diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..ed6199e1 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,22 @@ +# This is an example configuration to enable detect-secrets in the pre-commit hook. +# Add this file to the root folder of your repository. +# +# Read pre-commit hook framework https://pre-commit.com/ for more details about the structure of config yaml file and how git pre-commit would invoke each hook. +# +# This line indicates we will use the hook from ibm/detect-secrets to run scan during committing phase. +# Whitewater/whitewater-detect-secrets would sync code to ibm/detect-secrets upon merge. +- repo: https://github.com/ibm/detect-secrets + # If you desire to use a specific version of detect-secrets, you can replace `master` with other git revisions such as branch, tag or commit sha. + # You are encouraged to use static refs such as tags, instead of branch name + # + # Running "pre-commit autoupdate" would automatically updates rev to latest tag + rev: master + hooks: + - id: detect-secrets # pragma: whitelist secret + # Add options for detect-secrets-hook binary. You can run `detect-secrets-hook --help` to list out all possible options. + # You may also run `pre-commit run detect-secrets` to preview the scan result. + # when "--baseline" without "--use-all-plugins", pre-commit scan with just plugins in baseline file + # when "--baseline" with "--use-all-plugins", pre-commit scan with all available plugins + # add "--fail-on-non-audited" to fail pre-commit for unaudited potential secrets + args: [--baseline, .secrets.baseline, --use-all-plugins ] + diff --git a/.secrets.baseline b/.secrets.baseline new file mode 100644 index 00000000..0988a8c9 --- /dev/null +++ b/.secrets.baseline @@ -0,0 +1,273 @@ +{ + "exclude": { + "files": "(.*test.*)|go.sum|^.secrets.baseline$", + "lines": null + }, + "generated_at": "2021-03-09T08:51:53Z", + "plugins_used": [ + { + "name": "AWSKeyDetector" + }, + { + "name": "ArtifactoryDetector" + }, + { + "base64_limit": 4.5, + "name": "Base64HighEntropyString" + }, + { + "name": "BasicAuthDetector" + }, + { + "name": "BoxDetector" + }, + { + "name": "CloudantDetector" + }, + { + "name": "GheDetector" + }, + { + "hex_limit": 3, + "name": "HexHighEntropyString" + }, + { + "name": "IbmCloudIamDetector" + }, + { + "name": "IbmCosHmacDetector" + }, + { + "name": "JwtTokenDetector" + }, + { + "keyword_exclude": null, + "name": "KeywordDetector" + }, + { + "name": "MailchimpDetector" + }, + { + "name": "PrivateKeyDetector" + }, + { + "name": "SlackDetector" + }, + { + "name": "SoftlayerDetector" + }, + { + "name": "StripeDetector" + }, + { + "name": "TwilioKeyDetector" + } + ], + "results": { + "api/container/containerv1/clusters.go": [ + { + "hashed_secret": "97f6d363f50f41c6247a497350ce970feca16f41", + "is_secret": false, + "is_verified": false, + "line_number": 915, + "type": "Secret Keyword", + "verified_result": null + } + ], + "api/iam/iamv1/api_keys.go": [ + { + "hashed_secret": "1a729d4bbd0baf63aa47cd7b7f1e81628e3da575", + "is_secret": false, + "is_verified": false, + "line_number": 50, + "type": "Secret Keyword", + "verified_result": null + }, + { + "hashed_secret": "b8f0a09a47a210897433f186bf99aae66d3595eb", + "is_secret": false, + "is_verified": false, + "line_number": 52, + "type": "Secret Keyword", + "verified_result": null + } + ], + "api/mccp/mccpv2/service_bindings.go": [ + { + "hashed_secret": "9d39d390ad5a43a617f96b9c1b63821171019443", + "is_secret": false, + "is_verified": false, + "line_number": 59, + "type": "Secret Keyword", + "verified_result": null + } + ], + "api/mccp/mccpv2/service_instances.go": [ + { + "hashed_secret": "9d39d390ad5a43a617f96b9c1b63821171019443", + "is_secret": false, + "is_verified": false, + "line_number": 104, + "type": "Secret Keyword", + "verified_result": null + } + ], + "api/mccp/mccpv2/service_keys.go": [ + { + "hashed_secret": "9d39d390ad5a43a617f96b9c1b63821171019443", + "is_secret": false, + "is_verified": false, + "line_number": 69, + "type": "Secret Keyword", + "verified_result": null + } + ], + "authentication/iam.go": [ + { + "hashed_secret": "2308d0fb5ab83a7e92e8000f5f094342d3f87bd0", + "is_secret": false, + "is_verified": false, + "line_number": 76, + "type": "Secret Keyword", + "verified_result": null + }, + { + "hashed_secret": "f75b33f87ffeacb3a4f793a09693e672e07449ff", + "is_secret": false, + "is_verified": false, + "line_number": 77, + "type": "Secret Keyword", + "verified_result": null + }, + { + "hashed_secret": "f2f957e84e07081feadc181d7dffbe8623b3ada0", + "is_secret": false, + "is_verified": false, + "line_number": 84, + "type": "Secret Keyword", + "verified_result": null + } + ], + "errors.go": [ + { + "hashed_secret": "15e37c6a1458c5f3941952ceb3c5117423897c71", + "is_secret": false, + "is_verified": false, + "line_number": 11, + "type": "Secret Keyword", + "verified_result": null + } + ], + "examples/cis/cisv1/dns/README.md": [ + { + "hashed_secret": "ba81c7097ceb06d94efbc7f8d892516661551588", + "is_secret": false, + "is_verified": false, + "line_number": 10, + "type": "Hex High Entropy String", + "verified_result": null + } + ], + "examples/cis/cisv1/glbs/README.md": [ + { + "hashed_secret": "95fbdd7d6e8c8defb7fccde9bfcaf2571f1efee9", + "is_secret": false, + "is_verified": false, + "line_number": 9, + "type": "Hex High Entropy String", + "verified_result": null + }, + { + "hashed_secret": "a86d2137d50968058293c28f740b43c5d0dce6b4", + "is_secret": false, + "is_verified": false, + "line_number": 13, + "type": "Hex High Entropy String", + "verified_result": null + }, + { + "hashed_secret": "ba81c7097ceb06d94efbc7f8d892516661551588", + "is_secret": false, + "is_verified": false, + "line_number": 13, + "type": "Hex High Entropy String", + "verified_result": null + } + ], + "examples/cis/cisv1/monitors/README.md": [ + { + "hashed_secret": "ba81c7097ceb06d94efbc7f8d892516661551588", + "is_secret": false, + "is_verified": false, + "line_number": 10, + "type": "Hex High Entropy String", + "verified_result": null + } + ], + "examples/cis/cisv1/poolcreate/README.md": [ + { + "hashed_secret": "95fbdd7d6e8c8defb7fccde9bfcaf2571f1efee9", + "is_secret": false, + "is_verified": false, + "line_number": 6, + "type": "Hex High Entropy String", + "verified_result": null + } + ], + "examples/cis/cisv1/pooldelete/README.md": [ + { + "hashed_secret": "95fbdd7d6e8c8defb7fccde9bfcaf2571f1efee9", + "is_secret": false, + "is_verified": false, + "line_number": 14, + "type": "Hex High Entropy String", + "verified_result": null + } + ], + "examples/cis/cisv1/settings/README.md": [ + { + "hashed_secret": "ba81c7097ceb06d94efbc7f8d892516661551588", + "is_secret": false, + "is_verified": false, + "line_number": 11, + "type": "Hex High Entropy String", + "verified_result": null + } + ], + "examples/cis/cisv1/zonecreate/README.md": [ + { + "hashed_secret": "ba81c7097ceb06d94efbc7f8d892516661551588", + "is_secret": false, + "is_verified": false, + "line_number": 6, + "type": "Hex High Entropy String", + "verified_result": null + } + ], + "examples/cis/cisv1/zonedelete/README.md": [ + { + "hashed_secret": "ba81c7097ceb06d94efbc7f8d892516661551588", + "is_secret": false, + "is_verified": false, + "line_number": 11, + "type": "Hex High Entropy String", + "verified_result": null + } + ], + "examples/icd/icdv4/connection/main.go": [ + { + "hashed_secret": "62d6314bd936033553442d72fe8ce3b93ba8802d", + "is_secret": false, + "is_verified": false, + "line_number": 175, + "type": "Secret Keyword", + "verified_result": null + } + ] + }, + "version": "0.13.1+ibm.30.dss", + "word_list": { + "file": null, + "hash": null + } +}