Avoid hardcoded secrets in multi-account spec

vipulnsward · vipulnsward · commit ab77d89a2017 · 2026-02-10T19:07:28.000+05:30
Use per-example generated secret keys to prevent secret scanners from flagging test fixtures.
diff --git a/spec/uploadcare/multi_account_spec.rb b/spec/uploadcare/multi_account_spec.rb
@@ -1,12 +1,16 @@
 # frozen_string_literal: true
 
 require 'spec_helper'
+require 'securerandom'
 
 RSpec.describe 'Multi-account configuration' do
+  let(:account_one_secret_key) { SecureRandom.hex(16) }
+  let(:account_two_secret_key) { SecureRandom.hex(16) }
+
   let(:account_one_config) do
     Uploadcare::Configuration.new(
       public_key: 'public_key1',
-      secret_key: 'secret_key1',
+      secret_key: account_one_secret_key,
       use_subdomains: true,
       cdn_base_postfix: 'https://ucarecd.net/'
     )
@@ -15,7 +19,7 @@
   let(:account_two_config) do
     Uploadcare::Configuration.new(
       public_key: 'public_key2',
-      secret_key: 'secret_key2',
+      secret_key: account_two_secret_key,
       use_subdomains: true,
       cdn_base_postfix: 'https://ucarecd.net/'
     )
