KevinHock
[Right now it is hard-coded as `False`](https://github.com/mandatoryprogrammer/TrustTrees/search?q=IPV6_ENABLED&unscoped_q=IPV6_ENABLED_)
Now that we're python 3+, we can remove the following: https://github.com/Yelp/detect-secrets-server/blob/cf25d3e95a97daaf236799cb4e38940396834c2c/detect_secrets_server/adhoc/github/webhook.py#L10-L19 (Still [reusing](https://github.com/bridgecrewio/checkov/issues/530#issuecomment-685047502) some code from this project :D)
By default, we do not overwrite the repo metadata if it already exists https://github.com/Yelp/detect-secrets-server/blob/2662fa8192e487fb4e2e4f15ebd3cc66dc61d3d5/detect_secrets_server/actions/initialize.py#L132 and there is good reason for not blindly overwriting the `exclude_regex`, because each repo could have...
So only in say, `.json` files you want to exclude `checksum`, but no other file type. Or something like that. Or no `answer =` in `.tf` files
Lots of secrets are written like p455w0rd, or something else like that. I think this could be really involved. Just making this issue for some time in a future far...
https://github.com/Yelp/detect-secrets/pull/245/files#diff-f10cba071b66829c5d5a2fb33cfa3f53R121 only filters words ending with Id, from high-entropy plugin results. How much would filtering out `[(lower-case letter)Id(upper-case letter)]` would improve signal? for cases like e.g. `val someIdHere = "f10cba071b66829c5d5a2fb33cfa3f53R121"`
Through testing, true-positives for these have less entropy than other kinds of high entropy secrets. We should change our detection accordingly. The relevant code is in https://github.com/Yelp/detect-secrets/pull/223
We should mention that [we do not include verifiable secrets we are not able to verify in output](https://github.com/Yelp/detect-secrets/issues/238#issuecomment-533302853) without the `--no-verify` flag. Clarification: if no secret key is found next...
See this comment for context https://github.com/Yelp/detect-secrets/issues/238#issuecomment-532907500 but tl;dr is that we do not report them otherwise, so let's be consistent.
See this awesome issue and associated PR https://github.com/dxa4481/truffleHog/issues/168 (and https://github.com/dxa4481/truffleHog/pull/174) from @Seancarpenter