gitguardian[bot]
commented
1 year ago ⚠️ GitGuardian has uncovered 6 secrets following the scan of your pull request.
Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.
🔎 Detected hardcoded secrets in your pull request
| GitGuardian id | Secret | Commit | Filename | | | -------------- | ------------------------- | ---------------- | --------------- | -------------------- | | [-](https://dashboard.gitguardian.com/incidents/secrets) | Generic High Entropy Secret | a1884c9864ba12014ba96e6684676f6c86e574cf | amaru/api/src/main/resources/application.properties | [View secret](https://github.com/1712n/challenge/commit/a1884c9864ba12014ba96e6684676f6c86e574cf#diff-3d414605360e6d4fc29b8051ef457e16L2) | | [-](https://dashboard.gitguardian.com/incidents/secrets) | Generic Password | a1884c9864ba12014ba96e6684676f6c86e574cf | amaru/api/src/main/resources/application.properties | [View secret](https://github.com/1712n/challenge/commit/a1884c9864ba12014ba96e6684676f6c86e574cf#diff-3d414605360e6d4fc29b8051ef457e16L12) | | [-](https://dashboard.gitguardian.com/incidents/secrets) | Generic Password | a1884c9864ba12014ba96e6684676f6c86e574cf | amaru/deploy/docker-compose.yml | [View secret](https://github.com/1712n/challenge/commit/a1884c9864ba12014ba96e6684676f6c86e574cf#diff-4c8f9a61b947e0dbd17a4f8574376058L27) | | [-](https://dashboard.gitguardian.com/incidents/secrets) | Generic Password | a1884c9864ba12014ba96e6684676f6c86e574cf | amaru/deploy/docker-compose.yml | [View secret](https://github.com/1712n/challenge/commit/a1884c9864ba12014ba96e6684676f6c86e574cf#diff-4c8f9a61b947e0dbd17a4f8574376058L55) | | [-](https://dashboard.gitguardian.com/incidents/secrets) | Generic Password | a1884c9864ba12014ba96e6684676f6c86e574cf | amaru/deploy/docker-compose.yml | [View secret](https://github.com/1712n/challenge/commit/a1884c9864ba12014ba96e6684676f6c86e574cf#diff-4c8f9a61b947e0dbd17a4f8574376058L68) | | [-](https://dashboard.gitguardian.com/incidents/secrets) | Username Password | a1884c9864ba12014ba96e6684676f6c86e574cf | amaru/deploy/docker-compose.yml | [View secret](https://github.com/1712n/challenge/commit/a1884c9864ba12014ba96e6684676f6c86e574cf#diff-4c8f9a61b947e0dbd17a4f8574376058L67) |
🛠 Guidelines to remediate hardcoded secrets
Revoke, replace, and use your secret safely through [GitHub OIDC](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services) or [GitHub Secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets). If possible, [rewrite git history](https://blog.gitguardian.com/rewriting-git-history-cheatsheet). Keep in mind that rewriting git history might break others' workflow. To avoid such incidents in the future, consider installing [secret detection on pre-commit](https://docs.gitguardian.com/ggshield-docs/integrations/git-hooks/pre-commit).
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
Hello,
I hope this pr finds you well. I am pushing some R&D and would appreciate receiving your feedback Thank you in advance for your time and attention to this matter
Regards, Alex