-
Notifications
You must be signed in to change notification settings - Fork 465
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reports commented line as an issue #182
Comments
Hi! You have to use the On the other hand, testing it right now with pragma seems to behave badly as this returns a secret :
But this works fine:
From checking this briefly, whitelisting fails when we have a secret inside a whitelisted comment. |
@dgzlopes The inline comment needs to be on the same line. For you case, you can use let basic_auth = 'http://username:@example.com' // pragma: whitelist secret |
Yep @killuazhu, but support for text after inline whitelisting was added (here [0]) so both examples should work! But the first one doesn't work as expected. I mean, this actually works fine on the last version (by working fine I mean, the additional text is omitted):
|
Obviously, the 'common case' is:
or with after text:
But on the edge case of having a key (this is just an example, but I mean a detect-secrets detectable key) on the comment, it doesn't work:
Maybe this needs a look? |
Thank you both for your responses! |
I have my file
test.js
.I use it to run different tests to understand how
detect-secrets
works.When I scan this file with the command:
detect-secrets scan test.js
I get as a result:
The problems on line 13 and 68 are real, but not the one on line 77.
On line 77 I have:
// let basic_auth = 'http://username:whywouldyouusehttpforpasswords@example.com'
Node.js
version:v11.9.0
detect-secrets
version:0.12.2
The text was updated successfully, but these errors were encountered: