no hash shown in fingerprint
j-lakeman opened this issue · comments
Describe the bug
when a leak is found, no hash is shown in the fingerprint
To Reproduce
Steps to reproduce the behavior:
- have test file with a “secret” in it
- let Gitleaks find it
- see fingerprint without hash
Expected behavior
hash should be in front of file path like in example .gitleaksignore
Screenshots
[I] ~ ❯❯❯ gitleaks detect --log-level warn --no-banner --verbose --no-git --source .config/spotify-player/ main ⬆ ✱
Finding: client_id = "65b708073fc0480ea92a077233ca87bd"
Secret: 65b708073fc0480ea92a077233ca87bd
RuleID: generic-api-key
Entropy: 3.641127
File: .config/spotify-player/app.toml
Line: 2
Fingerprint: .config/spotify-player/app.toml:generic-api-key:2
5:56PM WRN leaks found: 1
[I] ~ ❯❯❯
Basic Info (please complete the following information):
- OS: Debian GNU/Linux trixie trixie/sid x86_64
- Gitleaks Version: 8.16.0-1+b4 amd64
cc @zricethezav
It seems to have sth to do with the --no-git
flag.
Reproduced also on openSUSE Tumbleweed and macOS.
@j-lakeman that's correct. The hash is the commit sha. If you are running --no-git
then the fingerprint will not contain a hash indicating this is a no-git fingerprint