Security Vulnerability: Exposed Credential
A POSTGRES_PASSWORD was found committed in this repository at .envrc.
Details
- File:
.envrc
- Credential:
POSTGRES_PASSWORD
- Value (partial):
"$(cat ./postgres.password)"...
Impact
This credential is publicly visible in the repository, which could lead to:
- Unauthorized access to your service provider
- Potential financial charges from API usage
- Data breaches or service compromise
Recommended Actions
- Immediately rotate/revoke this credential in your service provider's dashboard
- Remove the file from git history using
git filter-repo or BFG Repo-Cleaner
- Add
.envrc to .gitignore
- Use environment variables or a secrets manager
Resources
This issue was automatically filed as part of a security scan.
Security Vulnerability: Exposed Credential
A POSTGRES_PASSWORD was found committed in this repository at
.envrc.Details
.envrcPOSTGRES_PASSWORD"$(cat ./postgres.password)"...Impact
This credential is publicly visible in the repository, which could lead to:
Recommended Actions
git filter-repoor BFG Repo-Cleaner.envrcto.gitignoreResources
This issue was automatically filed as part of a security scan.