forked from constverum/ProxyBroker
-
-
Notifications
You must be signed in to change notification settings - Fork 136
Expand file tree
/
Copy path.gitleaks.toml
More file actions
24 lines (22 loc) · 834 Bytes
/
.gitleaks.toml
File metadata and controls
24 lines (22 loc) · 834 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# Gitleaks config: extend the default ruleset with an allowlist of
# paths that contain known false positives. Same scope as
# .gitignore / .semgrepignore additions in the IPv6 work (#212).
[extend]
# Inherit gitleaks' bundled default ruleset.
useDefault = true
[allowlist]
description = "Paths excluded from gitleaks scans"
paths = [
# Claude Code per-machine config. May contain short-lived AWS STS
# session tokens for tool integrations (Opsera S3 upload URLs etc.);
# never in repo, expires fast, not a real credential leak.
'''^\.claude/.*''',
# Local working scratch. Regenerated scan reports echo example
# AWS-key-shaped strings back at the scanner (recursive false
# positive).
'''^tmp/.*''',
# Stale local virtualenvs.
'''^\.venv/.*''',
'''^venv/.*''',
'''^venv_.*/.*''',
]