Closed Asmysaras closed 1 year ago
Hey @Asmysaras, the Travis build was failing previously because a vulnerable version of setuptools
was being used:
I fixed the issue with this line: https://github.com/IBM/detect-secrets/blob/8475dd7f309c9b7cec22875bc6ea883928d65392/.travis.yml#L31.
But there was an issue with the Python 3.6 build where pip
can't install the fixed version of setuptools
since it's not available to it:
Since Python 3.6 is no longer officially supported, I went ahead and removed the 3.6 build from travis.yml
. Since that vulnerability is unfixable in this version of Python, it makes sense to me to remove it.
The GitHub Enterprise Detector will now scan for GitHub Enterprise credentials generated both before (see
forty_hex
var) and after (seenew_ghe_token
var) this update: https://docs.github.com/en/enterprise-server@3.2/authentication/keeping-your-account-and-data-secure/about-authentication-to-github#githubs-token-formats