Skip to content

Update pre-receive secret detection error message in WebIDE

Problem to solve

As groupsecret detection works toward Make Secret Push Protection available in Beta o... (&12729 - closed), we want to ensure the developer experience with pre-receive secret detection is usable across most git interface workflows including:

  • CLI
  • Local IDE
  • Web IDE
  • Single file editor
  • MR code suggestions
  • MR quick actions (rebase)
  • Project import*
  • Repository mirroring*

* May be deemed out of scope

This issue is focused on improving the GitLab WebIDE

Proposal

To enhance user experience, we propose the following improvements to the WebIDE:

  • Update error messaging according to the copy changes listed below
  • Render line breaks if present in error messages to improve readability.
  • Remove unnecessary error message prefixes that don't provide clear user value.
  • Implement clickable links or buttons within the UI and elsewhere (if possible) for accessing documentation

WebIDE Error

Current error Original Proposal
Web_IDE__Current_error_message Web_IDE__Proposed_error_message

Implementation Plan

Due to limitations with the WebIDE and considering UX, we are going to take an approach where we show a standard message that can lead the user to the view the complete log message.

Error Output panel (with better formatting)
image image

More discussion can be followed from this thread: #456548 (comment 1888490422)

Copy changes

NOTE: Before copying this, please check this comment.

Push blocked: Secrets detected in code changes.
Pre-receive secret detection found the following secrets in commit: Odae161128943c185ec21ab66c3c2ab835a07c24

- CHANGELOG.md:1 | GitLab Personal Access Token
- security.txt:43 | GitLab Personal Access Token
- file-name:# | Type of detected secret

To push your changes you must remove the identified secrets. For guidance, see [remove a secret](http://gitlab.com/help/user/application_security/secret_detection/pre_receive.html#remove-a-secret). To skip pre-receive secret detection, include the text "[skip secret detection]" in a commit message for one of your changes, then push again.

Issue Refinement Progress

If a checkbox is not relevant for the issue, please remove it.

  • This issue describes a problem to solve, or a task to complete, and it's confirmed.
  • This issue describes a proposal or an implementation plan that outlines a way to solve the problem or complete the task.
  • This issue requires assistance or support from other groups, and it's indicated in the issue description.
  • This issue could affect application security or performance, and the concern is explained in the issue description.
  • This issue is the smallest iteration possible and doesn't require further break down.
  • This issue has weight set - based on how many tasks or merge requests are required - and needs weight label is removed.
  • This issue is labeled correctly.
  • This issue is reviewed by another team member to confirm strategy and estimate.
  • Finally, add workflowready for development label to this issue.
Edited by Dheeraj Joshi