detect-secrets
detect-secrets copied to clipboard
Yelp
Git Hook Config
hello there
please is it possible to add args of '--all-files' to the git hook config
detect-secrets is skipping files with ".txt" files
see here
- repo: https://github.com/Yelp/detect-secrets
rev: v1.3.0
hooks:
- id: detect-secrets
args: ['--all-files', '*']
Hi @saintmalik, thank you for reporting this issue to us. We'll take a look at it in the next few days and let you know when we have updates about it.
Hi @saintmalik , I'm unable to reproduce this issue. Please see below logs for details.
Could you please provide detailed steps to reproduce (a minimal MVC would be ideal).
- Terminal output with a sample .txt file ( private_key_2.txt ):
~/git/test-repo master ✚ git status
On branch master
Changes to be committed:
(use "git restore --staged <file>..." to unstage)
new file: private_key_2.txt
~/git/test-repo master ✚ cat private_key_2.txt
-----BEGIN OPENSSH PRIVATE KEY-----
somethingSuperRandomAndSecretHereThatShouldNeverBeShared
-----END OPENSSH PRIVATE KEY-----
~/git/test-repo master ✚ git commit -m "test commit"
Detect secrets...........................................................Failed
- hook id: detect-secrets
- exit code: 1
ERROR: Potential secrets about to be committed to git repo!
Secret Type: Private Key
Location: private_key_2.txt:1
Possible mitigations:
- For information about putting your secrets in a safer place, please ask in
#security
- Mark false positives with an inline `pragma: allowlist secret`
comment
If a secret has already been committed, visit
https://help.github.com/articles/removing-sensitive-data-from-a-repository
We're going to close this issue as it hasn't received any update in a very long time. Feel free to re-open it if you think it's still relevant.