You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Could you please review these findings and, if feasible, change the repository's visibility from public to private to prevent potential exposure of sensitive AppDirect information?
Hello lumeche,
Our security tools have identified a few in the public repository lumeche/appDirect. Details are as follows:
🚨 [HIGH] High-entropy secret assignment in workspace.xml https://raw.githubusercontent.com/lumeche/appDirect/master/.idea/workspace.xml
🚨 [HIGH] Keyword 'secret' found in HandlerDelegate.java at line 6 https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/java/com/appdirect/controller/rest/HandlerDelegate.java
🚨 [HIGH] Keyword 'authorization' found in HandlerDelegate.java at line 6 https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/java/com/appdirect/controller/rest/HandlerDelegate.java
🚨 [HIGH] Keyword 'token' found in HandlerDelegate.java at line 6 https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/java/com/appdirect/controller/rest/HandlerDelegate.java
🚨 [HIGH] Keyword 'secret' found in app-direct-configuration.xml at line 6 https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/resources/app-direct-configuration.xml
🚨 [HIGH] Keyword 'secret' found in application.properties at line 2 https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/resources/application.properties
🚨 [HIGH] Keyword 'token' found in application.properties at line 5 https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/resources/application.properties
🚨 [HIGH] Possible secret assignment in application.properties https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/resources/application.properties
🚨 [HIGH] Keyword 'token' found in event-cancel.xml at line 6 https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/resources/events/event-cancel.xml
🚨 [HIGH] Possible secret assignment in event-cancel.xml https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/resources/events/event-cancel.xml
🚨 [HIGH] Keyword 'token' found in event-change.xml at line 6 https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/resources/events/event-change.xml
🚨 [HIGH] Possible secret assignment in event-change.xml https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/resources/events/event-change.xml
🚨 [HIGH] Keyword 'token' found in event-order.xml at line 6 https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/resources/events/event-order.xml
🚨 [HIGH] Possible secret assignment in event-order.xml https://raw.githubusercontent.com/lumeche/appDirect/master/src/main/resources/events/event-order.xml
Could you please review these findings and, if feasible, change the repository's visibility from public to private to prevent potential exposure of sensitive AppDirect information?