search

unixorn / ha-mqtt-discoverable

Python module to create MQTT entities that are automatically discovered by Home Assistant
Apache License 2.0
89 stars 21 forks source link

[BUG] Megalinter fails for tests/test_discoverable.py #156

Closed ha-enthus1ast closed 8 months ago

ha-enthus1ast commented 8 months ago

Describe the bug Megalinter - gitleaks fails for tests/test_discoverable.py

It seems hardcoded password and username strings are used when instatiating the MQTT client

This is currently stopping several PRs

To Reproduce Steps to reproduce the behavior: Run megalinter

Expected behavior No errors thrown by gitleaks

Additional context See printout below:

 - Using [gitleaks v8.18.1] https://megalinter.io/7.7.0/descriptors/repository_gitleaks
  - MegaLinter key: [REPOSITORY_GITLEAKS]
  - Rules config: [.gitleaks.toml]
  --Error detail:

      ○
      │╲
      │ ○
      ○ ░
      ░    gitleaks

  Finding:     ..., username="admin", ***;3;mREDACTED
      )
  Secret:      REDACTED
  RuleID:      hashicorp-tf-password
  Entropy:     2.921928
  File:        tests/test_discoverable.py
  Line:        33
  Commit:      777b8dd883e3d757a269bd484cfc6e08970eaaf2
  Author:      Carlo Mion
  Email:       mion00@gmail.com
  Date:        2023-02-27T12:37:28Z
  Fingerprint: 777b8dd883e3d757a269bd484cfc6e08970eaaf2:tests/test_discoverable.py:hashicorp-tf-password:33

  Finding:     ..., username="admin", ***;3;mREDACTED
      )
  Secret:      REDACTED
  RuleID:      hashicorp-tf-password
  Entropy:     2.921928
  File:        tests/test_discoverable.py
  Line:        199
  Commit:      c6a9c6460c35432d4f25da99c3ca88d8474456a7
  Author:      Carlo Mion
  Email:       mion00@gmail.com
  Date:        2023-02-24T08:14:37Z
  Fingerprint: c6a9c6460c35432d4f25da99c3ca88d8474456a7:tests/test_discoverable.py:hashicorp-tf-password:199

  Finding:     ..., username="admin", ***;3;mREDACTED
      )
  Secret:      REDACTED
  RuleID:      hashicorp-tf-password
  Entropy:     2.921928
  File:        tests/test_discoverable.py
  Line:        8
  Commit:      73a7f282b496d8489e2bba00b66b51946d29f5f3
  Author:      Carlo Mion
  Email:       mion00@gmail.com
  Date:        2023-02-17T18:46:12Z
  Fingerprint: 73a7f282b496d8489e2bba00b66b51946d29f5f3:tests/test_discoverable.py:hashicorp-tf-password:8

  Finding:     ..., username="admin", ***;3;mREDACTED
      )
  Secret:      REDACTED
  RuleID:      hashicorp-tf-password
  Entropy:     2.921928
  File:        tests/test_discoverable.py
  Line:        91
  Commit:      73a7f282b496d8489e2bba00b66b51946d29f5f3
  Author:      Carlo Mion
  Email:       mion00@gmail.com
  Date:        2023-02-17T18:46:12Z
  Fingerprint: 73a7f282b496d8489e2bba00b66b51946d29f5f3:tests/test_discoverable.py:hashicorp-tf-password:91

  Finding:     ..., username="admin", ***;3;mREDACTED
      )
  Secret:      REDACTED
  RuleID:      hashicorp-tf-password
  Entropy:     2.921928
  File:        tests/test_discoverable.py
  Line:        101
  Commit:      73a7f282b496d8489e2bba00b66b51946d29f5f3
  Author:      Carlo Mion
  Email:       mion00@gmail.com
  Date:        2023-02-17T18:46:12Z
  Fingerprint: 73a7f282b496d8489e2bba00b66b51946d29f5f3:tests/test_discoverable.py:hashicorp-tf-password:101

  10:53AM INF 221 commits scanned.
  10:53AM INF scan completed in 243ms
  10:53AM WRN leaks found: 5