-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.gitleaks.toml
More file actions
48 lines (43 loc) · 1.32 KB
/
Copy path.gitleaks.toml
File metadata and controls
48 lines (43 loc) · 1.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# Gitleaks configuration
# https://github.com/gitleaks/gitleaks
title = "Oppskrift Gitleaks Config"
[extend]
useDefault = true
# Allowlist for false positives
[allowlist]
description = "Allowlisted patterns and paths"
# Placeholder/example values in documentation
regexes = [
# Placeholder passwords in docs
'''your-smtp-password''',
'''your-256-bit-secret-here''',
# Template variables
'''\$\{DB_PASSWORD\}''',
'''\$\{.*_SECRET\}''',
# Test credentials (explicitly fake)
'''test:test@''',
# Fake argon2 hashes in tests
'''fakesalt''',
'''fakehash''',
# Example/truncated JWTs in docs
'''eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9\.\.\.''',
# Test assertions checking key format (not actual keys)
'''starts_with\("-----BEGIN''',
]
paths = [
# Documentation with example configs
'''DEPLOYMENT\.md''',
'''quickstart\.md''',
'''testing\.md''',
# Scripts that generate secrets (contain templates, not real secrets)
'''scripts/generate-secrets\.sh''',
# Test files with fake hashes
'''tests/timing_test\.rs''',
'''tests/enumeration_test\.rs''',
# Example env file
'''\.env\.example''',
# Crypto module tests (assertions checking key format)
'''src/lib/crypto\.rs''',
# CI workflows with test-only keys
'''\.github/workflows/.*\.yml''',
]