06e4b6313d
You can preview this rule [here](https://sonarsource.github.io/rspec/#/rspec/S6758/secrets) (updated a few minutes after each push). ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: egon-okerman-sonarsource <egon-okerman-sonarsource@users.noreply.github.com> Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
6 lines
506 B
Plaintext
6 lines
506 B
Plaintext
==== Compromise of sensitive source code
|
|
|
|
The affected service is used to store private packages and repositories. If a token is leaked, it can be used by unauthorized individuals to gain access to your sensitive code, proprietary libraries, and other confidential resources. This can lead to intellectual property theft, unauthorized modifications, or even sabotage of your software.
|
|
|
|
If these private packages contain other secrets, it might even lead to further breaches in the organization's services.
|