Historic Secret Detection Vulnerability File Link incorrect
Summary
When doing a Historic scan with secret_detection the vulnerability text will be similar to the vulnerability below. The commit is the correct commit, however, the file will have a different commit of 4e80ff60 which is the current main branch's commit. Therefore, when you click on the link it will sometimes go to a file that doesn't exist if it has been removed or a line that does not have the issue. The link should instead be: /cory.shay/secretdetection/-/blob/7b9376191b2a1bdb0590f588fd20e53f253ef646/test.txt#L1
Social Security Number detected; please remove and revoke it if this is a leak.
Description
Historic Social Security Number secret has been found in commit 7b9376191b2a1bdb0590f588fd20e53f253ef646.
- Severity: Critical
- Tool: Secret Detection
- Scanner: Gitleaks
Location
- File: test.txt:1
Identifiers
- Gitleaks rule ID Social Security Number
Steps to reproduce
Create a repo with secrets_detection
enabled and SECRET_DETECTION_HISTORIC_SCAN: "true"
and then add a fake secret into the repo. Then remove the secret from history and have secret_detection detect the vulnerability. An example of this can be found within the following repo: https://gitlab.com/cory.shay/secretdetection