • internal/detector/twilio/twilio_key_test.go
  • internal/detector/vault/vault_token.go
  • internal/detector/vault/vault_token_test.go
  • internal/detector/vercel/vercel_token.go
  • internal/detector/vercel/vercel_token_test.go
  • internal/engine/engine.go
  • internal/engine/engine_test.go
  • internal/matcher/matcher.go
  • internal/matcher/matcher_test.go
  • internal/output/csv/csv_formatter.go
  • internal/output/csv/csv_formatter_test.go
  • internal/output/formatter.go
  • internal/output/json/json_formatter.go
  • internal/output/json/json_formatter_test.go
  • internal/output/sarif/sarif_formatter.go
  • internal/output/sarif/sarif_formatter_test.go
  • internal/output/table/table_formatter.go
  • internal/output/table/table_formatter_test.go
  • internal/remediation/guidance.go
  • internal/remediation/remediation.go
  • internal/remediation/remediation_test.go
  • internal/source/container/container.go
  • internal/source/container/container_test.go
  • internal/source/filesystem/filesystem.go
  • internal/source/gcs/gcs.go
  • internal/source/gcs/gcs_test.go
  • internal/source/git/git.go
  • internal/source/s3/s3.go
  • internal/source/s3/s3_test.go
  • internal/source/slack/slack.go
  • internal/source/source.go
  • internal/verifier/airtable/airtable_verifier.go
  • internal/verifier/airtable/airtable_verifier_test.go
  • internal/verifier/anthropic/anthropic_shared_test.go
  • internal/verifier/anthropic/anthropic_verifier.go
  • internal/verifier/anthropic/anthropic_verifier_test.go
  • internal/verifier/auth0/auth0_verifier.go
  • internal/verifier/auth0/auth0_verifier_test.go
  • internal/verifier/aws/aws_verifier.go
  • internal/verifier/aws/aws_verifier_test.go
  • internal/verifier/azure/azure_entra_verifier.go
  • internal/verifier/azure/azure_entra_verifier_test.go
  • internal/verifier/azure/azure_storage_verifier.go
  • internal/verifier/azure/azure_storage_verifier_test.go
  • internal/verifier/bitbucket/bitbucket_verifier.go
  • internal/verifier/bitbucket/bitbucket_verifier_test.go
  • internal/verifier/circleci/circleci_shared_test.go
  • internal/verifier/circleci/circleci_verifier.go
  • internal/verifier/circleci/circleci_verifier_test.go
  • internal/verifier/cloudflare/cloudflare_verifier.go
  • internal/verifier/cloudflare/cloudflare_verifier_test.go
  • internal/verifier/coinbase/coinbase_verifier.go
  • internal/verifier/coinbase/coinbase_verifier_test.go
  • internal/verifier/databricks/databricks_verifier.go
  • internal/verifier/databricks/databricks_verifier_test.go
  • internal/verifier/datadog/datadog_shared_test.go
  • internal/verifier/datadog/datadog_verifier.go
  • internal/verifier/datadog/datadog_verifier_test.go
  • internal/verifier/deepseek/deepseek_verifier.go
  • internal/verifier/deepseek/deepseek_verifier_test.go
  • internal/verifier/digitalocean/digitalocean_verifier.go
  • internal/verifier/digitalocean/digitalocean_verifier_test.go
  • internal/verifier/discord/discord_verifier.go
  • internal/verifier/discord/discord_verifier_test.go
  • internal/verifier/dockerhub/dockerhub_verifier.go
  • internal/verifier/dockerhub/dockerhub_verifier_test.go
  • internal/verifier/doppler/doppler_verifier.go
  • internal/verifier/doppler/doppler_verifier_test.go
  • internal/verifier/engine.go
  • internal/verifier/engine_test.go
  • internal/verifier/figma/figma_verifier.go
  • internal/verifier/figma/figma_verifier_test.go
  • internal/verifier/gcp/gcp_verifier.go
  • internal/verifier/gcp/gcp_verifier_test.go
  • internal/verifier/github/github_oauth_verifier.go
  • internal/verifier/github/github_oauth_verifier_test.go
  • internal/verifier/github/github_shared_test.go
  • internal/verifier/github/github_verifier.go
  • internal/verifier/github/github_verifier_test.go
  • internal/verifier/gitlab/gitlab_shared_test.go
  • internal/verifier/gitlab/gitlab_verifier.go
  • internal/verifier/gitlab/gitlab_verifier_test.go
  • internal/verifier/grafana/grafana_verifier.go
  • internal/verifier/grafana/grafana_verifier_test.go
  • internal/verifier/heroku/heroku_verifier.go
  • internal/verifier/heroku/heroku_verifier_test.go
  • internal/verifier/huggingface/huggingface_verifier.go
  • internal/verifier/huggingface/huggingface_verifier_test.go
  • internal/verifier/infura/infura_verifier.go
  • internal/verifier/infura/infura_verifier_test.go

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/website-and-user-manuals

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@codacy-production

codacy-production Bot commented May 24, 2026

Copy link
Copy Markdown

Not up to standards ⛔

🔴 Issues 100 medium

Alerts:
⚠ 100 issues (≤ 0 issues of at least minor severity)

Results:
100 new issues

Category Results
ErrorProne 100 medium

View in Codacy

🟢 Metrics 226 complexity · 0 duplication

Metric Results
Complexity 226
Duplication 0

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request migrates the project repository and module path from cemililik/Leakwatch to HodeTech/Leakwatch, involving updates to go.mod, internal imports, and various configuration files. It also introduces a comprehensive set of user manuals in both English and Turkish. Review feedback correctly identifies several broken internal links within the new documentation where pages were referenced under incorrect sections, specifically for custom rules and Docker usage guides, and provides actionable suggestions to fix them in both language versions.

- A **redacted** representation safe for output.
- Optional extra metadata (e.g. account ID for an AWS key).

Leakwatch ships **63 built-in detectors** across 60 packages, covering cloud providers, AI APIs, payment platforms, databases, messaging tools, version control, and more. You can add your own patterns via [custom YAML rules](#/configuration/custom-rules).

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The link to custom rules is incorrect. According to the structure defined in _meta.yaml, the custom-rules page is located under the detectors section, not configuration.

Suggested change
Leakwatch ships **63 built-in detectors** across 60 packages, covering cloud providers, AI APIs, payment platforms, databases, messaging tools, version control, and more. You can add your own patterns via [custom YAML rules](#/configuration/custom-rules).
Leakwatch ships **63 built-in detectors** across 60 packages, covering cloud providers, AI APIs, payment platforms, databases, messaging tools, version control, and more. You can add your own patterns via [custom YAML rules](#/detectors/custom-rules).

- [How Verification Works](#/verification/how-verification-works)
- [Configuration File](#/configuration/config-file)
- [CLI Reference](#/reference/cli-reference)
- [Custom Rules](#/configuration/custom-rules)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The link to custom rules in the 'See also' section is incorrect. It should point to the detectors section.

Suggested change
- [Custom Rules](#/configuration/custom-rules)
- [Custom Rules](#/detectors/custom-rules)


:::tip
For Docker-specific usage patterns, including scanning remote Git repositories and passing credentials securely, see [Using Docker](#/guides/docker).
:::

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The link to the Docker guide is incorrect. The docker-usage page is located under the ci-cd section, and there is no guides section in the documentation structure.

Suggested change
:::
For Docker-specific usage patterns, including scanning remote Git repositories and passing credentials securely, see [Using Docker](#/ci-cd/docker-usage).

## See also

- [Quick Start](#/getting-started/quick-start)
- [Using Docker](#/guides/docker)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The link to the Docker guide in the 'See also' section is incorrect. It should point to #/ci-cd/docker-usage.

Suggested change
- [Using Docker](#/guides/docker)
- [Using Docker](#/ci-cd/docker-usage)


Leakwatch pulls the image manifest, iterates over each layer in order, and extracts the files within each layer. Each file's content is run through the same detection pipeline as a filesystem scan. Path exclusions from `filter.exclude-paths` in `.leakwatch.yaml` apply here, limiting which file paths inside layers are examined.

## Flags

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The link to the Docker guide is incorrect. It should point to the docker-usage page under the ci-cd section.

Suggested change
## Flags
For Docker-specific usage patterns, including scanning remote Git repositories and passing credentials securely, see [Using Docker](#/ci-cd/docker-usage).

- Çıktı için güvenli olan **maskelenmiş** bir gösterim.
- İsteğe bağlı ek meta veri (örneğin bir AWS anahtarı için hesap kimliği).

Leakwatch, 60 paket genelinde **63 yerleşik dedektör** ile birlikte gelir; bulut sağlayıcılarını, yapay zekâ API'lerini, ödeme platformlarını, veritabanlarını, mesajlaşma araçlarını, sürüm kontrolünü ve daha fazlasını kapsar. [Özel YAML kuralları](#/configuration/custom-rules) aracılığıyla kendi desenlerinizi ekleyebilirsiniz.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Özel kurallar bağlantısı hatalı. _meta.yaml dosyasındaki yapıya göre custom-rules sayfası configuration değil detectors bölümü altındadır.

Suggested change
Leakwatch, 60 paket genelinde **63 yerleşik dedektör** ile birlikte gelir; bulut sağlayıcılarını, yapay zekâ API'lerini, ödeme platformlarını, veritabanlarını, mesajlaşma araçlarını, sürüm kontrolünü ve daha fazlasını kapsar. [Özel YAML kuralları](#/configuration/custom-rules) aracılığıyla kendi desenlerinizi ekleyebilirsiniz.
Leakwatch, 60 paket genelinde **63 yerleşik dedektör** ile birlikte gelir; bulut sağlayıcılarını, yapay zekâ API'lerini, ödeme platformlarını, veritabanlarını, mesajlaşma araçlarını, sürüm kontrolünü ve daha fazlasını kapsar. [Özel YAML kuralları](#/detectors/custom-rules) aracılığıyla kendi desenlerinizi ekleyebilirsiniz.

- [Doğrulama Nasıl Çalışır](#/verification/how-verification-works)
- [Yapılandırma Dosyası](#/configuration/config-file)
- [CLI Referansı](#/reference/cli-reference)
- [Özel Kurallar](#/configuration/custom-rules)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

'Ayrıca bakın' bölümündeki özel kurallar bağlantısı hatalı. detectors bölümüne işaret etmelidir.

Suggested change
- [Özel Kurallar](#/configuration/custom-rules)
- [Özel Kurallar](#/detectors/custom-rules)


:::tip
Uzak Git depolarını tarama ve kimlik bilgilerini güvenli biçimde geçirme dahil Docker'a özgü kullanım kalıpları için [Docker Kullanımı](#/guides/docker) sayfasına bakın.
:::

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Docker rehberi bağlantısı hatalı. docker-usage sayfası ci-cd bölümü altındadır ve dokümantasyon yapısında guides bölümü bulunmamaktadır.

Suggested change
:::
Uzak Git depolarını tarama ve kimlik bilgilerini güvenli biçimde geçirme dahil Docker'a özgü kullanım kalıpları için [Docker Kullanımı](#/ci-cd/docker-usage) sayfasına bakın.

## Ayrıca bakın

- [Hızlı Başlangıç](#/getting-started/quick-start)
- [Docker Kullanımı](#/guides/docker)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

'Ayrıca bakın' bölümündeki Docker rehberi bağlantısı hatalı. #/ci-cd/docker-usage adresine işaret etmelidir.

Suggested change
- [Docker Kullanımı](#/guides/docker)
- [Docker Kullanımı](#/ci-cd/docker-usage)


Leakwatch imaj manifestini çeker, her katmanı sırayla işler ve her katmandaki dosyaları çıkarır. Her dosyanın içeriği, dosya sistemi taramasıyla aynı tespit hattından geçirilir. `.leakwatch.yaml` içindeki `filter.exclude-paths` yol dışlamaları burada da geçerlidir ve katmanlar içinde hangi dosya yollarının inceleneceğini sınırlar.

## Bayraklar

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Docker rehberi bağlantısı hatalı. ci-cd bölümü altındaki docker-usage sayfasına işaret etmelidir.

Suggested change
## Bayraklar
Uzak Git depolarını tarama ve kimlik bilgilerini güvenli biçimde geçirme dahil Docker'a özgü kullanım kalıpları için [Docker Kullanımı](#/ci-cd/docker-usage) sayfasına bakın.

- Delegate the redaction hover-peek from document instead of binding
  per-node, so it survives i18n re-renders that replace nodes via
  innerHTML on a language switch (the headline word stopped revealing
  after switching languages).
- Replace the now-redundant 'hover a redaction to reveal it' hint with
  the concept line (the hero animation already reveals the secrets).
- Add 'maintained by HodeTech' attribution to the footer tagline,
  copyright, and hero eyebrow (EN + TR, across index/contact/playground).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@sonarqubecloud

Copy link
Copy Markdown

Quality Gate Failed Quality Gate failed

Failed conditions
29.4% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

@cemililik cemililik merged commit d35f4bd into main May 24, 2026
4 of 6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant