Fixes false positive in secret detection against baseline due to config change #154
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🗒️ Summary
The problem wasn't that a new secret suddenly appeared. Instead, it was that the
.pre-commit-config.yaml
wasn't included in the baseline configuration which resulted in a diff when the GitHub Action ran. The GitHub Action from SLIM is a bit primitive: it treats any diff as a new secret. In this case, the diff was a difference in config, not in secrets.This also properly escapes the
.
in the regex for excluded files named.pre-commit-config.yaml
.⚙️ Test Data and/or Report
See https://github.com/nasa-pds-engineering-node/deep-archive/actions/runs/7035037799
♻️ Related Issues