Add detail of potential secrets in client-side token warnings
Related issue: #412229 (closed)
What does this MR do and why?
This MR adds more details around the secrets found in the client-side secret detection warnings.
- Show detected token type
- Show detected token (redacted)
Additionally, this update incorporates the following refactoring:
- We consolidated two methods (
containsSensitiveToken
andconfirmSensitiveAction
) into one (detectAndConfirmSensitiveTokens
) for improved usability and extensibility. - Implemented missing test coverage.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before
After
One secret found | Multiple secret found |
---|---|
Other variants
How to set up and validate locally
- Add a comment to any issue / MR page with the following message:
hello glpat-12345678901234567890
- It should show the modal with updated messaging.
Edited by Dheeraj Joshi