Skip to main content

Rails Secret Key Base

Description

General

  • Documentation: https://guides.rubyonrails.org/security.html#custom-credentials
  • Summary: Ruby on Rails is a web framework written in Ruby. By default, Rails encrypts secrets before storing them in a credentials.yml.enc file. Alternatively, these secrets can be stored in a secrets.yml file. This detector focuses on catching the production secret_key_base in unencrypted files.

Revoke the secret

To generate a new secret_key_base, use rake secret command. See complementary documentation here.

Details for Rails Secret Key Base

  • Family: cryptographic_key

  • Category: private_key

  • High recall: False

  • Validity check available: False

  • Analyzer available: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 2.22

  • Prefixed: False