Skip to content

🔑 Exposed PGVECTOR in committed .env.herd #1

Description

@muhamedfazalps

Security Vulnerability: Exposed Credential

A PGVECTOR was found committed in this repository at .env.herd.

Details

  • File: .env.herd
  • Credential: PGVECTOR
  • Value (partial): cosine # cosine | l2 | ip (must mat...

Impact

This credential is publicly visible in the repository, which could lead to:

  • Unauthorized access to your service provider
  • Potential financial charges from API usage
  • Data breaches or service compromise

Recommended Actions

  1. Immediately rotate/revoke this credential in your service provider's dashboard
  2. Remove the file from git history using git filter-repo or BFG Repo-Cleaner
  3. Add .env.herd to .gitignore
  4. Use environment variables or a secrets manager

Resources


This issue was automatically filed as part of a security scan.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions