Hacker News new | ask | show | jobs
by anthonyskipper 95 days ago
The fake key for real key thing seems like a problem. A lot of enterprise scanning tools look for keys in repos and other locations and you will get a lot of false positives.

Otherwise this is cool, we need more competition here.
1 comments
guyb3 95 days ago
It's a good point, I don't think the placeholders we use will trigger a secret scanner, but we can adjust if it's an issue.

https://github.com/onecli/onecli/blob/942cfc6c6fd6e184504e01...

link