exclude error decoder

[tamarleviCm]

By submitting a PR to this repository, you agree to the terms within the Checkmarx Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.

Description

Describe the purpose of this PR along with any background information and the impacts of the proposed change.

References

Include supporting link to GitHub Issue/PR number

Testing

Describe how this change was tested. Be specific about anything not tested and reasons why. If this solution has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.

Please include any manual steps for testing end-to-end or functionality not covered by unit/integration tests.

Checklist

• I have added documentation for new/changed functionality in this PR (if applicable).
• I have updated the CLI help for new/changed functionality in this PR (if applicable).
• All active GitHub checks for tests, formatting, and security are passing
• The correct base branch is being used

[github-actions]

Checkmarx One – Scan Summary & Details – c9f5ea52-8686-4ab3-90bd-2f583d1236b4

Policy Management Violations

Policy Name	Rule(s)	Break Build
[SAST-ML0] Not allowed NEW Sast vulnerabilities		true

Fixed Issues

Severity	Issue	Source File / Package
	CVE-2023-45288	Go-golang.org/x/net-v0.21.0
	CVE-2024-24786	Go-google.golang.org/protobuf-v1.31.0
	Insecure_Credential_Storage_Mechanism	/internal/params/flags.go: [73](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/params/flags.go# L73)
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/auth-http.go: [30](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/auth-http.go# L30)
	Insecure_Credential_Storage_Mechanism	/internal/commands/util/usercount/bitbucket.go: [116](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/commands/util/usercount/bitbucket.go# L116)
	Insecure_Credential_Storage_Mechanism	/internal/commands/util/usercount/bitbucket.go: [177](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/commands/util/usercount/bitbucket.go# L177)
	Insecure_Credential_Storage_Mechanism	/internal/commands/util/usercount/bitbucket.go: [34](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/commands/util/usercount/bitbucket.go# L34)
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: [113](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/bitbucketserver/bitbucket-server-http.go# L113)
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: [89](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/bitbucketserver/bitbucket-server-http.go# L89)
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: [54](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/bitbucketserver/bitbucket-server-http.go# L54)
	Reflected_Absolute_Path_Traversal	/internal/wrappers/client.go: [579](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/client.go# L579)
	Reflected_Absolute_Path_Traversal	/internal/wrappers/client.go: [579](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/client.go# L579)
	Reflected_Absolute_Path_Traversal	/internal/wrappers/client.go: [579](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/client.go# L579)
	Reflected_Absolute_Path_Traversal	/internal/wrappers/client.go: [579](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/client.go# L579)
	SSRF	/internal/wrappers/client.go: [622](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/client.go# L622)
	SSRF	/internal/wrappers/client.go: [368](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/client.go# L368)
	SSRF	/internal/wrappers/client.go: [372](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/client.go# L372)
	SSRF	/internal/wrappers/client.go: [562](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/client.go# L562)
	SSRF	/internal/wrappers/client.go: [571](https://github.com/Checkmarx/ast-cli/blob/increase-coverage//internal/wrappers/client.go# L571)

[gitguardian]

⚠️ GitGuardian has uncovered 16 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request

GitGuardian id	GitGuardian status	Secret	Commit	Filename
11482443	Triggered	Generic Password	d81c5ae	test/integration/data/python-vul-file.py	View secret
11482443	Triggered	Generic Password	d81c5ae	internal/commands/data/python-vul-file.py	View secret
11482444	Triggered	Username Password	d81c5ae	test/integration/data/python-vul-file.py	View secret
11482444	Triggered	Username Password	d81c5ae	internal/commands/data/python-vul-file.py	View secret
11482445	Triggered	Generic Password	d81c5ae	test/integration/data/python-vul-file.py	View secret
11482445	Triggered	Generic Password	d81c5ae	internal/commands/data/python-vul-file.py	View secret
11482446	Triggered	Generic Password	d81c5ae	test/integration/data/python-vul-file.py	View secret
11482446	Triggered	Generic Password	d81c5ae	internal/commands/data/python-vul-file.py	View secret
11482448	Triggered	Generic Password	d81c5ae	test/integration/data/python-vul-file.py	View secret
11482448	Triggered	Generic Password	d81c5ae	internal/commands/data/python-vul-file.py	View secret
11482449	Triggered	Generic Password	d81c5ae	test/integration/data/python-vul-file.py	View secret
11482449	Triggered	Generic Password	d81c5ae	internal/commands/data/python-vul-file.py	View secret
11482450	Triggered	Generic Password	d81c5ae	internal/commands/data/python-vul-file.py	View secret
11482450	Triggered	Generic Password	d81c5ae	test/integration/data/python-vul-file.py	View secret
11482451	Triggered	Generic Password	d81c5ae	internal/commands/data/python-vul-file.py	View secret
11482451	Triggered	Generic Password	d81c5ae	test/integration/data/python-vul-file.py	View secret

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code.
2. Replace and store your secrets safely. Learn here the best practices.
3. Revoke and rotate these secrets.
4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

• following these best practices for managing and storing secrets including API keys and other credentials
• install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.

---

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}

[OrShamirCM]

Is this PR relveant?