@circleci/mcp-server-circleci

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

>>> 1: const MAX_LENGTH = parseInt(process.env.MAX_MCP_OUTPUT_LENGTH ?? '', 10) || 50000;
    2: export const SEPARATOR = '\n<<<SEPARATOR>>>\n';
    3: /**

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    10:     }
    11:     if (outputDir.includes('%USERPROFILE%')) {
>>> 12:         const userProfile = process.env.USERPROFILE || os.homedir();
    13:         return outputDir.replace('%USERPROFILE%', userProfile);
    14:     }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    11: import { DeploysAPI } from './deploys.js';
    12: export const getBaseURL = (useAPISubdomain = false) => {
>>> 13:     let baseURL = process.env.CIRCLECI_BASE_URL || 'https://circleci.com';
    14:     if (useAPISubdomain) {
    15:         baseURL = baseURL.replace('https://', 'https://api.');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    5: import mcpErrorOutput from '../../lib/mcpErrorOutput.js';
    6: export const downloadUsageApiData = async (args) => {
>>> 7:     const { CIRCLECI_BASE_URL } = process.env;
    8:     if (CIRCLECI_BASE_URL && CIRCLECI_BASE_URL !== 'https://circleci.com') {
    9:         return mcpErrorOutput('ERROR: The Usage API is not available on CircleCI server installations. This tool is only available for CircleCI cloud users.');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    18: };
    19: export const getAppURL = () => {
>>> 20:     const baseURL = process.env.CIRCLECI_BASE_URL || 'https://circleci.com';
    21:     return baseURL.replace('https://', 'https://app.');
    22: };

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    2: import { CircleCIClients } from './circleci/index.js';
    3: export function getCircleCIClient() {
>>> 4:     if (!process.env.CIRCLECI_TOKEN) {
    5:         throw new Error('CIRCLECI_TOKEN is not set');
    6:     }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    6:     }
    7:     return new CircleCIClients({
>>> 8:         token: process.env.CIRCLECI_TOKEN,
    9:     });
    10: }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    10: }
    11: export function getCircleCIPrivateClient() {
>>> 12:     if (!process.env.CIRCLECI_TOKEN) {
    13:         throw new Error('CIRCLECI_TOKEN is not set');
    14:     }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    14:     }
    15:     return new CircleCIPrivateClients({
>>> 16:         token: process.env.CIRCLECI_TOKEN,
    17:     });
    18: }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    6: const server = new McpServer({ name: 'mcp-server-circleci', version: '1.0.0' }, { capabilities: { tools: {}, resources: {} } });
    7: // ---- DEBUG WRAPPERS --------------------------------------------------
>>> 8: if (process.env.debug === 'true') {
    9:     const srv = server;
    10:     if (typeof srv.notification === 'function') {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    32: }
    33: // Register all CircleCI tools once
>>> 34: if (process.env.debug === 'true') {
    35:     console.error('[DEBUG] [Startup] Registering CircleCI MCP tools...');
    36: }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    41:     if (!handler)
    42:         throw new Error(`Handler for tool ${tool.name} not found`);
>>> 43:     if (process.env.debug === 'true') {
    44:         console.error(`[DEBUG] [Startup] Registering tool: ${tool.name}`);
    45:     }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    47: });
    48: async function main() {
>>> 49:     if (process.env.start === 'remote') {
    50:         console.error('Starting CircleCI MCP unified HTTP+SSE server...');
    51:         createUnifiedTransport(server);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    8:     }
    9:     async send(payload) {
>>> 10:         if (process.env.debug === 'true') {
    11:             console.error('[DEBUG] SSE out ->', JSON.stringify(payload));
    12:         }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    31:     app.get('/mcp', (req, res) => {
    32:         (async () => {
>>> 33:             if (process.env.debug === 'true') {
    34:                 const sessionId = req.header('Mcp-Session-Id') ||
    35:                     req.header('mcp-session-id') ||

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    39:             // Create SSE transport (stateless)
    40:             const transport = new DebugSSETransport('/mcp', res);
>>> 41:             if (process.env.debug === 'true') {
    42:                 console.error(`[DEBUG] [GET /mcp] Created SSE transport.`);
    43:             }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    56:         (async () => {
    57:             try {
>>> 58:                 if (process.env.debug === 'true') {
    59:                     const names = Object.keys(server._registeredTools ?? {});
    60:                     console.error(`[DEBUG] visible tools:`, names);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    76:                 // started listening on the SSE stream).
    77:                 if (req.body?.method === 'initialize') {
>>> 78:                     if (process.env.debug === 'true') {
    79:                         console.error('[DEBUG] initialize handled -> sending tools/list_changed again');
    80:                     }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    107:             req.header('mcp-session-id') ||
    108:             req.query.sessionId;
>>> 109:         if (process.env.debug === 'true') {
    110:             console.error(`[DEBUG] [DELETE /mcp] Incoming sessionId:`, sessionId);
    111:         }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    112:         res.status(204).end();
    113:     });
>>> 114:     const port = process.env.port || 8000;
    115:     app.listen(port, () => {
    116:         console.error(`CircleCI MCP unified HTTP+SSE server listening on http://0.0.0.0:${port}`);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    4: import { writeFileSync, mkdirSync, rmSync } from 'fs';
    5: import { join } from 'path';
>>> 6: export const getFlakyTestsOutputDirectory = () => `${process.env.FILE_OUTPUT_DIRECTORY}/flaky-tests-output`;
    7: export const getFlakyTestLogs = async (args) => {
    8:     const { workspaceRoot, gitRemoteURL, projectURL, projectSlug: inputProjectSlug, } = args.params ?? {};

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    33:         projectSlug,
    34:     });
>>> 35:     if (process.env.FILE_OUTPUT_DIRECTORY) {
    36:         try {
    37:             return await writeTestsToFiles({ tests });

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��O����w�����,

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��O����w��fެZ�DK

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��B��%x"�+ڵॉ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����v*��즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��"�׫ �Zn)b�'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����v*��즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 0#Ӯ��jب�f��)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��B��%x"�+ڵॉ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r�����,ڶ*'����-

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��B��%x"�+ڵॉ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��O����w��fެZ�DK

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��O����w��fެZ�DK

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��O����w��fެZ�DK

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���*^�)޳�!���jx�jب��k�7���v��(�G�?i�5�w^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���*^�)޳�!���jx�jب��k�7���v��(�G�?i�5�w^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v�'���wRj���� �Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v�'���wRj���� �Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v'�z��q�' �^�֫ ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v�'���RƠx b �Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v'�z��q�' �^�֫ ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��A�)]�������n���Ԝ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��A�)]�������n���Ԝ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�}Cz�+��b�pkjw!Eꮊ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 0#Ӯ��jب�f��)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�}Cz�+��b�pkjw!Eꮊ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+-�e��>�#y�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+-�e��>�#y�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��A�)]�������n���Ԝ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��E��2M�-�뭦�C������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ޭ�^I��)^���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��E��2M�-�뭦�C������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ޭ�^I��)^���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��E��2M�-.�,N�%

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 0#Ӯ��jب�f��)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+-�e��>�#y�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+-�e��>�#y�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��I��޲�^��m���Ԝ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+-�e��>�#y�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��I��޲�^��m���Ԝ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�}Cz�+��b�pkjw!Eꮊ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 0#Ӯ��jب�f��)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�}Cz�+��b�pkjw!Eꮊ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+-�e��>�#y�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��I��޲�^��m���Ԝ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�}Cz�+��b�pkjw!Eꮊ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�}Cz�+��b�pkjw!Eꮊ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+-�e��>�#y�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+-�e��>�#y�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~��j�^t��zX�x(h�Ǭ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~��j�^t��zX�x(h�Ǭ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~��j�^t��zX�x(h�Ǭ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: m�끳��^t*'���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: m�끳��^t*'���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~)^ ���*' ��jwl

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: m�끳��^t*'���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~)^ ���*' ��jwl

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�}Cz�+��b�pkjw!Eꮊ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�}Cz�+��b�pkjw!Eꮊ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+-�e��>�#y�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�}Cz�+��b�pkjw!Eꮊ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�}Cz�+��b�pkjw!Eꮊ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �朅�Lkځ��8�z��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �朅�Lkځ��8�z��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �朅�Lkځ��8�z��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �朅�Lkځ��8�z��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: j����h���Whm������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: j����h���Whm������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�ں[Oj�jب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    23:       * Project URL: https://app.circleci.com/pipelines/gh/organization/project
    24:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123
>>> 25:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
    26:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz
    27: 

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    14:      * Get the projects that the user is following with pagination support
    15:      * @param options Optional configuration for pagination limits
>>> 16:      * @param options.maxPages Maximum number of pages to fetch (default: 5)
    17:      * @param options.timeoutMs Timeout in milliseconds (default: 10000)
    18:      * @returns All followed projects

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    56:     async get(path, params) {
    57:         const url = this.buildURL(path, params);
>>> 58:         const response = await fetch(url.toString(), {
    59:             method: 'GET',
    60:             headers: this.headers,

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    67:     async post(path, data, params) {
    68:         const url = this.buildURL(path, params);
>>> 69:         const response = await fetch(url.toString(), {
    70:             method: 'POST',
    71:             headers: this.headers,

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    79:     async delete(path, params) {
    80:         const url = this.buildURL(path, params);
>>> 81:         const response = await fetch(url.toString(), {
    82:             method: 'DELETE',
    83:             headers: this.headers,

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    90:     async put(path, data, params) {
    91:         const url = this.buildURL(path, params);
>>> 92:         const response = await fetch(url.toString(), {
    93:             method: 'PUT',
    94:             headers: this.headers,

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    102:     async patch(path, data, params) {
    103:         const url = this.buildURL(path, params);
>>> 104:         const response = await fetch(url.toString(), {
    105:             method: 'PATCH',
    106:             headers: this.headers,

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    28:      * @param params.workflowId The ID of the workflow
    29:      * @param params.options Optional configuration for pagination limits
>>> 30:      * @param params.options.maxPages Maximum number of pages to fetch (default: 5)
    31:      * @param params.options.timeoutMs Timeout in milliseconds (default: 10000)
    32:      * @returns All jobs for the workflow

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    13:      * @param params.branch Optional branch name to filter pipelines
    14:      * @param params.options Optional configuration for pagination limits
>>> 15:      * @param params.options.maxPages Maximum number of pages to fetch (default: 5)
    16:      * @param params.options.timeoutMs Timeout in milliseconds (default: 10000)
    17:      * @param params.options.findFirst Whether to find the first pipeline that matches the filterFn (default: false)

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    17:      * @param params.jobNumber The job number
    18:      * @param params.options Optional configuration for pagination limits
>>> 19:      * @param params.options.maxPages Maximum number of pages to fetch (default: 5)
    20:      * @param params.options.timeoutMs Timeout in milliseconds (default: 10000)
    21:      * @returns All tests from the job

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    16:      * @param params.pipelineId The pipeline ID
    17:      * @param params.options Optional configuration for pagination limits
>>> 18:      * @param params.options.maxPages Maximum number of pages to fetch (default: 5)
    19:      * @param params.options.timeoutMs Timeout in milliseconds (default: 10000)
    20:      * @returns All workflows from the pipeline

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    31:  * @example
    32:  * // Standard pipeline URL
>>> 33:  * getPipelineNumberFromURL('https://app.circleci.com/pipelines/gh/organization/project/2/workflows/abc123de-f456-78gh-90ij-klmnopqrstuv')
    34:  * // returns 2
    35:  *

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    36:  * @example
    37:  * // Pipeline URL with complex project path
>>> 38:  * getPipelineNumberFromURL('https://app.circleci.com/pipelines/circleci/GM1mbrQEWnNbzLKEnotDo4/5gh9pgQgohHwicwomY5nYQ/123/workflows/abc123de-f456-78gh-90ij-klmnopqrstuv')
    39:  * // returns 123
    40:  *

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    66:  * @example
    67:  * // Job URL
>>> 68:  * getJobNumberFromURL('https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc123de-f456-78gh-90ij-klmnopqrstuv/jobs/456')
    69:  * // returns 456
    70:  *

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    76:  * @example
    77:  * // URL without job number
>>> 78:  * getJobNumberFromURL('https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc123de-f456-78gh-90ij-klmnopqrstuv')
    79:  * // returns undefined
    80:  */

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    118:  * @example
    119:  * // Pipeline URL with workflow
>>> 120:  * getProjectSlugFromURL('https://app.circleci.com/pipelines/gh/organization/project/2/workflows/abc123de-f456-78gh-90ij-klmnopqrstuv')
    121:  * // returns 'gh/organization/project'
    122:  *

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.2 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.2 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    17: export async function downloadAndSaveUsageData(downloadUrl, outputDir, opts) {
    18:     try {
>>> 19:         const gzippedCsvResponse = await fetch(downloadUrl);
    20:         if (!gzippedCsvResponse.ok) {
    21:             const csvText = await gzippedCsvResponse.text();

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    9:         '- Project URL with branch: https://app.circleci.com/pipelines/gh/organization/project?branch=feature-branch\n' +
    10:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
>>> 11:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
    12:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz')
    13:         .optional(),

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    10:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
    11:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
>>> 12:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz')
    13:         .optional(),
    14:     workspaceRoot: z

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    22:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123
    23:       * Legacy Job URL: https://circleci.com/pipelines/gh/organization/project/123
>>> 24:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
    25:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz
    26: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    23:       * Legacy Job URL: https://circleci.com/pipelines/gh/organization/project/123
    24:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
>>> 25:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz
    26: 
    27:     Option 3 - Project Detection (ALL of these must be provided together):

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    20:         '- Project URL with branch: https://app.circleci.com/pipelines/gh/organization/project?branch=feature-branch\n' +
    21:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
>>> 22:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
    23:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz')
    24:         .optional(),

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    21:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
    22:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
>>> 23:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz')
    24:         .optional(),
    25: });

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    24:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123
    25:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
>>> 26:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz
    27: 
    28:     Option 3 - Project Detection (ALL of these must be provided together):

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    21:         '- Project URL with branch: https://app.circleci.com/pipelines/gh/organization/project?branch=feature-branch\n' +
    22:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
>>> 23:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
    24:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/123')
    25:         .optional(),

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    22:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
    23:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
>>> 24:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/123')
    25:         .optional(),
    26:     filterByTestsResult: z

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    39:     Option 2 - Direct URL (provide ONE of these):
    40:     - projectURL: The URL of the CircleCI job in any of these formats:
>>> 41:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/789
    42:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
    43:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    40:     - projectURL: The URL of the CircleCI job in any of these formats:
    41:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/789
>>> 42:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
    43:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123
    44: 

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    11:         '- Legacy Pipeline URL with branch: https://circleci.com/gh/organization/project/123?branch=feature-branch\n' +
    12:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
>>> 13:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
    14:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz')
    15:         .optional(),

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    12:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
    13:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
>>> 14:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz')
    15:         .optional(),
    16:     workspaceRoot: z

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    21:       * Project URL: https://app.circleci.com/pipelines/gh/organization/project
    22:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123
>>> 23:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
    24:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz
    25:       * Legacy Job URL: https://circleci.com/gh/organization/project/123

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    22:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123
    23:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
>>> 24:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz
    25:       * Legacy Job URL: https://circleci.com/gh/organization/project/123
    26: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    126:     steps:
    127:       - run: |
>>> 128:           curl https://gist.githubusercontent.com/jvincent42/10bf3d2d2899033ae1530cf429ed03f8/raw/acf07002d6bfcfb649c913b01a203af086c1f98d/eval.py > eval.py
    129:           echo "deepeval>=3.0.3
    130:           openai>=1.84.0

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    20:         '- Project URL with branch: https://app.circleci.com/pipelines/gh/organization/project?branch=feature-branch\n' +
    21:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
>>> 22:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
    23:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz')
    24:         .optional(),

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    21:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
    22:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
>>> 23:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz')
    24:         .optional(),
    25:     pipelineChoiceName: z

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    19:       * Project URL with branch: https://app.circleci.com/pipelines/gh/organization/project?branch=feature-branch
    20:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123
>>> 21:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
    22:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz
    23: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    20:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123
    21:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
>>> 22:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz
    23: 
    24:     Option 3 - Project Detection (ALL of these must be provided together):

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    20:         '- Project URL with branch: https://app.circleci.com/pipelines/gh/organization/project?branch=feature-branch\n' +
    21:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
>>> 22:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
    23:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz')
    24:         .optional(),

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    21:         '- Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123\n' +
    22:         '- Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def\n' +
>>> 23:         '- Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz')
    24:         .optional(),
    25:     pipelineChoiceName: z

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    14:       * Project URL with branch: https://app.circleci.com/pipelines/gh/organization/project?branch=feature-branch
    15:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123
>>> 16:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
    17:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz
    18: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    15:       * Pipeline URL: https://app.circleci.com/pipelines/gh/organization/project/123
    16:       * Workflow URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def
>>> 17:       * Job URL: https://app.circleci.com/pipelines/gh/organization/project/123/workflows/abc-def/jobs/xyz
    18: 
    19:     Option 3 - Project Detection (ALL of these must be provided together):