javascriptgitgitlabpdfmakevfs

How do I fix issue with Git and pdfmake-chinese font?


I am currently using the 方正黑体简体.TTF font included in pdfmake-chinese library. I already tested it when printing PDFs and the Chinese fonts are displayed correctly. Right now, I want to push my Javascript file that contains the vfs_fonts.js but I'm getting an issue from Git with this particular message, "[ERROR] Tier 1 secret(s) found in file '/example.js' - check lines [57318]" when I try to commit this file. If I tried to remove 方正黑体简体.TTF in vfs_fonts.js and used Roboto instead, I can commit and push the example.js. What is the cause of the issue and how should I fix this without compromising security?

Edit: I checked and I have something like secrets dictionary in my configuration. Below are the rules considered as tier 1.


Solution

  • That error message looks like something from a commit hook you have set up which is looking for accidentally committed password, security keys, etc. Some sequence of bytes in the font file happens to look similar to a security key, so is accidentally triggering the check.

    If the hook is correctly configured, it should ignore binary files, so the fix is to use a gitattributes file to mark .ttf files as binary. Specifcally, a file in the root of your repository called .gitattributes containing this:

    *.ttf binary
    

    If that does not fix it, you will have to look for the documentation of the particular script that generated the error, and see how to configure files it should ignore.