alt Hacker NewsThe fake key for real key thing seems like a problem. A lot of enterprise scanning tools look for keys in repos and other locations and you will get a lot of false positives.
Otherwise this is cool, we need more competition here.
The fake key for real key thing seems like a problem. A lot of enterprise scanning tools look for keys in repos and other locations and you will get a lot of false positives.
Otherwise this is cool, we need more competition here.
It's a good point, I don't think the placeholders we use will trigger a secret scanner, but we can adjust if it's an issue.
https://github.com/onecli/onecli/blob/942cfc6c6fd6e184504e01...