fix(ci): stabilize detect-secrets baseline

2026-04-19 05:37:27 +00:00 · 2026-03-08 01:25:15 +00:00
parent eb9e78d6d0
commit 08597e817d
4 changed files with 14 additions and 14 deletions
--- a/src/gateway/connection-auth.test.ts
+++ b/src/gateway/connection-auth.test.ts
@@ -404,7 +404,7 @@ describe("resolveGatewayConnectionAuth", () => {
        config,
        env,
        includeLegacyEnv: false,
-        localPasswordPrecedence: "config-first",
+        localPasswordPrecedence: "config-first", // pragma: allowlist secret
      }),
    ).rejects.toThrow("gateway.auth.password");
    expect(() =>
@@ -412,7 +412,7 @@ describe("resolveGatewayConnectionAuth", () => {
        cfg: config,
        env,
        includeLegacyEnv: false,
-        localPasswordPrecedence: "config-first",
+        localPasswordPrecedence: "config-first", // pragma: allowlist secret
      }),
    ).toThrow("gateway.auth.password");
  });
--- a/src/gateway/credentials.ts
+++ b/src/gateway/credentials.ts
@@ -265,7 +265,7 @@ export function resolveGatewayCredentialsFromConfig(params: {
    }
    if (
      localPasswordRef &&
-      localPasswordPrecedence === "config-first" &&
+      localPasswordPrecedence === "config-first" && // pragma: allowlist secret
      !localPassword &&
      Boolean(envPassword) &&
      localPasswordCanWin