From 139b66d1bbe0255f7a950e071caf19f789e1a9a7 Mon Sep 17 00:00:00 2001 From: Tw93 Date: Sat, 27 Dec 2025 10:24:17 +0800 Subject: [PATCH] ci: Exclude `bin/optimize.sh` from secret detection in the CI workflow. --- .github/workflows/tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index ed7b403..baf9542 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -131,7 +131,7 @@ jobs: echo "Checking for hardcoded secrets..." matches=$(grep -r "password\|secret\|api_key" --include="*.sh" . \ | grep -v "# \|test" \ - | grep -v -E "lib/core/sudo\.sh|lib/core/app_protection\.sh|lib/clean/user\.sh|lib/clean/brew\.sh" || true) + | grep -v -E "lib/core/sudo\.sh|lib/core/app_protection\.sh|lib/clean/user\.sh|lib/clean/brew\.sh|bin/optimize\.sh" || true) if [[ -n "$matches" ]]; then echo "$matches" echo "✗ Potential secrets found"