Secret Scanning with Gitleaks I have built a deliberately vulnerable Flask app to use as a target for building a real DevSecOps pipeline. The repo is at https://github.com/pkkht/devsecops-demo. This part covers the first gate in the pipeline — secret scanning.
Why secrets in code are such a big deal? AWS access keys, API tokens, database passwords — they end up in source code more often than you