Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG]: Example RSA Private Key triggers Secret Blocker precommit-hook #426

Open
1 task done
timreibe opened this issue Jun 13, 2024 · 2 comments
Open
1 task done
Labels
Type: Bug Something isn't working as documented

Comments

@timreibe
Copy link

What happened?

While building a private action, the commit was blocked by our secret blocker.
The secret blocker was triggered by the example RSA Private key in file types.d.ts (line 9570 and 11702).

/** @example "-----BEGIN RSA PRIVATE KEY-----\nMIIEogIB

Versions

@octokit/openapi-types version 22.2.0

installed with

npm install @actions/core
npm install @actions/github

Using node v20.14.0

Relevant log output

No response

Code of Conduct

  • I agree to follow this project's Code of Conduct
@timreibe timreibe added Status: Triage This is being looked at and prioritized Type: Bug Something isn't working as documented labels Jun 13, 2024
Copy link

👋 Hi! Thank you for this contribution! Just to let you know, our GitHub SDK team does a round of issue and PR reviews twice a week, every Monday and Friday! We have a process in place for prioritizing and responding to your input. Because you are a part of this community please feel free to comment, add to, or pick up any issues/PRs that are labeled with Status: Up for grabs. You & others like you are the reason all of this works! So thank you & happy coding! 🚀

@gr2m
Copy link
Contributor

gr2m commented Jun 13, 2024

Hmm interesting bug 😁 These files are generated, we do not write any of them manually. They are based on the files at https://github.com/github/rest-api-description, could you please file an issue there?

For what it's worth, I think your secret blocker should ignore comments 🤔 I wonder how GitHub is handling this with its own secret scanners

@wolfy1339 wolfy1339 removed the Status: Triage This is being looked at and prioritized label Jun 13, 2024
@nickfloyd nickfloyd moved this from 🆕 Triage to 🔥 Backlog in 🧰 Octokit Active Jun 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Type: Bug Something isn't working as documented
Projects
Status: 🔥 Backlog
Development

No branches or pull requests

3 participants