Summary
Secret scanning detected an exposed google_api_key in petry-projects/markets (alert opened 2026-04-01). This key must be rotated immediately.
Findings
- Alert type:
google_api_key
- Status: OPEN since 2026-04-01
- Repo: petry-projects/markets
Recommended Actions
- Rotate the API key in Google Cloud Console immediately
- Review the secret scanning alert in the markets security tab to identify the exact commit/file
- If the key was committed to history, consider using
git filter-repo or BFG to scrub it
- Add the key pattern to
.gitignore and use GitHub environment secrets instead
- Close the secret scanning alert once remediated
Context
Identified during weekly org CI/Security survey on 2026-04-05.
Summary
Secret scanning detected an exposed
google_api_keyin petry-projects/markets (alert opened 2026-04-01). This key must be rotated immediately.Findings
google_api_keyRecommended Actions
git filter-repoor BFG to scrub it.gitignoreand use GitHub environment secrets insteadContext
Identified during weekly org CI/Security survey on 2026-04-05.