mirror of
https://github.com/ivuorinen/gibidify.git
synced 2026-03-19 18:02:58 +00:00
Ismo Vuorinen
9b0e4e0810
The hand-rolled check_secrets regex patterns produced false positives on configKey test values, causing make security-full to fail. Replace with gitleaks via go run for proper secret detection with built-in rules and allowlist support for generated report files.
16 lines
422 B
TOML
16 lines
422 B
TOML
# gitleaks configuration
|
|
# https://github.com/gitleaks/gitleaks
|
|
#
|
|
# Extends the built-in ruleset. Only allowlist overrides are defined here.
|
|
|
|
[allowlist]
|
|
description = "Global allowlist for generated and report files"
|
|
paths = [
|
|
'''gosec-report\.json$''',
|
|
'''govulncheck-report\.json$''',
|
|
'''security-report\.json$''',
|
|
'''security-report\.md$''',
|
|
'''output\.json$''',
|
|
'''gibidify\.json$''',
|
|
]
|