Files
wehub-resource-sync 48b3ccf279
gitleaks / gitleaks (push) Has been skipped
Test / test (ubuntu-latest) (push) Failing after 0s
Test / test (windows-latest) (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:12:29 +08:00

76 lines
3.3 KiB
Cheetah

# This file has been auto-generated. Do not edit manually.
# If you would like to contribute new rules, please use
# cmd/generate/config/main.go and follow the contributing guidelines
# at https://github.com/gitleaks/gitleaks/blob/master/CONTRIBUTING.md
#
# How the hell does secret scanning work? Read this:
# https://lookingatcomputer.substack.com/p/regex-is-almost-all-you-need
#
# This is the default gitleaks configuration file.
# Rules and allowlists are defined within this file.
# Rules instruct gitleaks on what should be considered a secret.
# Allowlists instruct gitleaks on what is allowed, i.e. not a secret.
title = "{{.Title}}"
# minVersion indicates the minimum Gitleaks version required to use this config.
# If the running version is older, a warning will be logged and not all
# config-enabled features are guaranteed to work.
minVersion = "v8.25.0"
{{ with .Allowlists }}{{ range $i, $allowlist := . }}{{ if or $allowlist.Regexes $allowlist.Paths $allowlist.Commits $allowlist.StopWords }}# TODO: change to [[allowlists]]{{println}}[allowlist]
{{- with .Description }}{{println}}description = "{{ . }}"{{ end }}
{{- with .MatchCondition }}{{println}}condition = "{{ .String }}"{{ end }}
{{- with .Commits -}}{{println}}commits = [
{{ range $j, $commit := . }}"{{ $commit }}",{{ end }}
]{{ end }}
{{- with .Paths }}{{println}}paths = [{{ range $j, $path := . }}
'''{{ $path }}''',{{ end }}
]{{ end }}
{{- if and .RegexTarget .Regexes }}{{println}}regexTarget = "{{ .RegexTarget }}"{{ end -}}
{{- with .Regexes }}{{println}}regexes = [{{ range $i, $regex := . }}
'''{{ $regex }}''',{{ end }}
]{{ end }}
{{- with .StopWords }}{{println}}stopwords = [{{ range $j, $stopword := . }}
"{{ $stopword }}",{{ end }}
]{{ end }}{{ end }}{{ end }}{{ end }}{{println}}
{{- range $i, $rule := .Rules }}{{println}}[[rules]]
id = "{{$rule.RuleID}}"
description = "{{$rule.Description}}"
{{- with $rule.Regex }}
regex = '''{{ . }}'''{{ end -}}
{{- with $rule.Path }}
path = '''{{ . }}'''{{ end -}}
{{- with $rule.SecretGroup }}
secretGroup = {{ . }}{{ end -}}
{{- with $rule.Entropy }}
entropy = {{ . }}{{ end -}}
{{- with $rule.Keywords }}
{{- if gt (len .) 1}}
keywords = [{{ range $j, $keyword := . }}
"{{ $keyword }}",{{ end }}
]{{else}}
keywords = [{{ range $j, $keyword := . }}"{{ $keyword }}"{{ end }}]{{end}}{{ end }}
{{- with $rule.Tags }}
tags = [
{{ range $j, $tag := . }}"{{ $tag }}",{{ end }}
]{{ end }}
{{- with $rule.Allowlists }}{{ range $i, $allowlist := . }}{{ if or $allowlist.Regexes $allowlist.Paths $allowlist.Commits $allowlist.StopWords }}{{println}}[[rules.allowlists]]
{{- with .Description }}{{println}}description = "{{ . }}"{{ end }}
{{- with .MatchCondition }}{{println}}condition = "{{ .String }}"{{ end }}
{{- with .Commits -}}{{println}}commits = [
{{ range $j, $commit := . }}"{{ $commit }}",{{ end }}
]{{ end }}
{{- with .Paths }}{{println}}paths = [
{{ range $j, $path := . }}'''{{ $path }}''',{{ end }}
]{{ end }}
{{- if and .RegexTarget .Regexes }}{{println}}regexTarget = "{{ .RegexTarget }}"{{ end -}}
{{- with .Regexes }}{{println}}regexes = [{{ range $i, $regex := . }}
'''{{ $regex }}''',{{ end }}
]{{ end }}
{{- with .StopWords }}{{println}}stopwords = [{{ range $j, $stopword := . }}
"{{ $stopword }}",{{ end }}
]{{ end }}{{ end }}{{ end }}{{ end }}
{{ end }}