docs(weaver): tutorial documentation updates and additions of license declarations #2692
Conversation
VRamakrishna
requested review from
petermetz,
takeutak,
izuru0,
jagpreetsinghsasan and
sandeepnRES
as code owners
|
| GitGuardian id | Secret | Commit | Filename | |
|---|---|---|---|---|
| - | Generic CLI Secret | f4a108a | weaver/samples/fabric/fabric-cli/scripts/createUsers.sh | View secret |
| - | Generic CLI Secret | f4a108a | weaver/samples/fabric/go-cli/scripts/initAsset.sh | View secret |
| - | Generic CLI Secret | f4a108a | weaver/samples/fabric/go-cli/scripts/initAsset.sh | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
This is not a cause for concern. The files listed above contain sample secrets used for testing purposes. Their exposure produces no harm. |
@VRamakrishna FYI: I've just modified the branch protection rules to not require the GitGuardian check to pass because they still don't support (from what I gathered so far) ignoring certain paths and so we can't use it. In the meantime GitHub also came out with a continuous secret scanning solution that we plan on putting to good use soon. |
…ommon protobufs Also fixed typos in a Weaver RFC. Signed-off-by: VRamakrishna <[email protected]>
…urce files Signed-off-by: VRamakrishna <[email protected]>
…t source files Signed-off-by: VRamakrishna <[email protected]>
…cript and TypeScript files Signed-off-by: VRamakrishna <[email protected]>
…n source files Signed-off-by: VRamakrishna <[email protected]>
… scripts Signed-off-by: VRamakrishna <[email protected]>
…les to 2.0.0-alpha.1 Updated various go.sum files after dependency version changes. Fixed a license declaration. Signed-off-by: VRamakrishna <[email protected]>
Fixed typos. Updated modules' instructions pages. [skip ci] Signed-off-by: VRamakrishna <[email protected]>
weaverfolder where they were missing. The mainweaverfolder already contains aLICENSE.mdfile, so this just covers all of our bases.2.0.0-alpha.1.There is no code change in this PR. Just changes in Markdown files and addition of comments to source files.