kics icon indicating copy to clipboard operation
kics copied to clipboard
verified publisher icon Checkmarx

fix(query): fixed incorrect metadatas

Open rafaela-soares opened this issue 3 years ago • 2 comments

Proposed Changes

  • fixed incorrect metadatas

I submit this contribution under the Apache-2.0 license.

rafaela-soares avatar Apr 11 '22 17:04 rafaela-soares

Scan submitted to Checkmarx

kicsbot avatar Apr 11 '22 17:04 kicsbot

Logo Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 5 vulnerabilities High 0 High Medium 0 Medium Low 5 Low Info 0 Info

Violation Summary

No policy violation found

kicsbot avatar Apr 11 '22 17:04 kicsbot

kics-logo

KICS version: v1.6.6

Category Results
HIGH HIGH 0
MEDIUM MEDIUM 0
LOW LOW 0
INFO INFO 0
TRACE TRACE 0
TOTAL TOTAL 0
Metric Values
Files scanned placeholder 1
Files parsed placeholder 1
Files failed to scan placeholder 0
Total executed queries placeholder 49
Queries failed to execute placeholder 0
Execution time placeholder 1

github-actions[bot] avatar Dec 12 '22 12:12 github-actions[bot]

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request
GitGuardian id Secret Commit Filename
4906207 RSA Private Key 866cc54f51715f74c0eeb8f9d8fe0757ef2cfa4b assets/queries/common/passwords_and_secrets/test/positive42.tf View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secret safely. Learn here the best practices.
  3. Revoke and rotate this secret.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!

gitguardian[bot] avatar Feb 27 '23 09:02 gitguardian[bot]