Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect a npmrc auth token being checked in #785

Open
1 of 2 tasks
kaihendry opened this issue Jan 11, 2024 · 1 comment
Open
1 of 2 tasks

Detect a npmrc auth token being checked in #785

kaihendry opened this issue Jan 11, 2024 · 1 comment
Labels
help wanted Indicates that we would like someone that’s not a maintainer to work on the issue. request The issue is a request for a new feature or plugin. triaged The issue has been reviewed but has not been solved yet.

Comments

@kaihendry
Copy link

  • I'm submitting a ...

    • bug report
    • feature request

  • What is the current behavior?

Doesn't seem to pick up on auth tokens in npmrc https://docs.npmjs.com/cli/v9/configuring-npm/npmrc#auth-related-configuration

  • If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem
//registry.example.com/:_auth=foobar
//registry2.example.com/:_authToken=MYTOKEN2

https://gist.github.com/kaihendry/090f21f431560a05e9771c3f854d7c53

  • What is the expected behavior?

Flag the token

  • What is the motivation / use case for changing the behavior?

Might have accidentally checked in a secret

  • Please tell us about your environment:

    • detect-secrets Version: 1.4.
    • Python Version:
    • OS Version: MacOS / Homebrew
    • File type (if applicable):

  • Other information

gitleaks/gitleaks#1326
@lantica
Copy link

lantica commented Apr 8, 2024

Having the same issue

@lorenzodb1 lorenzodb1 added help wanted Indicates that we would like someone that’s not a maintainer to work on the issue. triaged The issue has been reviewed but has not been solved yet. request The issue is a request for a new feature or plugin. labels May 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Indicates that we would like someone that’s not a maintainer to work on the issue. request The issue is a request for a new feature or plugin. triaged The issue has been reviewed but has not been solved yet.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kaihendry @lorenzodb1 @lantica