fix: regenerate secrets baseline (#15)

bakerboy448 · web-flow · commit 0959662363d4 · 2026-03-06T20:47:18.000-06:00
## Summary
- Regenerated `.secrets.baseline` with all 27 detect-secrets plugins
- Previous baseline had empty `plugins_used` and 0 results (corrupt)
- New baseline correctly detects 6 placeholder/template secret keywords
in README.md, config_template.json, and systemd/install.sh

## Test plan
- [x] Verified baseline parses as valid JSON
- [x] Confirmed 27 plugins loaded
- [x] Confirmed 6 detected results are all template placeholders, no
real secrets

&lt;!-- This is an auto-generated comment: release notes by coderabbit.ai
--&gt;

## Summary by CodeRabbit

* **Chores**
* Updated secrets detection baseline configuration from version 1.4.0 to
1.5.0
* Enhanced detector plugins with expanded coverage including entropy,
token, key, and credential detection capabilities
* Improved filtering mechanisms with multiple heuristic filters for
refined detection accuracy
  * Added timestamp tracking for baseline generation

&lt;!-- end of auto-generated comment: release notes by coderabbit.ai --&gt;
diff --git a/.secrets.baseline b/.secrets.baseline
@@ -1,6 +1,176 @@
 {
-  "version": "1.4.0",
-  "plugins_used": [],
-  "filters_used": [],
-  "results": {}
+  "version": "1.5.0",
+  "plugins_used": [
+    {
+      "name": "ArtifactoryDetector"
+    },
+    {
+      "name": "AWSKeyDetector"
+    },
+    {
+      "name": "AzureStorageKeyDetector"
+    },
+    {
+      "name": "Base64HighEntropyString",
+      "limit": 4.5
+    },
+    {
+      "name": "BasicAuthDetector"
+    },
+    {
+      "name": "CloudantDetector"
+    },
+    {
+      "name": "DiscordBotTokenDetector"
+    },
+    {
+      "name": "GitHubTokenDetector"
+    },
+    {
+      "name": "GitLabTokenDetector"
+    },
+    {
+      "name": "HexHighEntropyString",
+      "limit": 3.0
+    },
+    {
+      "name": "IbmCloudIamDetector"
+    },
+    {
+      "name": "IbmCosHmacDetector"
+    },
+    {
+      "name": "IPPublicDetector"
+    },
+    {
+      "name": "JwtTokenDetector"
+    },
+    {
+      "name": "KeywordDetector",
+      "keyword_exclude": ""
+    },
+    {
+      "name": "MailchimpDetector"
+    },
+    {
+      "name": "NpmDetector"
+    },
+    {
+      "name": "OpenAIDetector"
+    },
+    {
+      "name": "PrivateKeyDetector"
+    },
+    {
+      "name": "PypiTokenDetector"
+    },
+    {
+      "name": "SendGridDetector"
+    },
+    {
+      "name": "SlackDetector"
+    },
+    {
+      "name": "SoftlayerDetector"
+    },
+    {
+      "name": "SquareOAuthDetector"
+    },
+    {
+      "name": "StripeDetector"
+    },
+    {
+      "name": "TelegramBotTokenDetector"
+    },
+    {
+      "name": "TwilioKeyDetector"
+    }
+  ],
+  "filters_used": [
+    {
+      "path": "detect_secrets.filters.allowlist.is_line_allowlisted"
+    },
+    {
+      "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
+      "min_level": 2
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_indirect_reference"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_likely_id_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_lock_file"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_potential_uuid"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_sequential_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_swagger_file"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_templated_secret"
+    }
+  ],
+  "results": {
+    "README.md": [
+      {
+        "type": "Secret Keyword",
+        "filename": "README.md",
+        "hashed_secret": "4828aeee87a0527949cb106d4c50ae10fd333cef",
+        "is_verified": false,
+        "line_number": 74
+      },
+      {
+        "type": "Secret Keyword",
+        "filename": "README.md",
+        "hashed_secret": "182f59c3b9f62e577aa1cf16f878a4e38633a578",
+        "is_verified": false,
+        "line_number": 76
+      }
+    ],
+    "config_template.json": [
+      {
+        "type": "Secret Keyword",
+        "filename": "config_template.json",
+        "hashed_secret": "055bb55ead1ad799af50f569f42c6429ec303bda",
+        "is_verified": false,
+        "line_number": 8
+      },
+      {
+        "type": "Secret Keyword",
+        "filename": "config_template.json",
+        "hashed_secret": "182f59c3b9f62e577aa1cf16f878a4e38633a578",
+        "is_verified": false,
+        "line_number": 10
+      }
+    ],
+    "systemd/install.sh": [
+      {
+        "type": "Secret Keyword",
+        "filename": "systemd/install.sh",
+        "hashed_secret": "0d1ba0da3e84e54f29846c93c43182eede365858",
+        "is_verified": false,
+        "line_number": 59
+      },
+      {
+        "type": "Secret Keyword",
+        "filename": "systemd/install.sh",
+        "hashed_secret": "35c06bbf283af9520aff4b772d12f278e3cae8d4",
+        "is_verified": false,
+        "line_number": 61
+      }
+    ]
+  },
+  "generated_at": "2026-03-07T02:13:28Z"
 }
