-
Notifications
You must be signed in to change notification settings - Fork 481
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hardcoded PHP passwords not found #404
Comments
@BlueCanary-DM , what version of |
I'm running version 0.13.1 as I had the issue described here: However, using the docker container provided here, which uses the latest version I have the same results. |
I am facing the same problem with PHP files, the following code is not caught by any of the plugins:
Even 'password' is not flagged by KeywordDetector unless one removes the single quotes around the word password. |
After doing some investigation on this issue. The issue with the array declaration is valid. The With respect to the This investigation was performed on detect-secrets v1.2.0 |
* Add regex for the arrow function assignment operator followed by quotes to keyword plugin * Revert local dependency changes
I did some tests and a number of passwords (e.g. in an array or constant) were not found in a php file:
Array example:
Constants:
I've used the following command:
detect-secrets scan > .secrets.baseline
The text was updated successfully, but these errors were encountered: