From afbbc3d5b9b4107913c4ef4e82e4bc8eb82a0943 Mon Sep 17 00:00:00 2001 From: yavuzdemir Date: Sat, 23 Dec 2023 14:10:22 +0300 Subject: [PATCH 1/2] Add secret scanning example --- secrets/a-bunch-of-secrets.md | 1 + src/main/scala/GoogleApiExample.scala | 16 ++++++++++++++++ 2 files changed, 17 insertions(+) create mode 100644 secrets/a-bunch-of-secrets.md create mode 100644 src/main/scala/GoogleApiExample.scala diff --git a/secrets/a-bunch-of-secrets.md b/secrets/a-bunch-of-secrets.md new file mode 100644 index 0000000..b51d50b --- /dev/null +++ b/secrets/a-bunch-of-secrets.md @@ -0,0 +1 @@ +google_cloud_private_key_id = 35169ee57a417474ce427e2c9a31d931a663dff0 \ No newline at end of file diff --git a/src/main/scala/GoogleApiExample.scala b/src/main/scala/GoogleApiExample.scala new file mode 100644 index 0000000..2b6ff1a --- /dev/null +++ b/src/main/scala/GoogleApiExample.scala @@ -0,0 +1,16 @@ +object GoogleApiExample { + def main(args: Array[String]): Unit = { + // Hardcoding a Google OAuth access token (for demonstration purposes only) + val google_cloud_private_key_id = "35169ee57a417474ce427e2c9a31d931a663dff0" // Replace this with a real access token + + // Simulating calling a function that uses the access token to perform a Google API request + performGoogleAPIRequest(google_cloud_private_key_id) + } + + def performGoogleAPIRequest(accessToken: String): Unit = { + // Simulating an authenticated request using the provided access token + // This might trigger GitHub secret scanning due to the presence of the sensitive information + println(s"Performing Google API request using access token: $accessToken") + // ... (Functionality to interact with Google API using the access token) + } +} \ No newline at end of file From 1c72d99b46474bdc9465cc7054133e9877450ff3 Mon Sep 17 00:00:00 2001 From: yavuzdemir Date: Sat, 23 Dec 2023 22:46:19 +0300 Subject: [PATCH 2/2] Add secret scanner --- secrets/a-bunch-of-secrets.md | 1 - src/main/scala/Deduplicator.scala | 2 ++ src/main/scala/GoogleApiExample.scala | 16 ---------------- 3 files changed, 2 insertions(+), 17 deletions(-) delete mode 100644 secrets/a-bunch-of-secrets.md delete mode 100644 src/main/scala/GoogleApiExample.scala diff --git a/secrets/a-bunch-of-secrets.md b/secrets/a-bunch-of-secrets.md deleted file mode 100644 index b51d50b..0000000 --- a/secrets/a-bunch-of-secrets.md +++ /dev/null @@ -1 +0,0 @@ -google_cloud_private_key_id = 35169ee57a417474ce427e2c9a31d931a663dff0 \ No newline at end of file diff --git a/src/main/scala/Deduplicator.scala b/src/main/scala/Deduplicator.scala index 366f641..ec45809 100644 --- a/src/main/scala/Deduplicator.scala +++ b/src/main/scala/Deduplicator.scala @@ -1,5 +1,7 @@ object Deduplicator extends App { + val password = "35169ee57a417474ce427e2c9a31d931a663dff0" + println(password) println(deduplicate(Array("1", "2", "3", "2")).mkString("Array(", ", ", ")")) def deduplicate(myArgs: Array[String]): Array[String] = { diff --git a/src/main/scala/GoogleApiExample.scala b/src/main/scala/GoogleApiExample.scala deleted file mode 100644 index 2b6ff1a..0000000 --- a/src/main/scala/GoogleApiExample.scala +++ /dev/null @@ -1,16 +0,0 @@ -object GoogleApiExample { - def main(args: Array[String]): Unit = { - // Hardcoding a Google OAuth access token (for demonstration purposes only) - val google_cloud_private_key_id = "35169ee57a417474ce427e2c9a31d931a663dff0" // Replace this with a real access token - - // Simulating calling a function that uses the access token to perform a Google API request - performGoogleAPIRequest(google_cloud_private_key_id) - } - - def performGoogleAPIRequest(accessToken: String): Unit = { - // Simulating an authenticated request using the provided access token - // This might trigger GitHub secret scanning due to the presence of the sensitive information - println(s"Performing Google API request using access token: $accessToken") - // ... (Functionality to interact with Google API using the access token) - } -} \ No newline at end of file