# This file has been auto-generated. Do not edit manually. # If you would like to contribute new rules, please use # cmd/generate/config/main.go and follow the contributing guidelines # at https://github.com/gitleaks/gitleaks/blob/master/CONTRIBUTING.md # # How the hell does secret scanning work? Read this: # https://lookingatcomputer.substack.com/p/regex-is-almost-all-you-need # # This is the default gitleaks configuration file. # Rules and allowlists are defined within this file. # Rules instruct gitleaks on what should be considered a secret. # Allowlists instruct gitleaks on what is allowed, i.e. not a secret. title = "{{.Title}}" # minVersion indicates the minimum Gitleaks version required to use this config. # If the running version is older, a warning will be logged and not all # config-enabled features are guaranteed to work. minVersion = "v8.25.0" {{ with .Allowlists }}{{ range $i, $allowlist := . }}{{ if or $allowlist.Regexes $allowlist.Paths $allowlist.Commits $allowlist.StopWords }}# TODO: change to [[allowlists]]{{println}}[allowlist] {{- with .Description }}{{println}}description = "{{ . }}"{{ end }} {{- with .MatchCondition }}{{println}}condition = "{{ .String }}"{{ end }} {{- with .Commits -}}{{println}}commits = [ {{ range $j, $commit := . }}"{{ $commit }}",{{ end }} ]{{ end }} {{- with .Paths }}{{println}}paths = [{{ range $j, $path := . }} '''{{ $path }}''',{{ end }} ]{{ end }} {{- if and .RegexTarget .Regexes }}{{println}}regexTarget = "{{ .RegexTarget }}"{{ end -}} {{- with .Regexes }}{{println}}regexes = [{{ range $i, $regex := . }} '''{{ $regex }}''',{{ end }} ]{{ end }} {{- with .StopWords }}{{println}}stopwords = [{{ range $j, $stopword := . }} "{{ $stopword }}",{{ end }} ]{{ end }}{{ end }}{{ end }}{{ end }}{{println}} {{- range $i, $rule := .Rules }}{{println}}[[rules]] id = "{{$rule.RuleID}}" description = "{{$rule.Description}}" {{- with $rule.Regex }} regex = '''{{ . }}'''{{ end -}} {{- with $rule.Path }} path = '''{{ . }}'''{{ end -}} {{- with $rule.SecretGroup }} secretGroup = {{ . }}{{ end -}} {{- with $rule.Entropy }} entropy = {{ . }}{{ end -}} {{- with $rule.Keywords }} {{- if gt (len .) 1}} keywords = [{{ range $j, $keyword := . }} "{{ $keyword }}",{{ end }} ]{{else}} keywords = [{{ range $j, $keyword := . }}"{{ $keyword }}"{{ end }}]{{end}}{{ end }} {{- with $rule.Tags }} tags = [ {{ range $j, $tag := . }}"{{ $tag }}",{{ end }} ]{{ end }} {{- with $rule.Allowlists }}{{ range $i, $allowlist := . }}{{ if or $allowlist.Regexes $allowlist.Paths $allowlist.Commits $allowlist.StopWords }}{{println}}[[rules.allowlists]] {{- with .Description }}{{println}}description = "{{ . }}"{{ end }} {{- with .MatchCondition }}{{println}}condition = "{{ .String }}"{{ end }} {{- with .Commits -}}{{println}}commits = [ {{ range $j, $commit := . }}"{{ $commit }}",{{ end }} ]{{ end }} {{- with .Paths }}{{println}}paths = [ {{ range $j, $path := . }}'''{{ $path }}''',{{ end }} ]{{ end }} {{- if and .RegexTarget .Regexes }}{{println}}regexTarget = "{{ .RegexTarget }}"{{ end -}} {{- with .Regexes }}{{println}}regexes = [{{ range $i, $regex := . }} '''{{ $regex }}''',{{ end }} ]{{ end }} {{- with .StopWords }}{{println}}stopwords = [{{ range $j, $stopword := . }} "{{ $stopword }}",{{ end }} ]{{ end }}{{ end }}{{ end }}{{ end }} {{ end }}