gitleaks/gitleaks

Pattern Findings

50 matches across 4 categories. Click a row to expand file-level details.

Fake / Example Data24 hits · 24 pts

Severity	File	Line	Snippet
LOW	detect/detect_test.go	955	Email: "user@example.com",
LOW	detect/detect_test.go	976	Email: "user@example.com",
LOW	detect/detect_test.go	997	Email: "user@example.com",
LOW	detect/detect_test.go	1018	Email: "user@example.com",
LOW	detect/detect_test.go	1039	Email: "user@example.com",
LOW	detect/detect_test.go	1060	Email: "user@example.com",
LOW	detect/detect_test.go	1081	Email: "user@example.com",
LOW	detect/detect_test.go	1102	Email: "user@example.com",
LOW	detect/detect_test.go	1123	Email: "user@example.com",
LOW	detect/detect_test.go	1144	Email: "user@example.com",
LOW	detect/detect_test.go	1165	Email: "user@example.com",
LOW	detect/detect_test.go	1186	Email: "user@example.com",
LOW	detect/detect_test.go	1207	Email: "user@example.com",
LOW	detect/detect_test.go	1228	Email: "user@example.com",
LOW	detect/detect_test.go	1249	Email: "user@example.com",
LOW	detect/detect_test.go	1270	Email: "user@example.com",
LOW	testdata/expected/report/json_simple.json	15	"Author": "John Doe",
LOW	testdata/expected/report/template_jsonextra.json	15	"Author": "John Doe",
LOW	report/template_test.go	36	Author: "John Doe",
LOW	report/template_test.go	61	Author: "John Doe",
LOW	report/json_test.go	25	Author: "John Doe",
LOW	report/junit_test.go	36	Author: "John Doe",
LOW	report/csv_test.go	35	Author: "John Doe",
LOW	report/sarif_test.go	40	Author: "John Doe",

Over-Commented Block22 hits · 22 pts

Severity	File	Line	Snippet
LOW	README.md	241
LOW	README.md	261	# appended and can contain duplicates.
LOW	detect/detect_test.go	61	secret=6465636F6465642D7365637265742D76616C756576484558
LOW	detect/reader.go	41	// StreamDetectReader streams the detection results from the provided io.Reader.
LOW	detect/reader.go	61	// findingsCh, errCh := detector.StreamDetectReader(myReader, 64) // using 64 KB buffer size
LOW	cmd/detect.go	1	// The `detect` and `protect` command is now deprecated. Here are some equivalent commands
LOW	cmd/generate/config/utils/generate.go	121	// TODO: "php - null coalesce": `${i}Token ??= "{s}"`,
LOW	cmd/generate/config/rules/curl.go	121	// Short flag.
LOW	cmd/generate/config/rules/1password.go	41	return utils.Validate(r, tps, fps)
LOW	cmd/generate/config/rules/sentry.go	21	},
LOW	cmd/generate/config/base/config.go	41	// ----------- Interpolated Variables -----------
LOW	config/gitleaks.toml	1	# This file has been auto-generated. Do not edit manually.
LOW	config/allowlist.go	41
LOW	scripts/profile.sh	1	#! /usr/bin/env bash
LOW	sources/git_test.go	1	package sources
LOW	sources/git_test.go	21	// source: filepath.Join(repoBasePath, "small"),
LOW	sources/git_test.go	41	// }
LOW	sources/git_test.go	61	// t.Error("expected: ", expected, "got: ", diffSb.String())
LOW	sources/git_test.go	81	// err := moveDotGit("dotGit", ".git")
LOW	sources/git_test.go	101
LOW	sources/git_test.go	121
LOW	sources/git_test.go	141	// os.RemoveAll(fmt.Sprintf("%s/%s/%s", repoBasePath, dir.Name(), ".git"))

Cross-File Repetition3 hits · 15 pts

Severity	File	Snippet
HIGH	testdata/config/valid/rule_entropy_group.toml	(?i)(discord[a-z0-9_ .\-,]{0,25})(=\|>\|:=\|\\|\\|:\|<=\|=>\|:).{0,5}['\"]([a-h0-9]{64})['\"]
HIGH	testdata/config/invalid/rule_bad_entropy_group.toml	(?i)(discord[a-z0-9_ .\-,]{0,25})(=\|>\|:=\|\\|\\|:\|<=\|=>\|:).{0,5}['\"]([a-h0-9]{64})['\"]
HIGH	testdata/config/invalid/rule_missing_id.toml	(?i)(discord[a-z0-9_ .\-,]{0,25})(=\|>\|:=\|\\|\\|:\|<=\|=>\|:).{0,5}['\"]([a-h0-9]{64})['\"]

Hyper-Verbose Identifiers1 hit · 1 pts

Severity	File	Line	Snippet
LOW	cmd/generate/config/rules/huggingface.go	105	`def test_internal_api_org_inclusion_with_href(api_name, href, expected, monkeypatch, called_with):