CI: restore main detect-secrets scan (#38438)

* Tests: stabilize detect-secrets fixtures * Tests: fix rebased detect-secrets false positives * Docs: keep snippets valid under detect-secrets * Tests: finalize detect-secrets false-positive fixes * Tests: reduce detect-secrets false positives * Tests: keep detect-secrets pragmas inline * Tests: remediate next detect-secrets batch * Tests: tighten detect-secrets allowlists * Tests: stabilize detect-secrets formatter drift
2026-05-09 16:44:33 +00:00 · 2026-03-07 13:06:35 -05:00
parent 46e324e269
commit e4d80ed556
137 changed files with 1231 additions and 2700 deletions
--- a/src/agents/models-config.providers.volcengine-byteplus.test.ts
+++ b/src/agents/models-config.providers.volcengine-byteplus.test.ts
@@ -10,7 +10,7 @@ describe("Volcengine and BytePlus providers", () => {
  it("includes volcengine and volcengine-plan when VOLCANO_ENGINE_API_KEY is configured", async () => {
    const agentDir = mkdtempSync(join(tmpdir(), "openclaw-test-"));
    const envSnapshot = captureEnv(["VOLCANO_ENGINE_API_KEY"]);
-    process.env.VOLCANO_ENGINE_API_KEY = "test-key";
+    process.env.VOLCANO_ENGINE_API_KEY = "test-key"; // pragma: allowlist secret

    try {
      const providers = await resolveImplicitProviders({ agentDir });
@@ -26,7 +26,7 @@ describe("Volcengine and BytePlus providers", () => {
  it("includes byteplus and byteplus-plan when BYTEPLUS_API_KEY is configured", async () => {
    const agentDir = mkdtempSync(join(tmpdir(), "openclaw-test-"));
    const envSnapshot = captureEnv(["BYTEPLUS_API_KEY"]);
-    process.env.BYTEPLUS_API_KEY = "test-key";
+    process.env.BYTEPLUS_API_KEY = "test-key"; // pragma: allowlist secret

    try {
      const providers = await resolveImplicitProviders({ agentDir });