Security Alert: Leaked Stripe Live Key
Your repository contains a Stripe Live Key that has been identified in a public repository.
| Detail |
Value |
| File |
.dev.env |
| Status |
Exposed in public repository |
Immediate Actions
- Rotate the secret immediately in your stripe dashboard
- Remove the secret from source code
- Add
.env to .gitignore (if not already)
- Use
git filter-branch or BFG Repo-Cleaner to remove from git history
- Consider using environment variables or a secrets manager
About This Alert
This is a responsible disclosure. We attempted to file this as a private security advisory first. The secret value has NOT been stored or shared beyond this notification.
GitHub's automated secret scanning may have already notified the service provider. However, your repository still contains the exposed credential, which should be removed and rotated.
Vibe Scanner - responsible disclosure for leaked secrets
Security Alert: Leaked Stripe Live Key
Your repository contains a Stripe Live Key that has been identified in a public repository.
.dev.envImmediate Actions
.envto.gitignore(if not already)git filter-branchor BFG Repo-Cleaner to remove from git historyAbout This Alert
This is a responsible disclosure. We attempted to file this as a private security advisory first. The secret value has NOT been stored or shared beyond this notification.
GitHub's automated secret scanning may have already notified the service provider. However, your repository still contains the exposed credential, which should be removed and rotated.
Vibe Scanner - responsible disclosure for leaked secrets