Spaces:
Starting
Starting
File size: 450 Bytes
81aa0b5 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | ---
name: warn-secrets-in-code
enabled: true
event: file
pattern: (API_KEY|SECRET|TOKEN|PASSWORD)\s*=\s*["'][^"']+["']
action: warn
---
🔐 **Possible hardcoded secret detected**
Hardcoded credentials are a security risk. Use environment variables instead:
```python
import os
api_key = os.environ.get("API_KEY")
```
```javascript
const apiKey = process.env.API_KEY;
```
Make sure to add the real secret to `.env` (and `.env` to `.gitignore`).
|