chore: add detect-secrets baseline

Captures the SRI integrity hashes in static/index.html (xterm.js, ttyd assets) and in the upcoming claude-design/preview*.html mockups. These are public content-addressing hashes for unpkg.com / cdnjs scripts, not secrets — but they trip the global pre-commit detect-secrets hook by entropy. Baseline committed first so the design-bundle commit doesn't get blocked.
2026-04-24 19:51:39 -04:00
parent 3b06ce752d
commit 2b375b0206
1 changed files with 196 additions and 0 deletions
@@ -0,0 +1,196 @@
 {
  "version": "1.5.0",
  "plugins_used": [
    {
      "name": "ArtifactoryDetector"
    },
    {
      "name": "AWSKeyDetector"
    },
    {
      "name": "AzureStorageKeyDetector"
    },
    {
      "name": "Base64HighEntropyString",
      "limit": 4.5
    },
    {
      "name": "BasicAuthDetector"
    },
    {
      "name": "CloudantDetector"
    },
    {
      "name": "DiscordBotTokenDetector"
    },
    {
      "name": "GitHubTokenDetector"
    },
    {
      "name": "GitLabTokenDetector"
    },
    {
      "name": "HexHighEntropyString",
      "limit": 3.0
    },
    {
      "name": "IbmCloudIamDetector"
    },
    {
      "name": "IbmCosHmacDetector"
    },
    {
      "name": "IPPublicDetector"
    },
    {
      "name": "JwtTokenDetector"
    },
    {
      "name": "KeywordDetector",
      "keyword_exclude": ""
    },
    {
      "name": "MailchimpDetector"
    },
    {
      "name": "NpmDetector"
    },
    {
      "name": "OpenAIDetector"
    },
    {
      "name": "PrivateKeyDetector"
    },
    {
      "name": "PypiTokenDetector"
    },
    {
      "name": "SendGridDetector"
    },
    {
      "name": "SlackDetector"
    },
    {
      "name": "SoftlayerDetector"
    },
    {
      "name": "SquareOAuthDetector"
    },
    {
      "name": "StripeDetector"
    },
    {
      "name": "TelegramBotTokenDetector"
    },
    {
      "name": "TwilioKeyDetector"
    }
  ],
  "filters_used": [
    {
      "path": "detect_secrets.filters.allowlist.is_line_allowlisted"
    },
    {
      "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
      "min_level": 2
    },
    {
      "path": "detect_secrets.filters.heuristic.is_indirect_reference"
    },
    {
      "path": "detect_secrets.filters.heuristic.is_likely_id_string"
    },
    {
      "path": "detect_secrets.filters.heuristic.is_lock_file"
    },
    {
      "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
    },
    {
      "path": "detect_secrets.filters.heuristic.is_potential_uuid"
    },
    {
      "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign"
    },
    {
      "path": "detect_secrets.filters.heuristic.is_sequential_string"
    },
    {
      "path": "detect_secrets.filters.heuristic.is_swagger_file"
    },
    {
      "path": "detect_secrets.filters.heuristic.is_templated_secret"
    },
    {
      "path": "detect_secrets.filters.regex.should_exclude_file",
      "pattern": [
        "\\.git/|\\.secrets\\.baseline$"
      ]
    }
  ],
  "results": {
    "claude-design/design_handoff_sethmux_toolbar/preview-desktop.html": [
      {
        "type": "Base64 High Entropy String",
        "filename": "claude-design/design_handoff_sethmux_toolbar/preview-desktop.html",
        "hashed_secret": "15cec270f44d7f4f1751d3f3ba0c59de746d783e",
        "is_verified": false,
        "line_number": 110
      },
      {
        "type": "Base64 High Entropy String",
        "filename": "claude-design/design_handoff_sethmux_toolbar/preview-desktop.html",
        "hashed_secret": "9d4f0dbeba51b67921005512a26e5e651bedb626",
        "is_verified": false,
        "line_number": 111
      },
      {
        "type": "Base64 High Entropy String",
        "filename": "claude-design/design_handoff_sethmux_toolbar/preview-desktop.html",
        "hashed_secret": "eadc3f93238dda49ec69d9ffa9416a74f348d9ca",
        "is_verified": false,
        "line_number": 112
      }
    ],
    "claude-design/design_handoff_sethmux_toolbar/preview-mobile.html": [
      {
        "type": "Base64 High Entropy String",
        "filename": "claude-design/design_handoff_sethmux_toolbar/preview-mobile.html",
        "hashed_secret": "15cec270f44d7f4f1751d3f3ba0c59de746d783e",
        "is_verified": false,
        "line_number": 117
      },
      {
        "type": "Base64 High Entropy String",
        "filename": "claude-design/design_handoff_sethmux_toolbar/preview-mobile.html",
        "hashed_secret": "9d4f0dbeba51b67921005512a26e5e651bedb626",
        "is_verified": false,
        "line_number": 118
      },
      {
        "type": "Base64 High Entropy String",
        "filename": "claude-design/design_handoff_sethmux_toolbar/preview-mobile.html",
        "hashed_secret": "eadc3f93238dda49ec69d9ffa9416a74f348d9ca",
        "is_verified": false,
        "line_number": 119
      }
    ],
    "static/index.html": [
      {
        "type": "Base64 High Entropy String",
        "filename": "static/index.html",
        "hashed_secret": "6b66cfa403dfce1c464c0aff189a8f0cd2c662c5",
        "is_verified": false,
        "line_number": 2
      },
      {
        "type": "Base64 High Entropy String",
        "filename": "static/index.html",
        "hashed_secret": "87c5cbce6b842120c09dbda557e9910691dbbb37",
        "is_verified": false,
        "line_number": 2
      }
    ]
  },
  "generated_at": "2026-04-24T23:51:31Z"
 }