Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assess exposure of a public secret #957

Closed
1 task done
priyadam opened this issue Oct 9, 2024 · 3 comments
Closed
1 task done

Assess exposure of a public secret #957

priyadam opened this issue Oct 9, 2024 · 3 comments
Assignees
@zchisholm
Labels
new contributor

Comments

@priyadam
Copy link

priyadam commented Oct 9, 2024
edited by zchisholm
Loading

In file roiScript/send_metrics.mjs

Tasks:
Copilot prompts are in quotes

  • Check for possible security breaches "@workspace where is the notion secret used"

Context:

Screenshot 2024-10-09 at 7 33 46 AM
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 9, 2024

Hello there, thanks for opening your first issue. We welcome you to the community!

@zchisholm zchisholm self-assigned this Oct 16, 2024
@Dunridge
Copy link
Collaborator

Branch: issue-957

@zchisholm
Copy link

Investigate with the help of AI and also did a manual search locally. All instances of NOTION_TOKEN used a process.env.NOTION_TOKEN. I found no evidence of the NOTION_TOKEN secret being exposed within the code base.

@zchisholm zchisholm moved this to Done in AppSec Hack Pod Oct 16, 2024
@zchisholm zchisholm closed this as completed by moving to Done in AppSec Hack Pod Oct 16, 2024
@zchisholm zchisholm mentioned this issue Oct 19, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zchisholm zchisholm

Labels
new contributor
Projects
AppSec Hack Pod
Status: Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zchisholm @Dunridge @priyadam