{ "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "version": "2.1.0", "runs": [ { "tool": { "driver": { "name": "gitleaks", "semanticVersion": "v8.0.0", "informationUri": "https://github.com/gitleaks/gitleaks", "rules": [ { "id": "aws-access-key", "shortDescription": { "text": "AWS Access Key" } }, { "id": "aws-secret-key", "shortDescription": { "text": "AWS Secret Key" } }, { "id": "aws-mws-key", "shortDescription": { "text": "AWS MWS key" } }, { "id": "facebook-secret-key", "shortDescription": { "text": "Facebook Secret Key" } }, { "id": "facebook-client-id", "shortDescription": { "text": "Facebook Client ID" } }, { "id": "twitter-secret-key", "shortDescription": { "text": "Twitter Secret Key" } }, { "id": "twitter-client-id", "shortDescription": { "text": "Twitter Client ID" } }, { "id": "github-pat", "shortDescription": { "text": "Github Personal Access Token" } }, { "id": "github-oauth", "shortDescription": { "text": "Github OAuth Access Token" } }, { "id": "github-app", "shortDescription": { "text": "Github App Token" } }, { "id": "github-refresh", "shortDescription": { "text": "Github Refresh Token" } }, { "id": "linkedin-client", "shortDescription": { "text": "LinkedIn Client ID" } }, { "id": "linkedin-secret", "shortDescription": { "text": "LinkedIn Secret Key" } }, { "id": "slack", "shortDescription": { "text": "Slack" } }, { "id": "apkey", "shortDescription": { "text": "Asymmetric Private Key" } }, { "id": "google", "shortDescription": { "text": "Google (GCP) Service Account" } }, { "id": "google", "shortDescription": { "text": "Google (GCP) Service Account" } }, { "id": "heroku", "shortDescription": { "text": "Heroku API key" } }, { "id": "mailchimp", "shortDescription": { "text": "MailChimp API key" } }, { "id": "mailgun", "shortDescription": { "text": "Mailgun API key" } }, { "id": "paypal", "shortDescription": { "text": "PayPal Braintree access token" } }, { "id": "piacatic", "shortDescription": { "text": "Picatic API key" } }, { "id": "sendgrid", "shortDescription": { "text": "SendGrid API Key" } }, { "id": "sidekiq-secret", "shortDescription": { "text": "Sidekiq Secret" } }, { "id": "sidekiq-sensitive-url", "shortDescription": { "text": "Sidekiq Sensitive URL" } }, { "id": "slack-webhook", "shortDescription": { "text": "Slack Webhook" } }, { "id": "stripe", "shortDescription": { "text": "Stripe API key" } }, { "id": "square", "shortDescription": { "text": "Square access token" } }, { "id": "square-oauth", "shortDescription": { "text": "Square OAuth secret" } }, { "id": "twilio", "shortDescription": { "text": "Twilio API key" } }, { "id": "dynatrace", "shortDescription": { "text": "Dynatrace ttoken" } }, { "id": "shopify", "shortDescription": { "text": "Shopify shared secret" } }, { "id": "shopify-access", "shortDescription": { "text": "Shopify access token" } }, { "id": "shopify-custom", "shortDescription": { "text": "Shopify custom app access token" } }, { "id": "shopify-private", "shortDescription": { "text": "Shopify private app access token" } }, { "id": "pypi", "shortDescription": { "text": "PyPI upload token" } } ] } }, "results": [ { "message": { "text": "test-rule has detected secret for file auth.py at commit 0000000000000000." }, "ruleId": "test-rule", "locations": [ { "physicalLocation": { "artifactLocation": { "uri": "auth.py" }, "region": { "startLine": 1, "startColumn": 1, "endLine": 2, "endColumn": 2, "snippet": { "text": "a secret" } } } } ], "partialFingerprints": { "commitSha": "0000000000000000", "email": "johndoe@gmail.com", "author": "John Doe", "date": "10-19-2003", "commitMessage": "opps" }, "properties": { "tags": [ "tag1", "tag2", "tag3" ] } } ] } ] }