|
|
|
|
|
|
by segudev
1445 days ago
|
|
|
Unfortunately, it's not as simple as that.
Lots of secrets are "generic" (think of a DB user/password combination), meaning that you need to take into account the surrounding source code context to be able to determine if they are a "real" secret. Here is a full explanation if you are interested: https://blog.gitguardian.com/why-detecting-generic-credentia... |
|
|