# This file has been auto-generated. Do not edit manually. # If you would like to contribute new rules, please use # cmd/generate/config/main.go and follow the contributing guidelines # at https://github.com/gitleaks/gitleaks/blob/master/CONTRIBUTING.md # This is the default gitleaks configuration file. # Rules and allowlists are defined within this file. # Rules instruct gitleaks on what should be considered a secret. # Allowlists instruct gitleaks on what is allowed, i.e. not a secret. title = "{{.Title}}" [allowlist] description = "{{.Allowlist.Description}}" {{- with .Allowlist.RegexTarget }} regexTarget = "{{ . }}"{{ end -}} {{- with .Allowlist.Regexes }} regexes = [{{ range $i, $regex := . }} '''{{ $regex }}''',{{ end }} ]{{ end }} {{- with .Allowlist.Paths }} paths = [{{ range $i, $path := . }} '''{{ $path }}''',{{ end }} ]{{ end }} {{- with .Allowlist.StopWords }}{{println}}stopwords = [{{ range $j, $stopword := . }} "{{ $stopword }}",{{ end }} ]{{ end }} {{ range $i, $rule := .Rules }}[[rules]] id = "{{$rule.RuleID}}" description = "{{$rule.Description}}" regex = '''{{$rule.Regex}}''' {{- with $rule.Path }} path = '''{{ . }}'''{{ end -}} {{- with $rule.SecretGroup }} secretGroup = {{ . }}{{ end -}} {{- with $rule.Entropy }} entropy = {{ . }}{{ end -}} {{- with $rule.Keywords }} {{- if gt (len .) 1}} keywords = [{{ range $j, $keyword := . }} "{{ $keyword }}",{{ end }} ]{{else}} keywords = [{{ range $j, $keyword := . }}"{{ $keyword }}"{{ end }}]{{end}}{{ end }} {{- with $rule.Tags }} tags = [ {{ range $j, $tag := . }}"{{ $tag }}",{{ end }} ]{{ end }} {{- /* * Use [rules.allowlist] for a while, allow people to catch up with the new syntax. * TODO: Remove this a few major versions after 8.21.0 * https://github.com/gitleaks/gitleaks/issues/1571 */}} {{- if eq (len $rule.Allowlists) 1 }}{{ with index $rule.Allowlists 0}}{{ if or .Regexes .Paths .Commits .StopWords }} # NOTE: Gitleaks >= v8.21.0 should use [[rules.allowlists] instead. [rules.allowlist] {{- with .MatchCondition }}{{println}}condition = "{{ .MatchCondition.String }}"{{ end }} {{- with .Commits -}}{{println}}commits = [ {{ range $j, $commit := . }}"{{ $commit }}",{{ end }} ]{{ end }} {{- with .Paths }}{{println}}paths = [ {{ range $j, $path := . }}'''{{ $path }}''',{{ end }} ]{{ end }} {{- if and .RegexTarget .Regexes }}{{println}}regexTarget = "{{ .RegexTarget }}"{{ end -}} {{- with .Regexes }}{{println}}regexes = [{{ range $i, $regex := . }} '''{{ $regex }}''',{{ end }} ]{{ end }} {{- with .StopWords }}{{println}}stopwords = [{{ range $j, $stopword := . }} "{{ $stopword }}",{{ end }} ]{{ end }}{{ end }}{{ end }} {{ else }} {{ with $rule.Allowlists }}{{ range $i, $allowlist := . }}{{ if or $allowlist.Regexes $allowlist.Paths $allowlist.Commits $allowlist.StopWords }} [[rules.allowlists]] {{ with $allowlist.MatchCondition }}condition = "{{ .String }}" {{ end -}} {{- with $allowlist.Commits }}commits = [ {{ range $j, $commit := . }}"{{ $commit }}",{{ end }} ]{{ end }} {{- with $allowlist.Paths }}paths = [ {{ range $j, $path := . }}'''{{ $path }}''',{{ end }} ]{{ end }} {{- with $allowlist.RegexTarget }}regexTarget = "{{ . }}" {{ end -}} {{- with $allowlist.Regexes }}regexes = [{{ range $i, $regex := . }} '''{{ $regex }}''',{{ end }} ]{{ end }} {{ with $allowlist.StopWords }}stopwords = [{{ range $j, $stopword := . }} "{{ $stopword }}",{{ end }} ]{{ end }}{{ end }}{{ end }} {{ end }}{{ end }} {{ end -}}