Securie for Netlify — function + env scanning

roadmap

Pre-deploy gate for Netlify Functions and Netlify-hosted sites. Environment-variable audit on every build. Build-time secret detection. Function-route authorization validation. Edge Function binding review. The integration mirrors the Vercel integration but wired into Netlify's build-trigger webhook.

What it does

Validates Netlify Function authorization patterns (missing auth in /.netlify/functions/* handlers). Catches build-time secret leakage (env vars ending up in the published bundle). Enforces CORS + rate-limit configuration on function routes. Checks Edge Function bindings for correct scoping. Reviews `netlify.toml` for known misconfiguration patterns.

When to use it

Best fit: teams on Netlify Functions (serverless) or Netlify Edge Functions. Complementary to the GitHub App — source-level catches plus deploy-level verification.

Limitations

Roadmap. Netlify support currently matches Vercel coverage in scope but ships post-Vercel. Build-blocking requires Netlify Pro plan or higher; Starter plan accounts can run the scan but cannot gate deploys.

Install

  1. When live: install the Securie GitHub App on your Netlify-connected repo
  2. Securie runs on every Netlify build trigger
  3. Findings appear in the Netlify Deploy log + GitHub PR comment
  4. Critical findings can be configured to block the deploy