detect-secrets
detect-secrets copied to clipboard
Yelp
An enterprise friendly way of detecting and preventing secrets in code.
Hi!, Your secret finder tool was being very usefull to my personal projects and co-workers too. So i Dockerize it for use it on any CI-Pipeline, any docker cluster orchestator...
hello, I'm having problems scanning a repository, it's taking too long. `detect-secrets scan . --exclude-lines .*: parameterSecurity:/.* --exclude-lines .*: parameter:/.* --exclude-files=package-lock.json` there are scans that are taking 10hrs another 1min...
--force-use-all-plugins flag changes the baseline file every run, this does not seem to be optimal for users that are relying on the baseline not changing per iteration.
Hi All, I am getting below error, Can anyone help me out. 
Hi, i have a proposal, where i also want to create a pull request later. if the results file is generated, a date is also generated. this does not help...
Hello, We have tried to allow a secret in a property file but java read the full string `"xyz # pragram: allowlist secrets"` ``` password=xyz # pragma: allowlist secret ```...
We're less concerned about private keys, if they are encrypted with a passphrase. An example format is: ``` -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,99AD1487680054D5E49D263D3E4CBFEB ``` We probably can...
So only in say, `.json` files you want to exclude `checksum`, but no other file type. Or something like that. Or no `answer =` in `.tf` files
From https://github.com/Yelp/detect-secrets/pull/52, we're able to do: ``` $ detect-secrets scan --string '012345678a' ``` but what happens if the string two or more secrets? e.g. ``` $ detect-secrets scan --string '"0123456789a"...
Certain API keys use hyphens. e.g. `blahblah-aaaa-bbbb-cccc-ddddddd` This currently is not caught by the suite of HighEntropyStringPlugins.