| content |
{"Commits":[{"Sha1":"6f30ee795 {"Commits":[{"Sha1":"6f30ee7954e6142227f44fbcb36106e5ce6018eb","Message":"Add secret-content-scan to Fast Gate pre-commit\n\nLayer-2 defense complementing the env-leak guard added in bd8162cf2:\n\n- Scans staged diff lines for high-precision secret patterns:\n PEM private-key blocks, AWS access keys (AKIA…), GitHub PATs\n (ghp_/gho_/ghs_), JWT tokens (eyJ…eyJ…), and assignment lines\n matching `*PASSWORD|SECRET|TOKEN|API_KEY = \u003c32+ char base64\u003e`.\n- Excludes hook itself, docs/security/**, test fixtures, and the\n generate-secrets script to avoid self-tripping.\n- Per-line bypass via trailing `noqa: secret-scan` comment for\n legitimate fixtures or doc samples.\n\nVerified all positive cases trip and all negative cases pass through\nwhen run with system /usr/bin/grep (the shell sh hooks use). Failing\nthe gate prints up to 10 offending lines to give the developer\ncontext without dumping the whole secret.\n\nCo-Authored-By: Claude Opus 4.7 (1M context) \u003cnoreply@anthropic.com\u003e\n","AuthorEmail":"luoguoguo@luoguoguodeMacBook-Pro.local","AuthorName":"luoguoguo","CommitterEmail":"luoguoguo@luoguoguodeMacBook-Pro.local","CommitterName":"luoguoguo","Timestamp":"2026-04-26T09:06:13-07:00"}],"HeadCommit":{"Sha1":"6f30ee7954e6142227f44fbcb36106e5ce6018eb","Message":"Add secret-content-scan to Fast Gate pre-commit\n\nLayer-2 defense complementing the env-leak guard added in bd8162cf2:\n\n- Scans staged diff lines for high-precision secret patterns:\n PEM private-key blocks, AWS access keys (AKIA…), GitHub PATs\n (ghp_/gho_/ghs_), JWT tokens (eyJ…eyJ…), and assignment lines\n matching `*PASSWORD|SECRET|TOKEN|API_KEY = \u003c32+ char base64\u003e`.\n- Excludes hook itself, docs/security/**, test fixtures, and the\n generate-secrets script to avoid self-tripping.\n- Per-line bypass via trailing `noqa: secret-scan` comment for\n legitimate fixtures or doc samples.\n\nVerified all positive cases trip and all negative cases pass through\nwhen run with system /usr/bin/grep (the shell sh hooks use). Failing\nthe gate prints up to 10 offending lines to give the developer\ncontext without dumping the whole secret.\n\nCo-Authored-By: Claude Opus 4.7 (1M context) \u003cnoreply@anthropic.com\u003e\n","AuthorEmail":"luoguoguo@luoguoguodeMacBook-Pro.local","AuthorName":"luoguoguo","CommitterEmail":"luoguoguo@luoguoguodeMacBook-Pro.local","CommitterName":"luoguoguo","Timestamp":"2026-04-26T09:06:13-07:00"},"CompareURL":"luoanwu/juhi-omni-knowledge-hub/compare/bd8162cf2c08d175a1cab0f69d42b648bb825c10...6f30ee7954e6142227f44fbcb36106e5ce6018eb","Len":1}... |