Skip to content

Don't scan node_modules for secrets during release #2260

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 31, 2019
Merged

Don't scan node_modules for secrets during release #2260

merged 1 commit into from
Oct 31, 2019

Conversation

TylerLeonhardt
Copy link
Member

@TylerLeonhardt TylerLeonhardt commented Oct 29, 2019
edited
Loading

PR Summary

CredScan was complaining because a node_module that we pull in had some test pem's in their package. This was only occurring in the release build because CredScan happens after the build in that.

This PR creates a tsv with all the files we want to scan (excluding node_modules) and then gives that to the CredScan task since the CredScan executable cannot take multiple inputs...

PR Checklist

Note: Tick the boxes below that apply to this pull request by putting an x between the square brackets.
Please mark anything not applicable to this PR NA.

  • PR has a meaningful title
  • Summarized changes
  • PR has tests N/A
  • This PR is ready to merge and is not work in progress
    • If the PR is work in progress, please add the prefix WIP: to the beginning of the title and remove the prefix when the PR is ready

@TylerLeonhardt
Copy link
Member Author

@TravisEz13 can I get your feedback on this?

@TylerLeonhardt TylerLeonhardt force-pushed the add-cred-scan-suppression branch from 306815d to d08b197 Compare October 30, 2019 15:50
@TylerLeonhardt TylerLeonhardt changed the title add CredScan suppressions for node_modules Don't scan node_modules for secrets Oct 30, 2019
@TylerLeonhardt TylerLeonhardt changed the title Don't scan node_modules for secrets Don't scan node_modules for secrets during release Oct 30, 2019
@TylerLeonhardt TylerLeonhardt marked this pull request as ready for review October 30, 2019 16:12
@rjmholt rjmholt merged commit 6a47a89 into PowerShell:master Oct 31, 2019
@TylerLeonhardt TylerLeonhardt deleted the add-cred-scan-suppression branch October 31, 2019 19:07
@rjmholt rjmholt mentioned this pull request Nov 1, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rjmholt rjmholt rjmholt approved these changes

@TravisEz13 TravisEz13 TravisEz13 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@TylerLeonhardt @rjmholt @TravisEz13