Skip to content

Commit

Permalink
Test
Browse files Browse the repository at this point in the history
  • Loading branch information
@ArisBee
ArisBee committed Sep 23, 2024
1 parent 6fb8799 commit ef9f939
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/semgrep.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ jobs:
SEMGREP_SEND_METRICS: off
shell: bash
run: |
semgrep scan . --gitlab-sast -o /tmp/semgrep.json
semgrep scan . --strict --gitlab-sast -o /tmp/semgrep.json
- name: Show Semgrep report
if: success() || failure()
run: cat /tmp/semgrep.json
5 changes: 4 additions & 1 deletion pages/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,10 @@ export default function Home() {

<div className={styles.grid}>
</div>
<h2>Comments, Oops "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjEsImlhdCI6MTY3Mjc2NjAyOCwiZXhwIjoxNjc0NDk0MDI4fQ.kCak9sLJr74frSRVQp0_27BY4iBCgQSmoT3vQVWKzJg"</h2>
<h2>Comments, Oops:
AWS_ACCESS_KEY_ID=AKIA2OGYBAH6TDQ3GH4E
AWS_SECRET_ACCESS_KEY=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

Check failure on line 45 in pages/index.js

View check run for this annotation

Orca Security (EU) / Orca Security - Secrets

[HIGH] AWS Secret Access Key 

Details:
Paired with the AWS Access Key ID, this secret key provides access to AWS
services. If revealed, it could lead to unauthorized control over AWS resources,
data breaches, and financial harm.

IMPORTANT:
We have detected that the secret is still valid. Immediate attention is required.

Recommendation:
Take immediate action to mitigate the risk of the identified hard-coded secret by
locating where it is used, revoking it, and ensuring it is updated across all
dependent systems.
</h2>
<ul>
{comments.map((comment, index) => (
<li dangerouslySetInnerHTML={{ __html: comment }} key={index} />
Expand Down

0 comments on commit ef9f939

Please sign in to comment.