Closed pburkholder closed 2 years ago
Back with gitleaks 7.x we had this test:
@test "it fails a flask secret key" { cat > $REPO_PATH/webapp.py <<END app.secret_key = ( '39a45464-cb1d-4b8d-aa1f-83c7c04fa673' ) END run testCommit $REPO_PATH should_fail }
But that stopped working in 8.8.4.
For now I've changed the test to single line, but it would be good to detect across the newline.
I don't know if this is a bug/feature in 8.8.4 or perhaps in Go regexes.
This might be fixed by https://github.com/cloud-gov/caulking/commit/16a52d8414a816141613e3b8c80e52e13fca5e88. Let me know what you think.
Back with gitleaks 7.x we had this test:
But that stopped working in 8.8.4.
For now I've changed the test to single line, but it would be good to detect across the newline.
I don't know if this is a bug/feature in 8.8.4 or perhaps in Go regexes.
Security considerations