From 60fb125bcfecc350a943e365306e42db33bf03ed Mon Sep 17 00:00:00 2001
From: razreik <razreik@paloaltonetworks.com>
Date: Wed, 31 Jul 2024 11:52:16 +0300
Subject: [PATCH 1/2] fix indentation

---
 checkov/secrets/runner.py                | 10 +++++-----
 tests/secrets/test_prioritise_secrets.py |  5 +++++
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/checkov/secrets/runner.py b/checkov/secrets/runner.py
index 2d0fe8d61c7..b9bcd216383 100644
--- a/checkov/secrets/runner.py
+++ b/checkov/secrets/runner.py
@@ -248,11 +248,11 @@ def run(
                     added_by = enriched_potential_secret.get('added_by') or ''
                     removed_date = enriched_potential_secret.get('removed_date') or ''
                     added_date = enriched_potential_secret.get('added_date') or ''
-                    # run over secret key
-                    if isinstance(secret.secret_value, str) and secret.secret_value:
-                        stripped = secret.secret_value.strip(',"')
-                        if stripped != secret.secret_value:
-                            secret_key = f'{key}_{secret.line_number}_{PotentialSecret.hash_secret(stripped)}'
+                # run over secret key
+                if isinstance(secret.secret_value, str) and secret.secret_value:
+                    stripped = secret.secret_value.strip(',";\'')
+                    if stripped != secret.secret_value:
+                        secret_key = f'{key}_{secret.line_number}_{PotentialSecret.hash_secret(stripped)}'
                 if secret.secret_value and is_potential_uuid(secret.secret_value) and secret.check_id not in secrets_in_uuid_form:
                     logging.info(
                         f"Removing secret due to UUID filtering: {PotentialSecret.hash_secret(secret.secret_value)}")
diff --git a/tests/secrets/test_prioritise_secrets.py b/tests/secrets/test_prioritise_secrets.py
index 77617d58725..a46ffdecefc 100644
--- a/tests/secrets/test_prioritise_secrets.py
+++ b/tests/secrets/test_prioritise_secrets.py
@@ -63,6 +63,11 @@ def test_no_removal_other_check_id(self):
         self.assertFalse(result)
         self.assertIn('key3', self.secret_records)
 
+    def test_no_removal_of_first_check_id(self):
+        result = Runner._prioritise_secrets(self.secret_records, 'key1', 'CKV_SECRET_80')
+        self.assertFalse(result)
+        self.assertIn('key1', self.secret_records)
+
 
 if __name__ == '__main__':
     unittest.main()

From b3b85925cf5712c3c43d417443bb260f298b3359 Mon Sep 17 00:00:00 2001
From: razreik <razreik@paloaltonetworks.com>
Date: Wed, 31 Jul 2024 11:57:35 +0300
Subject: [PATCH 2/2] empty