is_likely_id_string filter creates false negative in key scanning #608
Labels
false negatives
P3
When you get around it. E.g. a fix for non-breaking issue we will work on when there's nothing more
selected
The issue has been selected to be worked on.
Hello,
The following filter creates a FN for us:
detect-secrets/detect_secrets/filters/heuristic.py
Line 78 in e61b9f9
The scanned secret we have in Dockerfile:
ENV aws_access_key_id=AKIA4NACSIJMDDNSEDTE
The secret itself would correctly trigger the aws plugin but the is_likely_id_string causes it to be missed.
Perhaps at least some of the filters should be applied only in case a regex based detector hasn't detected a secret.
Otherwise, pretty obvious cases can be missed only because of the secret name.
The text was updated successfully, but these errors were encountered: