Secret Scanning: 1 issue found

Hekkos found **1** Secret Scanning configuration issue in this repository.

<sub>This is part of the main [security audit](../issues/14).</sub>

<details open>
<summary><strong>Issue details</strong></summary>

- **Issue 1**: Secret scanning is not enabled - exposed credentials will not be detected

</details>

---

### Why this matters

Secret scanning detects accidentally committed credentials. When secrets are committed:
- They remain in git history even if removed in later commits
- Public repositories expose them to anyone with access
- Automated tools actively scan for exposed credentials to exploit
- Remediation requires rotating credentials and cleaning git history

---

### How to fix

1. Navigate to **Settings** > **Code security and analysis**
2. Enable **Secret scanning**
3. Optionally enable **Push protection** to prevent secrets from being committed

**Documentation:**
- [About secret scanning](https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning)
- [Configuring secret scanning](https://docs.github.com/en/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Secret Scanning: 1 issue found #18

Why this matters

How to fix

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Secret Scanning: 1 issue found #18

Description

Why this matters

How to fix

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions