-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
jit and sonar demo #4
base: master
Are you sure you want to change the base?
Conversation
cm ignored accept
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
❌ Jit has detected 1 important finding in this PR that you should review.
The finding is detailed below as a comment.
It’s highly recommended that you fix this security issue before merge.
data/static/users.yml
Outdated
@@ -147,6 +147,8 @@ | |||
email: wurstbrot | |||
username: wurstbrot | |||
password: 'EinBelegtesBrotMitSchinkenSCHINKEN!' | |||
totpSecret: IFTXE3SPOEYVURT2MRYGI52TKJ4HC3KH | |||
key: timo |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Security control: Secret Detection
Type: Generic-Api-Key
Description: Generic API Key
Severity: HIGH
Jit Bot commands and options (e.g., ignore issue)
You can trigger Jit actions by commenting on this PR review:
#jit_ignore_fp
Ignore and mark this specific single instance of finding as “False Positive”#jit_ignore_accept
Ignore and mark this specific single instance of finding as “Accept Risk”#jit_undo_ignore
Undo ignore command
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
95de275
to
39b4686
Compare
Description
A clear and concise summary of the change and which issue (if any) it fixes. Should also include relevant motivation and context.
Resolved or fixed issue:
Affirmation