-
Notifications
You must be signed in to change notification settings - Fork 1
/
.gitleaks.toml
43 lines (38 loc) · 1.64 KB
/
.gitleaks.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# Title for the gitleaks configuration file.
title = "Gitleaks extended local allowlist"
# Extend the base (this) configuration. When you extend a configuration
# the base rules take precedence over the extended rules. I.e., if there are
# duplicate rules in both the base configuration and the extended configuration
# the base rules will override the extended rules.
# Another thing to know with extending configurations is you can chain together
# multiple configuration files to a depth of 2. Allowlist arrays are appended
# and can contain duplicates.
# useDefault and path can NOT be used at the same time. Choose one.
[extend]
# useDefault will extend the base configuration with the default gitleaks config:
# https://github.com/zricethezav/gitleaks/blob/master/config/gitleaks.toml
useDefault = true
# or you can supply a path to a configuration. Path is relative to where gitleaks
# was invoked, not the location of the base config.
# path = "common_config.toml"
# An array of tables that contain information that define instructions
# on how to detect secrets
[allowlist]
description = "ignore ethereum public address in json files"
# commits = [ "commit-A", "commit-B", "commit-C"]
paths = [
'''(.*?)(json)''',
]
# note: (global) regexTarget defaults to check the _Secret_ in the finding.
# if regexTarget is not specified then _Secret_ will be used.
# Acceptable values for regexTarget are "match" and "line"
regexTarget = "match"
regexes = [
'''^0x[a-fA-F0-9]{40}$''',
]
# note: stopwords targets the extracted secret, not the entire regex match
# # like 'regexes' does. (stopwords introduced in 8.8.0)
# stopwords = [
# '''client''',
# '''endpoint''',
# ]