|
|
@@ -218,23 +218,35 @@ Gitleaks offers a configuration format you can follow to write your own secret d
|
|
|
|
|
|
```toml
|
|
|
# Title for the gitleaks configuration file.
|
|
|
-title = "Gitleaks title"
|
|
|
-
|
|
|
-# Extend the base (this) configuration. When you extend a configuration
|
|
|
-# the base rules take precedence over the extended rules. I.e., if there are
|
|
|
-# duplicate rules in both the base configuration and the extended configuration
|
|
|
-# the base rules will override the extended rules.
|
|
|
-# Another thing to know with extending configurations is you can chain together
|
|
|
-# multiple configuration files to a depth of 2. Allowlist arrays are appended
|
|
|
-# and can contain duplicates.
|
|
|
+title = "Custom Gitleaks configuration"
|
|
|
+
|
|
|
+# You have basically two options for your custom configuration:
|
|
|
+#
|
|
|
+# 1. define your own configuration, default rules do not apply
|
|
|
+#
|
|
|
+# use e.g., the default configuration as starting point:
|
|
|
+# https://github.com/gitleaks/gitleaks/blob/master/config/gitleaks.toml
|
|
|
+#
|
|
|
+# 2. extend a configuration, the rules are overwritten or extended
|
|
|
+#
|
|
|
+# When you extend a configuration the extended rules take precedence over the
|
|
|
+# default rules. I.e., if there are duplicate rules in both the extended
|
|
|
+# configuration and the default configuration the extended rules or
|
|
|
+# attributes of them will override the default rules.
|
|
|
+# Another thing to know with extending configurations is you can chain
|
|
|
+# together multiple configuration files to a depth of 2. Allowlist arrays are
|
|
|
+# appended and can contain duplicates.
|
|
|
+
|
|
|
# useDefault and path can NOT be used at the same time. Choose one.
|
|
|
[extend]
|
|
|
-# useDefault will extend the base configuration with the default gitleaks config:
|
|
|
+# useDefault will extend the default gitleaks config built in to the binary
|
|
|
+# the latest version is located at:
|
|
|
# https://github.com/gitleaks/gitleaks/blob/master/config/gitleaks.toml
|
|
|
useDefault = true
|
|
|
-# or you can supply a path to a configuration. Path is relative to where gitleaks
|
|
|
-# was invoked, not the location of the base config.
|
|
|
-path = "common_config.toml"
|
|
|
+# or you can provide a path to a configuration to extend from.
|
|
|
+# The path is relative to where gitleaks was invoked,
|
|
|
+# not the location of the base config.
|
|
|
+# path = "common_config.toml"
|
|
|
# If there are any rules you don't want to inherit, they can be specified here.
|
|
|
disabledRules = [ "generic-api-key"]
|
|
|
|
Roger Meier