pub fn validate_token_shape(token: &str) -> Option<String>Expand description
Inspect a configured SOCKET_API_TOKEN value and return a
human-readable warning when the value doesn’t match the canonical
Socket API token shape (sktsec_<44 chars>_api). Returns None
when the token looks valid, so the caller can ignore the result
without checking length.
The validation is intentionally a non-authoritative shape check — the server’s regex is the source of truth. We only flag values that are obviously wrong (e.g. the storage hash, an empty prefix/suffix) so a benign typo at the server’s regex boundary doesn’t generate noise.
The returned message redacts the middle of the token (first 8 + last 4 chars) so a real token doesn’t leak into stderr if a user pastes one with a wrong suffix.