module ZendeskAppsSupport::Validations::Secrets
Constants
- APPLICATION_SECRETS
- SECRET_KEYWORDS
Public Class Methods
call(package)
click to toggle source
# File lib/zendesk_apps_support/validations/secrets.rb, line 52 def call(package) compromised_files = package.text_files.map do |file| contents = file.read APPLICATION_SECRETS.each do |secret_type, regex_str| next unless contents =~ Regexp.new(regex_str) package.warnings << I18n.t('txt.apps.admin.warning.app_build.application_secret', file: file.relative_path, secret_type: secret_type) end match = Regexp.union(SECRET_KEYWORDS).match(contents) "#{file.relative_path} ('#{match[0]}...')" if match end.compact return unless compromised_files.any? package.warnings << I18n.t('txt.apps.admin.warning.app_build.generic_secrets', files: compromised_files.join( I18n.t('txt.apps.admin.error.app_build.listing_comma') ), count: compromised_files.count) end