Open Chan9390 opened 1 year ago
@deviprasad303 please take a look
@Chan9390 please add usr{sep}local{sep}share{sep}.cache inside blacklist path. There should not be {sep} at the start of the path. please also add usr{sep}local{sep}share{sep}.cache in the exclude path . the exclude path removes everything that contains the given subpath
@Chan9390 can you check if it works out for you?
I read the documentation and found that I can exclude certain paths by appending them to
exclude_paths
.Trying to evaluate this tool, I found the following false positive:
While there's a private key in the path, it's added to the container by the repo's dependencies. So inorder to remove any detection of secrets in the
usr/local/share/.cache
path, I appended it toexclude_paths
list:Snippet:
And ran the command:
docker run -it --rm --name=deepfence-secretscanner -v $(pwd):/home/deepfence/output -v /var/run/docker.sock:/var/run/docker.sock deepfenceio/deepfence_secret_scanner:latest -image-name <image>:latest --config-path secretscanner
(where the config.yaml is saved in secretscanner directory).SecretScanner still detects this path and the false positive.
PS: I tried using
{name_sep}
instead of{sep}
, and tried adding the path toblacklisted_strings
andblacklisted_paths
. Nothing worked so far.