diff --git a/.gitignore b/.gitignore index 1c7942a..ec412a1 100644 --- a/.gitignore +++ b/.gitignore @@ -136,7 +136,31 @@ celerybeat.pid # Environments .env +.env.* +!.env.example .envrc + +# Private keys and certificates +*.pem +*.key +*.p12 +*.pfx +*.jks +*.keystore + +# Service credentials +credentials.json +service-account.json +*-credentials.json + +# SSH keys +id_rsa +id_ecdsa +id_ed25519 + +# Other sensitive files +*.secrets +.htpasswd .venv env/ venv/ diff --git a/.secrets.baseline b/.secrets.baseline new file mode 100644 index 0000000..c6dfefe --- /dev/null +++ b/.secrets.baseline @@ -0,0 +1,300 @@ +{ + "version": "1.5.0", + "plugins_used": [ + { + "name": "ArtifactoryDetector" + }, + { + "name": "AWSKeyDetector" + }, + { + "name": "AzureStorageKeyDetector" + }, + { + "name": "Base64HighEntropyString", + "limit": 4.5 + }, + { + "name": "BasicAuthDetector" + }, + { + "name": "CloudantDetector" + }, + { + "name": "DiscordBotTokenDetector" + }, + { + "name": "GitHubTokenDetector" + }, + { + "name": "GitLabTokenDetector" + }, + { + "name": "HexHighEntropyString", + "limit": 3.0 + }, + { + "name": "IbmCloudIamDetector" + }, + { + "name": "IbmCosHmacDetector" + }, + { + "name": "IPPublicDetector" + }, + { + "name": "JwtTokenDetector" + }, + { + "name": "KeywordDetector", + "keyword_exclude": "" + }, + { + "name": "MailchimpDetector" + }, + { + "name": "NpmDetector" + }, + { + "name": "OpenAIDetector" + }, + { + "name": "PrivateKeyDetector" + }, + { + "name": "PypiTokenDetector" + }, + { + "name": "SendGridDetector" + }, + { + "name": "SlackDetector" + }, + { + "name": "SoftlayerDetector" + }, + { + "name": "SquareOAuthDetector" + }, + { + "name": "StripeDetector" + }, + { + "name": "TelegramBotTokenDetector" + }, + { + "name": "TwilioKeyDetector" + } + ], + "filters_used": [ + { + "path": "detect_secrets.filters.allowlist.is_line_allowlisted" + }, + { + "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies", + "min_level": 2 + }, + { + "path": "detect_secrets.filters.heuristic.is_indirect_reference" + }, + { + "path": "detect_secrets.filters.heuristic.is_likely_id_string" + }, + { + "path": "detect_secrets.filters.heuristic.is_lock_file" + }, + { + "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string" + }, + { + "path": "detect_secrets.filters.heuristic.is_potential_uuid" + }, + { + "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign" + }, + { + "path": "detect_secrets.filters.heuristic.is_sequential_string" + }, + { + "path": "detect_secrets.filters.heuristic.is_swagger_file" + }, + { + "path": "detect_secrets.filters.heuristic.is_templated_secret" + }, + { + "path": "detect_secrets.filters.regex.should_exclude_file", + "pattern": [ + "\\.env\\.example$", + "server/\\.env\\.example$" + ] + } + ], + "results": { + "INSTALL.md": [ + { + "type": "Secret Keyword", + "filename": "INSTALL.md", + "hashed_secret": "365e24291fd19bba10a0d8504c0ed90d5c8bef7f", + "is_verified": false, + "line_number": 75 + }, + { + "type": "Basic Auth Credentials", + "filename": "INSTALL.md", + "hashed_secret": "4f4944a7117fd2e95169da2b40af33b68a65a161", + "is_verified": false, + "line_number": 114 + }, + { + "type": "Secret Keyword", + "filename": "INSTALL.md", + "hashed_secret": "c35bdb821a941808a150db95d0f934f449bbff17", + "is_verified": false, + "line_number": 182 + }, + { + "type": "Basic Auth Credentials", + "filename": "INSTALL.md", + "hashed_secret": "c35bdb821a941808a150db95d0f934f449bbff17", + "is_verified": false, + "line_number": 225 + }, + { + "type": "Secret Keyword", + "filename": "INSTALL.md", + "hashed_secret": "001c1654cb8dff7c4ddb1ae6d2203d0dd15a6096", + "is_verified": false, + "line_number": 391 + }, + { + "type": "Secret Keyword", + "filename": "INSTALL.md", + "hashed_secret": "53fe8c55272f9c3ceebb5e6058788e8981a359cb", + "is_verified": false, + "line_number": 397 + } + ], + "docker-compose.dev.yml": [ + { + "type": "Secret Keyword", + "filename": "docker-compose.dev.yml", + "hashed_secret": "4f4944a7117fd2e95169da2b40af33b68a65a161", + "is_verified": false, + "line_number": 44 + } + ], + "docs/v2/V2_BUILD_PLAN.md": [ + { + "type": "Basic Auth Credentials", + "filename": "docs/v2/V2_BUILD_PLAN.md", + "hashed_secret": "e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4", + "is_verified": false, + "line_number": 301 + } + ], + "scripts/docker-build.sh": [ + { + "type": "Basic Auth Credentials", + "filename": "scripts/docker-build.sh", + "hashed_secret": "9d4e1e23bd5b727046a9e3b4b7db57bd8d6ee684", + "is_verified": false, + "line_number": 40 + } + ], + "scripts/install.sh": [ + { + "type": "Basic Auth Credentials", + "filename": "scripts/install.sh", + "hashed_secret": "4f4944a7117fd2e95169da2b40af33b68a65a161", + "is_verified": false, + "line_number": 156 + }, + { + "type": "Basic Auth Credentials", + "filename": "scripts/install.sh", + "hashed_secret": "7205a0abf00d1daec13c63ece029057c974795a9", + "is_verified": false, + "line_number": 267 + } + ], + "server/RULES.md": [ + { + "type": "Secret Keyword", + "filename": "server/RULES.md", + "hashed_secret": "a6778f1880744bd1a342a8e3789135412d8f9da2", + "is_verified": false, + "line_number": 904 + }, + { + "type": "Secret Keyword", + "filename": "server/RULES.md", + "hashed_secret": "aafdc23870ecbcd3d557b6423a8982134e17927e", + "is_verified": false, + "line_number": 949 + } + ], + "server/config.py": [ + { + "type": "Basic Auth Credentials", + "filename": "server/config.py", + "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8", + "is_verified": false, + "line_number": 123 + } + ], + "server/game_analyzer.py": [ + { + "type": "Basic Auth Credentials", + "filename": "server/game_analyzer.py", + "hashed_secret": "4f4944a7117fd2e95169da2b40af33b68a65a161", + "is_verified": false, + "line_number": 616 + } + ], + "server/test_auth.py": [ + { + "type": "Secret Keyword", + "filename": "server/test_auth.py", + "hashed_secret": "cbfdac6008f9cab4083784cbd1874f76618d2a97", + "is_verified": false, + "line_number": 38 + }, + { + "type": "Secret Keyword", + "filename": "server/test_auth.py", + "hashed_secret": "f0578f1e7174b1a41c4ea8c6e17f7a8a3b88c92a", + "is_verified": false, + "line_number": 50 + }, + { + "type": "Secret Keyword", + "filename": "server/test_auth.py", + "hashed_secret": "8be52126a6fde450a7162a3651d589bb51e9579d", + "is_verified": false, + "line_number": 64 + }, + { + "type": "Secret Keyword", + "filename": "server/test_auth.py", + "hashed_secret": "74913f5cd5f61ec0bcfdb775414c2fb3d161b620", + "is_verified": false, + "line_number": 74 + }, + { + "type": "Secret Keyword", + "filename": "server/test_auth.py", + "hashed_secret": "9d4e1e23bd5b727046a9e3b4b7db57bd8d6ee684", + "is_verified": false, + "line_number": 91 + }, + { + "type": "Secret Keyword", + "filename": "server/test_auth.py", + "hashed_secret": "1e99b09f6eb835305555cc43c3e0768b1a39226b", + "is_verified": false, + "line_number": 103 + } + ] + }, + "generated_at": "2026-03-06T03:45:28Z" +}