[high] semgrep: Generic Secret detected #37
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
high Finding
Scanner: semgrep
Severity: high
Rule: generic.secrets.security.detected-generic-secret.detected-generic-secret
Description
Generic Secret detected
Location
File:
/tmp/compliance-scanner/repos/certifai/docker-compose.yml(line 83)Code
Remediation
Move all secrets to external secret management (e.g., Docker secrets, Kubernetes secrets, or environment variable files). Replace hardcoded values with references to external secrets. Example fix: 'JWT_SECRET: ${JWT_SECRET}' instead of 'JWT_SECRET: "767b962176666eab56e180e6f2d3fe95145dc6b978e37d4eb8d1da5421c5fb26"'
Fingerprint:
6b77c42afa89ae880d2f329a0e919b21ea3f5cb640d19604d4b4cecaf7812450Generated by compliance-scanner
Labels: severity:high, scanner:semgrep, compliance-scanner