Storing secrets unencrypted inside a codebase is usually a mistake or meant as a temporary fix. Unfortunately, production keys can stick around in the Git history longer than intended. Secret Audit helps ensure none of your team's secrets make it into your codebase in the first place.
If you have a key that's been exposed, you'll see a screen like this:
If you're thinking, "Wait, I already deleted that secret!" The
git commit log keeps old versions around by storing them as
Why is removing the secret from git history recommended?
Once a key is in your git history, it's stuck there forever.
Now that you've removed or ignored the secret, you can re-run the check and should see this screen: