From 8a919076f33143b36766be858e2bf90b44ecfdc9 Mon Sep 17 00:00:00 2001
From: hoa <23120127@student.hcmus.edu.vn>
Date: Fri, 1 May 2026 13:12:29 +0700
Subject: [PATCH 1/2] chore: add gitleaks workflow and mock secret for testing

---
 .github/workflows/gitleaks.yml | 19 +++++++++++++++++++
 mock-secret.txt                |  2 ++
 2 files changed, 21 insertions(+)
 create mode 100644 .github/workflows/gitleaks.yml
 create mode 100644 mock-secret.txt

diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml
new file mode 100644
index 0000000000..97b1b2e9e1
--- /dev/null
+++ b/.github/workflows/gitleaks.yml
@@ -0,0 +1,19 @@
+name: Gitleaks Scan
+
+on:
+  pull_request:
+    branches:
+      - main
+      - dev
+
+jobs:
+  scan:
+    name: gitleaks
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: gitleaks/gitleaks-action@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/mock-secret.txt b/mock-secret.txt
new file mode 100644
index 0000000000..13fa27791f
--- /dev/null
+++ b/mock-secret.txt
@@ -0,0 +1,2 @@
+# Dòng này cố tình chứa secret giả để test Gitleaks trong quá trình làm đồ án
+AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE

From 3cda91abfb6f998c657e9b35775e94f7b1b993cf Mon Sep 17 00:00:00 2001
From: hoa <23120127@student.hcmus.edu.vn>
Date: Fri, 1 May 2026 13:25:39 +0700
Subject: [PATCH 2/2] fix: use a more realistic mock secret

---
 mock-secret.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mock-secret.txt b/mock-secret.txt
index 13fa27791f..d3c145139f 100644
--- a/mock-secret.txt
+++ b/mock-secret.txt
@@ -1,2 +1,2 @@
 # Dòng này cố tình chứa secret giả để test Gitleaks trong quá trình làm đồ án
-AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
+ghp_1234567890abcdefghijklmnopqrstuvwxyzabcd