Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create rule S6751: PyPI tokens should not be disclosed (APPSEC-1073) #3021

Merged
merged 6 commits into from
Sep 15, 2023
Merged

Create rule S6751: PyPI tokens should not be disclosed (APPSEC-1073) #3021

merged 6 commits into from
Sep 15, 2023

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Sep 7, 2023

You can preview this rule here (updated a few minutes after each push).

Review

A dedicated reviewer checked the rule description successfully for:

  • logical errors and incorrect information
  • information gaps and missing content
  • text style and tone
  • PR summary and labels follow the guidelines

@egon-okerman-sonarsource egon-okerman-sonarsource changed the title Create rule S6751 Create rule S6751: PyPI (APPSEC-1073) Sep 7, 2023
@egon-okerman-sonarsource egon-okerman-sonarsource marked this pull request as ready for review September 7, 2023 16:18
@egon-okerman-sonarsource egon-okerman-sonarsource changed the title Create rule S6751: PyPI (APPSEC-1073) Create rule S6751: PyPI tokens should not be disclosed (APPSEC-1073) Sep 11, 2023
gaetan-ferry-sonarsource
gaetan-ferry-sonarsource suggested changes Sep 14, 2023
View reviewed changes
Copy link
Contributor

@gaetan-ferry-sonarsource gaetan-ferry-sonarsource left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the impact section could deserve some improvements.

rules/S6751/secrets/rule.adoc Outdated Show resolved Hide resolved
rules/S6751/secrets/rule.adoc Show resolved Hide resolved
rules/S6751/secrets/rule.adoc Show resolved Hide resolved
gaetan-ferry-sonarsource
gaetan-ferry-sonarsource approved these changes Sep 15, 2023
View reviewed changes
Copy link
Contributor

@gaetan-ferry-sonarsource gaetan-ferry-sonarsource left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. hopefully you won't have conflict with the common files that were added in to different PRs.

@sonarqube-next
Copy link

SonarQube Quality Gate for 'rspec-tools'

Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@sonarqube-next
Copy link

SonarQube Quality Gate for 'rspec-frontend'

Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@egon-okerman-sonarsource egon-okerman-sonarsource merged commit 054bdfb into master Sep 15, 2023
9 of 10 checks passed
@egon-okerman-sonarsource egon-okerman-sonarsource deleted the rule/add-RSPEC-S6751 branch September 15, 2023 13:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@egon-okerman-sonarsource egon-okerman-sonarsource egon-okerman-sonarsource left review comments

@gaetan-ferry-sonarsource gaetan-ferry-sonarsource gaetan-ferry-sonarsource approved these changes

Assignees

@egon-okerman-sonarsource egon-okerman-sonarsource

Labels
secrets
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gaetan-ferry-sonarsource @egon-okerman-sonarsource