Spaces:

Truepic
/

watermarked-content-credentials

Sleeping

⚠️ You might be exposing a secret token, is this intended?

by token-scanner - opened Nov 24, 2023

Nov 24, 2023

Please check Space app file as you might be exposing a secret token.
We recommend you to use Repository secrets (env variables) in your Space settings. Afterwards, you can use it like:

import os
SECRET_TOKEN = os.getenv("SECRET_TOKEN")

Read more here. Once this is fixed, we strongly advise you to invalidate or delete your secret so that no one else can use it. In case of a Hugging Face token, you can do this in your settings.

jclyo1

Truepic org Nov 27, 2023

Thanks, i believe we are using Repository secrets, where applicable. Can you provide more details (ideally a file name and line number) about what was identified in your scan?

Upload images, audio, and videos by dragging in the text input, pasting, or clicking here.

Tap or paste here to upload images

· Sign up or log in to comment