CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
  • Join Community
Start Here
  • What is CodeAnt?
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
      • Bicep
      • Ci
      • Dockerfile
      • Dockerfile
      • Html-templates
      • Hugo
      • Nginx
      • Secrets
        • Gitleaks
        • Security
      • Unicode
      • Visualforce
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
    • Terraform
    • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
Secrets

Security

detected-github-token

GitHub Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-generic-secret

Generic Secret detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-google-gcm-service-account

Google (GCM) Service account detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-etc-shadow

linux shadow file detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-square-oauth-secret

Square OAuth Secret detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-aws-session-token

AWS Session Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-google-api-key

Google API Key Detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-google-oauth-url

Google OAuth url detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-telegram-bot-api-key

Telegram Bot API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-artifactory-token

Artifactory token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-username-and-password-in-uri

Username and password in URI detected
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-sauce-token

Sauce Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-generic-api-key

Generic API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

google-maps-apikeyleak

Detects potential Google Maps API keys in code
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory
OWASP:
- A3:2017 Sensitive Data Exposure

detected-slack-webhook

Slack Webhook detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-amazon-mws-auth-token

Amazon MWS Auth Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-pgp-private-key-block

Something that looks like a PGP private key block is detected. This is a potential hardcoded secret that could be leaked if this code is committed. Instead, remove this code block from the commit.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-stripe-api-key

Stripe API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-mailchimp-api-key

MailChimp API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-jwt-token

JWT token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-321: Use of Hard-coded Cryptographic Key
OWASP:
- A02:2021 - Cryptographic Failures

detected-npm-registry-auth-token

NPM registry authentication token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-private-key

Private Key detected. This is a sensitive credential and should not be hardcoded here. Instead, store this in a separate, private file.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-softlayer-api-key

SoftLayer API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-sonarqube-docs-api-key

SonarQube Docs API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-artifactory-password

Artifactory token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-snyk-api-key

Snyk API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-square-access-token

Square Access Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-facebook-access-token

Facebook Access Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-aws-access-key-id-value

AWS Access Key ID Value detected. This is a sensitive credential and should not be hardcoded here. Instead, read this value from an environment variable or keep it in a separate, private file.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-aws-secret-access-key

AWS Secret Access Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-ssh-password

SSH Password detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-mailgun-api-key

Mailgun API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-aws-account-id

AWS Account ID detected. While not considered sensitive information, it is important to use them and share them carefully. For that reason it would be preferrable avoiding to hardcoded it here. Instead, read the value from an environment variable or keep the value in a separate, private file.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-kolide-api-key

Kolide API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-google-cloud-api-key

Google Cloud API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-aws-appsync-graphql-key

AWS AppSync GraphQL Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-bcrypt-hash

bcrypt hash detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-stripe-restricted-api-key

Stripe Restricted API Key detected
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-picatic-api-key

Picatic API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-sendgrid-api-key

SendGrid API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-paypal-braintree-access-token

PayPal Braintree Access Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-google-oauth-access-token

Google OAuth Access Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-heroku-api-key

Heroku API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-facebook-oauth

Facebook OAuth detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-outlook-team

Outlook Team detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-hockeyapp

HockeyApp detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-slack-token

Slack Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-twilio-api-key

Twilio API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

detected-codeclimate

CodeClimate detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
GitleaksSecurity
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.