-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path.gitleaks.toml
More file actions
40 lines (36 loc) · 978 Bytes
/
.gitleaks.toml
File metadata and controls
40 lines (36 loc) · 978 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
title = "Nimbus gitleaks config"
[extend]
useDefault = true
[[allowlists]]
description = "Allow mock nmb_live_ keys in test files"
condition = "AND"
paths = [
'''(^|/)packages/.+\.(test|spec)\.ts$''',
]
regexTarget = "match"
regexes = [
'''nmb_live_[A-Za-z0-9_]+''',
]
[[allowlists]]
description = "Allow synthetic hash fixtures in test files"
condition = "AND"
paths = [
'''(^|/)packages/.+\.(test|spec)\.ts$''',
]
regexTarget = "line"
regexes = [
'''\b[a-f0-9]{40}\b''',
'''\b[a-f0-9]{64}\b''',
'''repeat\((40|64)\)''',
]
[[allowlists]]
description = "Allow PEM parsing regex literals in workspace GitHub auth code"
condition = "AND"
paths = [
'''(^|/)packages/worker/src/api/workspaces/github(?:-auth)?\.ts$''',
]
regexTarget = "line"
regexes = [
'''normalized\.match\(/-----BEGIN PRIVATE KEY-----\(\[\\s\\S]\*\?\)-----END PRIVATE KEY-----/''',
'''normalized\.match\(/-----BEGIN RSA PRIVATE KEY-----\(\[\\s\\S]\*\?\)-----END RSA PRIVATE KEY-----/''',
]