Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Lshlocal #25

Open
wants to merge 62 commits into
base: develop
Choose a base branch
from

Adding types.

3d72a15
Select commit
Loading
Failed to load commit list.
Open

Lshlocal #25

Adding types.
3d72a15
Select commit
Loading
Failed to load commit list.
GitGuardian / GitGuardian Security Checks failed Sep 2, 2024 in 15s

44 secrets uncovered!

44 secrets were uncovered from the scan of 62 commits in your pull request. ❌

Please have a look to GitGuardian findings and remediate in order to secure your code.

Details

🔎 Detected hardcoded secrets in your pull request

  • Pull request #25: lshlocal 👉 develop
GitGuardian id GitGuardian status Secret Commit Filename
11675892 Triggered OpenAI Project API Key 5dc233d lpy/.envrc View secret
- - OpenAI Project API Key 17bbf3e lpy/.envrc View secret
- - OpenAI Project API Key ee73c47 lpy/.envrc View secret
10153270 Triggered Generic High Entropy Secret 6186aa4 lpy/resources/guruSearchUI/resources/release4_eng_workflow_v3.ipynb View secret
11378671 Triggered GitHub Access Token 5dc233d lpy/.envrc View secret
11378671 Triggered GitHub Access Token 5dc233d lpy/src/lpy/repo/repo.py View secret
11378671 Triggered GitHub Access Token 5dc233d lpy/src/lpy/repo/repo.py View secret
11122781 Triggered GitHub Access Token 17bbf3e lpy/.envrc View secret
11122781 Triggered GitHub Access Token ee73c47 lpy/.envrc View secret
10780832 Triggered GitHub Access Token 62720a3 lpy/src/lpy/c3metrics/main.py View secret
9699509 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/util/bash/bundle_v8.sh View secret
9131881 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/util/bash/typesys.sh View secret
11675892 Triggered OpenAI Project API Key 6186aa4 lpy/.envrc View secret
10780833 Triggered Generic High Entropy Secret 5dc233d lpy/.envrc View secret
10780833 Triggered Generic High Entropy Secret 6186aa4 lpy/.envrc View secret
10780833 Triggered Generic High Entropy Secret 17bbf3e lpy/.envrc View secret
9039149 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/src/services/api/config.ts View secret
10142402 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/src/services/c3/c3.ts View secret
9699511 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/util/bash/elser.sh View secret
10142371 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/Retriever.Elser.ipynb View secret
9131883 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/util/bash/typesys.sh View secret
9131883 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/util/bash/c3_app.sh View secret
9131883 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/util/bash/c3_app.sh View secret
9131884 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/util/bash/c3_app.sh View secret
12485596 Triggered GitHub Access Token 6186aa4 lpy/.envrc View secret
10780835 Triggered Generic High Entropy Secret 62720a3 lpy/src/lpy/c3metrics/main.py View secret
9699517 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/util/bash/curl_zip_c3.sh View secret
9699518 Triggered Generic High Entropy Secret 52c92c7 lsh-c3-main/util/bash/get_maven_artifacts.sh View secret
10153270 Triggered Generic High Entropy Secret ec0b96e lpy/resources/guruSearchUI/resources/release4_eng_workflow_v3.ipynb View secret
10780832 Triggered GitHub Access Token 7ed3bcf lpy/src/lpy/c3metrics/main.py View secret
10780833 Triggered Generic High Entropy Secret eec2fc0 lpy/.envrc View secret
10780833 Triggered Generic High Entropy Secret 1a48408 lpy/src/lpy/app/main.py View secret
10780833 Triggered Generic High Entropy Secret 94b5963 lpy/.envrc View secret
10780833 Triggered Generic High Entropy Secret 42fa065 lpy/.envrc View secret
10780833 Triggered Generic High Entropy Secret ec0b96e lpy/.envrc View secret
10780835 Triggered Generic High Entropy Secret 7ed3bcf lpy/src/lpy/c3metrics/main.py View secret
11081310 Triggered Generic High Entropy Secret 4e64e47 lpy/.envrc View secret
11378671 Triggered GitHub Access Token 42fa065 lpy/.envrc View secret
11378671 Triggered GitHub Access Token 42fa065 lpy/src/lpy/repo/repo.py View secret
11378671 Triggered GitHub Access Token f00657c lpy/src/lpy/repo/repo.py View secret
11378671 Triggered GitHub Access Token f00657c lpy/src/lpy/repo/repo.py View secret
11675892 Triggered OpenAI Project API Key 42fa065 lpy/.envrc View secret
11675892 Triggered OpenAI Project API Key ec0b96e lpy/.envrc View secret
12485596 Triggered GitHub Access Token ec0b96e lpy/.envrc View secret

🛠 Guidelines to remediate hardcoded secrets

  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

View more details on GitGuardian