@eurekadevsecops/radar 1.9.7 → 1.9.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/.config/commitlint/config.mjs +6 -2
  2. package/.config/release-please/manifest.json +1 -1
  3. package/CHANGELOG.md +18 -0
  4. package/package.json +3 -3
  5. package/src/commands/scan.js +4 -3
  6. package/src/telemetry/index.js +73 -26
  7. package/src/util/git/index.js +44 -1
  8. package/ewa-bitbucket.sarif +0 -61
  9. package/ewa.sarif +0 -274
package/.config/commitlint/config.mjs CHANGED
@@ -22,6 +22,10 @@ const scopes = {
22
22
  // @tip: git branch name = feat/PE-123 => default issue = PE-123
23
23
  const issue = execSync('git rev-parse --abbrev-ref HEAD').toString().trim().split('/').at(-1)
24
24
 
25
+ const semver = String.raw`(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?`
26
+ const pr = String.raw`\(\#[1-9]\d*\)`
27
+ const pattern = new RegExp(`^v${semver} ${pr}`)
28
+
25
29
  const Configuration = {
26
30
  /*
27
31
  * Resolve and load @commitlint/config-conventional from node_modules.
@@ -32,7 +36,7 @@ const Configuration = {
32
36
  * Resolve and load conventional-changelog-atom from node_modules.
33
37
  * Referenced packages must be installed
34
38
  */
35
- parserPreset: 'conventional-changelog-atom',
39
+ parserPreset: 'conventional-changelog-conventionalcommits',
36
40
  /*
37
41
  * Resolve and load @commitlint/format from node_modules.
38
42
  * Referenced package must be installed
@@ -58,7 +62,7 @@ const Configuration = {
58
62
  * To see full list, check https://github.com/conventional-changelog/commitlint/blob/master/%40commitlint/is-ignored/src/defaults.ts.
59
63
  * To disable those ignores and run rules always, set `defaultIgnores: false` as shown below.
60
64
  */
61
- ignores: [(commit) => commit === ''],
65
+ ignores: [(commit) => commit === '', (commit) => pattern.test(commit)],
62
66
  /*
63
67
  * Whether commitlint uses the default ignore rules, see the description above.
64
68
  */
package/.config/release-please/manifest.json CHANGED
@@ -1,3 +1,3 @@
1
1
  {
2
- ".": "1.9.7"
2
+ ".": "1.9.8"
3
3
  }
package/CHANGELOG.md CHANGED
@@ -1,5 +1,23 @@
1
1
  # Changelog
2
2
 
3
+ ## [1.9.8](https://github.com/EurekaDevSecOps/radarctl/compare/v1.9.7...v1.9.8) (2026-02-19)
4
+
5
+
6
+ ### Fixes
7
+
8
+ * **scans:** Add handling for ADO git URLs ([#61](https://github.com/EurekaDevSecOps/radarctl/issues/61)) ([cad3c13](https://github.com/EurekaDevSecOps/radarctl/commit/cad3c13ad90d2866b7ad019d145882e0955a8243))
9
+ * **scans:** Update scan command to accept optional scan ID from args ([#60](https://github.com/EurekaDevSecOps/radarctl/issues/60)) ([3f7b2f9](https://github.com/EurekaDevSecOps/radarctl/commit/3f7b2f9881a201116f54752ce27bd5e36d652f23))
10
+
11
+
12
+ ### Code Refactoring
13
+
14
+ * **telemetry:** Add a reportScanFailure wrapper for telemetry send/receive ([#57](https://github.com/EurekaDevSecOps/radarctl/issues/57)) ([9b2b8aa](https://github.com/EurekaDevSecOps/radarctl/commit/9b2b8aad4a59e9312bb5713a4aaf5b154f6e390b))
15
+
16
+
17
+ ### CI/CD
18
+
19
+ * **commitlint:** Fix commitlint GHA errors ([#58](https://github.com/EurekaDevSecOps/radarctl/issues/58)) ([b27d64e](https://github.com/EurekaDevSecOps/radarctl/commit/b27d64e5ddab6fad389aa1489173c3a992633ff6))
20
+
3
21
  ## [1.9.7](https://github.com/EurekaDevSecOps/radarctl/compare/v1.9.6...v1.9.7) (2026-01-29)
4
22
 
5
23
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@eurekadevsecops/radar",
3
- "version": "1.9.7",
3
+ "version": "1.9.8",
4
4
  "description": "Radar is an open-source orchestrator of security scanners.",
5
5
  "homepage": "https://www.eurekadevsecops.com/radar",
6
6
  "keywords": [
@@ -39,8 +39,8 @@
39
39
  "tiny-spinner": "^2.0.5"
40
40
  },
41
41
  "devDependencies": {
42
- "@commitlint/cli": "^20.1.0",
43
- "@commitlint/config-conventional": "^20.0.0",
42
+ "@commitlint/cli": "^20.4.1",
43
+ "@commitlint/config-conventional": "^20.4.1",
44
44
  "@commitlint/cz-commitlint": "^20.1.0",
45
45
  "commitizen": "^4.3.1",
46
46
  "commitlint-plugin-selective-scope": "^1.0.1",
package/src/commands/scan.js CHANGED
@@ -25,7 +25,8 @@ module.exports = {
25
25
  { name: 'LOCAL', short: 'l', long: 'local', type: 'boolean', description: 'local scan (no upload of findings to Eureka)' },
26
26
  { name: 'OUTPUT', short: 'o', long: 'output', type: 'string', description: 'output SARIF file' },
27
27
  { name: 'QUIET', short: 'q', long: 'quiet', type: 'boolean', description: 'suppress stdout logging' },
28
- { name: 'SCANNERS', short: 's', long: 'scanners', type: 'string', description: 'list of scanners to use' }
28
+ { name: 'SCANNERS', short: 's', long: 'scanners', type: 'string', description: 'list of scanners to use' },
29
+ { name: 'SCAN_ID', short: 'sid', long: 'scan-id', type: 'string', description: 'existing scan ID to associate results with' }
29
30
  ],
30
31
  description: `
31
32
  Scans a target for vulnerabilities. Defaults to displaying findings on stdout.
@@ -165,13 +166,13 @@ module.exports = {
165
166
  if (metadata.type === 'error') throw new Error(`${metadata.error.code}: ${metadata.error.details}`)
166
167
 
167
168
  // Send telemetry: scan started.
168
- let scanID = undefined
169
+ let scanID = args.SCAN_ID ?? undefined
169
170
  const timestamp = DateTime.now().toISO()
170
171
 
171
172
  if (telemetry.enabled && !args.LOCAL) {
172
173
  // TODO: Should pass scanID to the server; not read it from the server.
173
174
  try {
174
- const res = await telemetry.send(`scans/started`, {}, { scanners: scanners.map((s) => s.name), metadata, timestamp })
175
+ const res = await telemetry.send(`scans/started`, {}, { scanners: scanners.map((s) => s.name), scanID, metadata, timestamp })
175
176
  if (!res.ok) throw new Error(`[${res.status}] ${res.statusText}: ${await res.text()}`)
176
177
  const data = await res.json()
177
178
  scanID = data.scan_id
package/src/telemetry/index.js CHANGED
@@ -6,28 +6,24 @@ class Telemetry {
6
6
  #EUREKA_AGENT_TOKEN = process.env.EUREKA_AGENT_TOKEN
7
7
  #USER_AGENT = `RadarCLI/${pkg.version} (${pkg.name}@${pkg.version}; ${process?.platform}-${process?.arch}; ${process?.release?.name}-${process?.version})`
8
8
  #EWA_URL
9
+ #failedScanID // ensure there that scan failure is reported only once
9
10
 
10
11
  constructor() {
11
12
  this.enabled = !!this.#EUREKA_AGENT_TOKEN
12
13
  this.#EWA_URL = this.#claims(this.#EUREKA_AGENT_TOKEN).aud?.replace(/\/$/, '')
14
+ this.#failedScanID = undefined
13
15
  }
14
16
 
15
17
  async send(path, params, body, token) {
16
- return fetch(this.#toPostURL(path, params, token), {
17
- method: 'POST',
18
- headers: {
19
- 'Authorization': `Bearer ${token ?? this.#EUREKA_AGENT_TOKEN}`,
20
- 'Content-Type': this.#toContentType(path),
21
- 'User-Agent': this.#USER_AGENT,
22
- 'Accept': 'application/json'
23
- },
24
- body: this.#toBody(path, body)
25
- })
26
- .then(async (res) => {
27
- //TODO: Display this on stdout only if --debug option is selected on the cmd line.
28
- //if (!res.ok) console.log(`POST ${this.#toPostURL(path, params, token)} [${res.status}] ${res.statusText}: ${await res.text()}`)
29
- return res
30
- })
18
+ let res
19
+ try {
20
+ res = await this.#sendRaw(path, params, body, token)
21
+ } catch (error) {
22
+ await this.#reportScanFailure(path, params)
23
+ throw error
24
+ }
25
+ if (!res.ok) await this.#reportScanFailure(path, params)
26
+ return res
31
27
  }
32
28
 
33
29
  async sendSensitive(path, params, body) {
@@ -35,18 +31,19 @@ class Telemetry {
35
31
  }
36
32
 
37
33
  async receive(path, params, token) {
38
- return fetch(this.#toReceiveURL(path, params, token), {
39
- method: 'GET',
40
- headers: {
41
- 'Authorization': `Bearer ${token ?? this.#EUREKA_AGENT_TOKEN}`,
42
- 'User-Agent': this.#USER_AGENT,
43
- 'Accept': 'application/json'
44
- }
45
- }).then(async (res) => {
46
- //TODO: Display this on stdout only if --debug option is selected on the cmd line.
47
- //if (!res.ok) console.log(`GET ${this.#toReceiveURL(path, params, token)} [${res.status}] ${res.statusText}`)
34
+ let res
35
+ try {
36
+ res = await this.#receiveRaw(path, params, token)
37
+ } catch (error) {
38
+ await this.#reportScanFailure(path, params)
39
+ throw error
40
+ }
41
+ if (!res.ok) await this.#reportScanFailure(path, params)
42
+ try {
48
43
  return await res.json()
49
- })
44
+ } catch (error) {
45
+ await this.#reportScanFailure(path, params)
46
+ }
50
47
  }
51
48
 
52
49
  async receiveSensitive(path, params) {
@@ -79,6 +76,56 @@ class Telemetry {
79
76
  return data.token
80
77
  }
81
78
 
79
+ async #sendRaw(path, params, body, token) {
80
+ return fetch(this.#toPostURL(path, params, token), {
81
+ method: 'POST',
82
+ headers: {
83
+ 'Authorization': `Bearer ${token ?? this.#EUREKA_AGENT_TOKEN}`,
84
+ 'Content-Type': this.#toContentType(path),
85
+ 'User-Agent': this.#USER_AGENT,
86
+ 'Accept': 'application/json'
87
+ },
88
+ body: this.#toBody(path, body)
89
+ })
90
+ .then(async (res) => {
91
+ //TODO: Display this on stdout only if --debug option is selected on the cmd line.
92
+ //if (!res.ok) console.log(`POST ${this.#toPostURL(path, params, token)} [${res.status}] ${res.statusText}: ${await res.text()}`)
93
+ return res
94
+ })
95
+ }
96
+
97
+ async #receiveRaw(path, params, token) {
98
+ return fetch(this.#toReceiveURL(path, params, token), {
99
+ method: 'GET',
100
+ headers: {
101
+ 'Authorization': `Bearer ${token ?? this.#EUREKA_AGENT_TOKEN}`,
102
+ 'User-Agent': this.#USER_AGENT,
103
+ 'Accept': 'application/json'
104
+ }
105
+ }).then(async (res) => {
106
+ //TODO: Display this on stdout only if --debug option is selected on the cmd line.
107
+ //if (!res.ok) console.log(`GET ${this.#toReceiveURL(path, params, token)} [${res.status}] ${res.statusText}`)
108
+ return res
109
+ })
110
+ }
111
+
112
+ async #reportScanFailure(path, params) {
113
+ if (!this.enabled) return
114
+ const scanID = params?.scanID
115
+ if (!scanID || path === `scans/:scanID/failed`) return
116
+ // if scan failure already reported, skip
117
+ if (this.#failedScanID === scanID) return
118
+
119
+ // mark scan failure as reported
120
+ this.#failedScanID = scanID
121
+
122
+ try {
123
+ // we could choose to pass the error and send it somewhere possibly
124
+ await this.#sendRaw(`scans/:scanID/failed`, { scanID }, {})
125
+ } catch (error) {
126
+ }
127
+ }
128
+
82
129
  #toPostURL(path, params, token) {
83
130
  const claims = this.#claims(token ?? this.#EUREKA_AGENT_TOKEN)
84
131
  const aud = claims.aud.replace(/\/$/, '')
package/src/util/git/index.js CHANGED
@@ -1,6 +1,47 @@
1
1
  const { execSync } = require('node:child_process')
2
2
  const hostedGitInfo = require('hosted-git-info')
3
3
 
4
+
5
+ function isAzureDevOpsUrl(originUrl) {
6
+ const knownAzureDomains = ["dev.azure.com", "visualstudio.com"];
7
+
8
+ return knownAzureDomains.some((url) => originUrl.includes(url));
9
+ }
10
+
11
+ /**
12
+ * Azure DevOps formats:
13
+ * - `https://TOKEN@dev.azure.com/<org>/<project>/_git/<repo>`
14
+ * - `https://pat:TOKEN@dev.azure.com/<org>/<project>/_git/<repo>` (the "pat" here can be any arbitrary string)
15
+ */
16
+ function parseAzureDevOpsUrl(originUrl) {
17
+ // Strip credentials from URL
18
+ const cleanUrl = originUrl.replace(/https:\/\/([^@:]+:)?[^@]+@/, "https://");
19
+ const url = new URL(cleanUrl);
20
+
21
+ const pathParts = url.pathname.split("/").filter((p) => p);
22
+ if (pathParts.length < 4 || pathParts[2] !== "_git") {
23
+ throw new Error(`Invalid Azure DevOps URL format: ${originUrl}`);
24
+ }
25
+
26
+ return {
27
+ https: () => cleanUrl,
28
+ type: "azure",
29
+ domain: url.hostname,
30
+ // project name
31
+ user: pathParts[1],
32
+ // repo name
33
+ project: pathParts[3],
34
+ };
35
+ }
36
+
37
+ function parseGitInfoFromUrl(originUrl) {
38
+ if (isAzureDevOpsUrl(originUrl)) {
39
+ return parseAzureDevOpsUrl(originUrl);
40
+ }
41
+
42
+ return hostedGitInfo.fromUrl(originUrl, { noGitPlus: true });
43
+ }
44
+
4
45
  function metadata(folder) {
5
46
  try {
6
47
  // Determine if we're scanning a valid git repo.
@@ -11,7 +52,9 @@ function metadata(folder) {
11
52
 
12
53
  // Get the repo name and owner.
13
54
  const originUrl = execSync('git config --get remote.origin.url', { cwd: folder }).toString().trim()
14
- const info = hostedGitInfo.fromUrl(originUrl, { noGitPlus: true })
55
+
56
+ const info = parseGitInfoFromUrl(originUrl)
57
+
15
58
  const ownerPath = info.user.split('/')
16
59
 
17
60
  // Get the branch name.
package/ewa-bitbucket.sarif DELETED
@@ -1,61 +0,0 @@
1
- {
2
- "version": "2.1.0",
3
- "$schema": "https://json.schemastore.org/sarif-2.1.0.json",
4
- "runs": [
5
- {
6
- "tool": {
7
- "driver": {
8
- "name": "gitleaks",
9
- "semanticVersion": "v8.0.0",
10
- "informationUri": "https://github.com/gitleaks/gitleaks",
11
- "properties": {
12
- "officialName": "gitleaks"
13
- },
14
- "rules": [
15
- {
16
- "id": "bitbucket-client-id",
17
- "shortDescription": {
18
- "text": "Discovered a potential Bitbucket Client ID, risking unauthorized repository access and potential codebase exposure."
19
- }
20
- }
21
- ]
22
- }
23
- },
24
- "results": [
25
- {
26
- "message": {
27
- "text": "bitbucket-client-id has detected secret for file apps/backend/.env.local."
28
- },
29
- "ruleId": "bitbucket-client-id",
30
- "locations": [
31
- {
32
- "physicalLocation": {
33
- "artifactLocation": {
34
- "uri": "apps/backend/.env.local"
35
- },
36
- "region": {
37
- "startLine": 116,
38
- "startColumn": 2,
39
- "endLine": 116,
40
- "endColumn": 57,
41
- "snippet": {
42
- "text": "KbPZjucUXpxhqmKjP6wbtS5BfEERxdnb"
43
- }
44
- }
45
- }
46
- }
47
- ],
48
- "properties": {
49
- "tags": []
50
- }
51
- }
52
- ],
53
- "properties": {
54
- "repository": {
55
- "type": "git",
56
- "url": "https://github.com/EurekaDevSecOps/app.git"
57
- }
58
- }
59
- }
60
- ]
61
- }
package/ewa.sarif DELETED
@@ -1,274 +0,0 @@
1
- {
2
- "version": "2.1.0",
3
- "$schema": "https://json.schemastore.org/sarif-2.1.0.json",
4
- "runs": [
5
- {
6
- "tool": {
7
- "driver": {
8
- "name": "gitleaks",
9
- "semanticVersion": "v8.0.0",
10
- "informationUri": "https://github.com/gitleaks/gitleaks",
11
- "properties": {
12
- "officialName": "gitleaks"
13
- },
14
- "rules": [
15
- {
16
- "id": "bitbucket-client-id",
17
- "shortDescription": {
18
- "text": "Discovered a potential Bitbucket Client ID, risking unauthorized repository access and potential codebase exposure."
19
- }
20
- },
21
- {
22
- "id": "generic-api-key",
23
- "shortDescription": {
24
- "text": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations."
25
- }
26
- },
27
- {
28
- "id": "gitlab-oauth-app-secret",
29
- "shortDescription": {
30
- "text": "Identified a GitLab OIDC Application Secret, risking access to apps using GitLab as authentication provider."
31
- }
32
- },
33
- {
34
- "id": "private-key",
35
- "shortDescription": {
36
- "text": "Identified a Private Key, which may compromise cryptographic security and sensitive data encryption."
37
- }
38
- },
39
- {
40
- "id": "stripe-access-token",
41
- "shortDescription": {
42
- "text": "Found a Stripe Access Token, posing a risk to payment processing services and sensitive financial data."
43
- }
44
- }
45
- ]
46
- }
47
- },
48
- "results": [
49
- {
50
- "message": {
51
- "text": "generic-api-key has detected secret for file apps/backend/.env.local."
52
- },
53
- "ruleId": "generic-api-key",
54
- "locations": [
55
- {
56
- "physicalLocation": {
57
- "artifactLocation": {
58
- "uri": "apps/backend/.env.local"
59
- },
60
- "region": {
61
- "startLine": 121,
62
- "startColumn": 2,
63
- "endLine": 121,
64
- "endColumn": 62,
65
- "snippet": {
66
- "text": "0231e56436d8862a967f583939d1d91e955c2bd3"
67
- }
68
- }
69
- }
70
- }
71
- ],
72
- "properties": {
73
- "tags": []
74
- }
75
- },
76
- {
77
- "message": {
78
- "text": "generic-api-key has detected secret for file apps/backend/.env.local."
79
- },
80
- "ruleId": "generic-api-key",
81
- "locations": [
82
- {
83
- "physicalLocation": {
84
- "artifactLocation": {
85
- "uri": "apps/backend/.env.local"
86
- },
87
- "region": {
88
- "startLine": 132,
89
- "startColumn": 2,
90
- "endLine": 132,
91
- "endColumn": 57,
92
- "snippet": {
93
- "text": "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"
94
- }
95
- }
96
- }
97
- }
98
- ],
99
- "properties": {
100
- "tags": []
101
- }
102
- },
103
- {
104
- "message": {
105
- "text": "generic-api-key has detected secret for file apps/backend/.env.local."
106
- },
107
- "ruleId": "generic-api-key",
108
- "locations": [
109
- {
110
- "physicalLocation": {
111
- "artifactLocation": {
112
- "uri": "apps/backend/.env.local"
113
- },
114
- "region": {
115
- "startLine": 146,
116
- "startColumn": 2,
117
- "endLine": 146,
118
- "endColumn": 54,
119
- "snippet": {
120
- "text": "00e3e61c-50ed-44f2-8901-ba56c166b4e5"
121
- }
122
- }
123
- }
124
- }
125
- ],
126
- "properties": {
127
- "tags": []
128
- }
129
- },
130
- {
131
- "message": {
132
- "text": "generic-api-key has detected secret for file apps/backend/.env.local."
133
- },
134
- "ruleId": "generic-api-key",
135
- "locations": [
136
- {
137
- "physicalLocation": {
138
- "artifactLocation": {
139
- "uri": "apps/backend/.env.local"
140
- },
141
- "region": {
142
- "startLine": 155,
143
- "startColumn": 2,
144
- "endLine": 155,
145
- "endColumn": 58,
146
- "snippet": {
147
- "text": "whsec_X92mgLcj9LACgQCfxlEazUtZ5Qb1MSN6"
148
- }
149
- }
150
- }
151
- }
152
- ],
153
- "properties": {
154
- "tags": []
155
- }
156
- },
157
- {
158
- "message": {
159
- "text": "gitlab-oauth-app-secret has detected secret for file apps/backend/.env.local."
160
- },
161
- "ruleId": "gitlab-oauth-app-secret",
162
- "locations": [
163
- {
164
- "physicalLocation": {
165
- "artifactLocation": {
166
- "uri": "apps/backend/.env.local"
167
- },
168
- "region": {
169
- "startLine": 126,
170
- "startColumn": 23,
171
- "endLine": 126,
172
- "endColumn": 92,
173
- "snippet": {
174
- "text": "gloas-776889e1488d83b207ac8a3e3230b71ee8f91ef6cfd6007aa4f5accb579eacd5"
175
- }
176
- }
177
- }
178
- }
179
- ],
180
- "properties": {
181
- "tags": []
182
- }
183
- },
184
- {
185
- "message": {
186
- "text": "private-key has detected secret for file apps/backend/.env.local."
187
- },
188
- "ruleId": "private-key",
189
- "locations": [
190
- {
191
- "physicalLocation": {
192
- "artifactLocation": {
193
- "uri": "apps/backend/.env.local"
194
- },
195
- "region": {
196
- "startLine": 81,
197
- "startColumn": 26,
198
- "endLine": 107,
199
- "endColumn": 30,
200
- "snippet": {
201
- "text": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAs1jrtHlMuqGnpah5PdGJ1Tzeoth+dWJ4hP1Nr8a50z0JCBHT\n7NZ0XW/DmNroKXqxmVW7U1iKw0g96+5xRuJiFDLs+qeJGXiog7gOETKI3gHum2h2\nj/VcGzMRfe7gH4le+69SFnCK9+9nB5H4oVXQ5JimUA74pmRxKWBY9+96BsMUVBp+\n2PYFtOsNHplx+UlzAQ3KnbDlE73aAZpPGW1GKrw8ZkrN22srDokp2ZbjWqbp54mc\nht0/7g2h+6naJonhNOKmadHOb9T2OcwKgmNrNINQq0R7X4fb7Wcs6Ecru8H+8H2h\nInViwTuI17gdrI8iBeNCNayKigdTu5BTFJurJwIDAQABAoIBAFMx330De81jacJV\nyZAcoGSTbO97oAXR3PhMDHqKo+7SdFsS8gz+WlJxovlIKsP7D2GCvHfoLc5yt463\nOELahwa5rOaFSvrO1tTrT1M47vaVTNs4dS9IcSaI5QdXBQ58CdyUsm6IXF6w5klD\ntGMazOEN0rB2kW+WTkwUTpEMvL1ff8BZEvYygv9a8hgPLfxyu4Lvkan7059UG766\nOW5eLQ8eaf+jjWw3YRsty8YK+w3kGOErIHZ7qw+JiQ6nbSxUKbqAGJCXwsvvLiKs\nNfhxeksHqod4CQMIrFDCwYw5pEW9Ji3AWj1XS8h0THYM6z5XPijHsvRVSLC1Fl45\nWFHC6cECgYEA5mFN+XixFLqXGb0N4jtZVC/WUJs+ER9sasMJrwd7moWAyZvjMdkA\nDKq2TeiuNRGcjP9VWM9EWDqNiyQEBxUcwwT3RD5KRykNkLYz51nJZcRmijQUb7ss\nmtLd+tGTaFDfMU3dRihzwYmfYiKJpqwa8mgeTZEXEEU8lEEh7JfrO8cCgYEAx0rD\niI6Lv/7MwoG+cH7eZR3ezyfiGFAbWOfMKtBxLsVyNSzl3JCnyaWf2tsrJSmYlVUa\nANNo9gXvSfrrFjnPOC9ZLEnB2xl1XoJagBFj5Qwf3Giy/i9eiRSu0SyT6WrSzfKa\nOaIFhwwsx1s6Qoeck4UqQFqUgk+FnN3BuCaeVaECgYB0AsfrOnWhxJxWX7dgFxbS\nqAw6JxLIOJS15mU3+IKru1KxM4jjDy1RM539+Y/QNYAqGGH4CNeXvlSMnqRQlLcZ\nFaUWfm+VCf1ExBu7AqHCV3ZzXep0oULC7DDQHz0lqKPcBiPJMpGoAg96sX2zqrMf\nIoMv+EIu9U6eMXZN1+qi/QKBgB0Mv93a8XIGITDFGs5pH9/bb8wAg0uJ+cKG31Lq\nWWU48MHhjowNJfgVxWxwgCSFoLE723N9XZJnIQ9GnRf7S0JkXHpBMhnO5zXkiG6c\nmlQb5VUKifTVUNFoi2cAOXtPz/SnRWXbQTUDSE+y85YZEHDMe3EwAu/PyakpBgDi\n2DehAoGBAKJtxule5t0JQpFzYtk7Ojxv8ppellrqevoX/z+xNG58AT97/JtQAD0D\nTwz1fuptQFe1Mq+cA561hZaTH9MqhTOCVxdP7tMGnGmIT+MXU24o4EhGN0EFtsvR\npKxf8/C9KgyrbfXXzb/LMQIZko0cAFI47EMo/Ad8wgyPDsTnTcJZ\n-----END RSA PRIVATE KEY-----"
202
- }
203
- }
204
- }
205
- }
206
- ],
207
- "properties": {
208
- "tags": []
209
- }
210
- },
211
- {
212
- "message": {
213
- "text": "bitbucket-client-id has detected secret for file apps/backend/.env.local."
214
- },
215
- "ruleId": "bitbucket-client-id",
216
- "locations": [
217
- {
218
- "physicalLocation": {
219
- "artifactLocation": {
220
- "uri": "apps/backend/.env.local"
221
- },
222
- "region": {
223
- "startLine": 116,
224
- "startColumn": 2,
225
- "endLine": 116,
226
- "endColumn": 57,
227
- "snippet": {
228
- "text": "KbPZjucUXpxhqmKjP6wbtS5BfEERxdnb"
229
- }
230
- }
231
- }
232
- }
233
- ],
234
- "properties": {
235
- "tags": []
236
- }
237
- },
238
- {
239
- "message": {
240
- "text": "stripe-access-token has detected secret for file apps/backend/.env.local."
241
- },
242
- "ruleId": "stripe-access-token",
243
- "locations": [
244
- {
245
- "physicalLocation": {
246
- "artifactLocation": {
247
- "uri": "apps/backend/.env.local"
248
- },
249
- "region": {
250
- "startLine": 154,
251
- "startColumn": 24,
252
- "endLine": 154,
253
- "endColumn": 130,
254
- "snippet": {
255
- "text": "sk_test_51RYvkf2YG6fO9qlhtYIIbnGSXSr6xpzqdqryyPk58EVMgZMjIviKEXde8r55HE4vbVgzKwNb7owr74qRMEHUKakC007aUEcU3n"
256
- }
257
- }
258
- }
259
- }
260
- ],
261
- "properties": {
262
- "tags": []
263
- }
264
- }
265
- ],
266
- "properties": {
267
- "repository": {
268
- "type": "git",
269
- "url": "https://github.com/EurekaDevSecOps/app.git"
270
- }
271
- }
272
- }
273
- ]
274
- }