search

GitGuardian / ggshield

Find and fix 400+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
https://gitguardian.com
MIT License
1.68k stars 150 forks source link

Detect secrets inside vuejs `ref()` #256

Open devidw opened 2 years ago

devidw commented 2 years ago

Is your feature request related to a problem? Please describe. Scanning a vuejs repo for secrets doesn't detect, when a secret is written inside the ref() function.

The following gets detected:

const apiKey = 'THE-API-KEY'

But this doesn't:

const apiKey = ref('THE-API-KEY')

Describe the solution you'd like Also detect those secrets, that are stored within ref('…')

Describe alternatives you've considered no alternatives

Additional context In case it's relevant, which API keys were used, this behaviour was detected using API-Keys from Deta.

agateau-gg commented 2 years ago

Thanks for your report. We are going to investigate this.