You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
RFC 8959 registers the secret-token: URI scheme with the intent of establishing a common syntax for authentication tokens and making it easier to detect tokens and prevent them from leaking into e.g. version control systems.
Seems a natural fit for this project, given it already has checks for private keys and AWS credentials.
The text was updated successfully, but these errors were encountered:
This can be done with a pygrep hook. Try this as a starting point:
- id: no-secret-tokenname: no secret-tokendescription: 'Forbid secret-token:[...] as it is likely a secret'# warning - this is untested entry: "secret-token:([A-Za-z0-9-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+"language: pygreptypes: [text]
RFC 8959 registers the
secret-token:
URI scheme with the intent of establishing a common syntax for authentication tokens and making it easier to detect tokens and prevent them from leaking into e.g. version control systems.Seems a natural fit for this project, given it already has checks for private keys and AWS credentials.
The text was updated successfully, but these errors were encountered: