Skip to content

[FEATURE] GAP-130: detect-secrets redaction before report display/upload #291

Open
Open
[FEATURE] GAP-130: detect-secrets redaction before report display/upload#291
Labels
component:reportingReports, SARIF, HTML dashboardfinding:privacyPrivacy concernpriority:P2Medium impactstatus:triageNeeds triagetype:featureMissing planned capability
@hello-args

Description

@hello-args
hello-args
opened on Jun 17, 2026

Summary

Redact secret values in findings before terminal display, HTML, SARIF, or upload — distinct from home-path redaction (#87).

Problem

GAP-130 in the feature expansion plan is missing. Finding evidence may contain sensitive snippets.

Expected Behavior

Integrate detect-secrets or equivalent redaction layer before user-visible report output.

References

Acceptance Criteria

  • Redaction hook in reporting pipeline
  • Tests with synthetic secret fixtures
  • Documented limitations

Metadata

Metadata

Assignees

No one assigned

    Labels

    component:reportingReports, SARIF, HTML dashboardfinding:privacyPrivacy concernpriority:P2Medium impactstatus:triageNeeds triagetype:featureMissing planned capability

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions