Home Explore Help
Sign In
LBP
/
gitleaks
mirror of https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Files Issues 0 Wiki
Tree: v8.22.1
Branches Tags
gitleaks
/
cmd
/
generate
/
config
/
rules
/
config.tmpl

config.tmpl 3.4 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 
  1. # This file has been auto-generated. Do not edit manually.
    2. 

  2. # If you would like to contribute new rules, please use
    3. 

  3. # cmd/generate/config/main.go and follow the contributing guidelines
    4. 

  4. # at https://github.com/gitleaks/gitleaks/blob/master/CONTRIBUTING.md
    5. 

  5. 

  6. # This is the default gitleaks configuration file.
    7. 

  7. # Rules and allowlists are defined within this file.
    8. 

  8. # Rules instruct gitleaks on what should be considered a secret.
    9. 

  9. # Allowlists instruct gitleaks on what is allowed, i.e. not a secret.
    10. 

  10. 

  11. title = "{{.Title}}"
    12. 

  12. 

  13. [allowlist]
    14. 

  14. description = "{{.Allowlist.Description}}"
    15. 

  15. {{- with .Allowlist.RegexTarget }}
    16. 

  16. regexTarget = "{{ . }}"{{ end -}}
    17. 

  17. {{- with .Allowlist.Regexes }}
    18. 

  18. regexes = [{{ range $i, $regex := . }}
    19. 

  19.     '''{{ $regex }}''',{{ end }}
    20. 

  20. ]{{ end }}
    21. 

  21. {{- with .Allowlist.Paths }}
    22. 

  22. paths = [{{ range $i, $path := . }}
    23. 

  23.     '''{{ $path }}''',{{ end }}
    24. 

  24. ]{{ end }}
    25. 

  25. {{- with .Allowlist.StopWords }}{{println}}stopwords = [{{ range $j, $stopword := . }}
    26. 

  26.     "{{ $stopword }}",{{ end }}
    27. 

  27. ]{{ end }}
    28. 

  28. 

  29. {{ range $i, $rule := .Rules }}[[rules]]
    30. 

  30. id = "{{$rule.RuleID}}"
    31. 

  31. description = "{{$rule.Description}}"
    32. 

  32. regex = '''{{$rule.Regex}}'''
    33. 

  33. {{- with $rule.Path }}
    34. 

  34. path = '''{{ . }}'''{{ end -}}
    35. 

  35. {{- with $rule.SecretGroup }}
    36. 

  36. secretGroup = {{ . }}{{ end -}}
    37. 

  37. {{- with $rule.Entropy }}
    38. 

  38. entropy = {{ . }}{{ end -}}
    39. 

  39. {{- with $rule.Keywords }}
    40. 

  40. {{- if gt (len .) 1}}
    41. 

  41. keywords = [{{ range $j, $keyword := . }}
    42. 

  42.     "{{ $keyword }}",{{ end }}
    43. 

  43. ]{{else}}
    44. 

  44. keywords = [{{ range $j, $keyword := . }}"{{ $keyword }}"{{ end }}]{{end}}{{ end }}
    45. 

  45. {{- with $rule.Tags }}
    46. 

  46. tags = [
    47. 

  47.     {{ range $j, $tag := . }}"{{ $tag }}",{{ end }}
    48. 

  48. ]{{ end }}
    49. 

  49. 

  50. {{- /*
    51. 

  51.     * Use [rules.allowlist] for a while, allow people to catch up with the new syntax.
    52. 

  52.     * TODO: Remove this a few major versions after 8.21.0
    53. 

  53.     * https://github.com/gitleaks/gitleaks/issues/1571
    54. 

  54.     */}}
    55. 

  55. {{- if eq (len $rule.Allowlists) 1 }}{{ with index $rule.Allowlists 0}}{{ if or .Regexes .Paths .Commits .StopWords }}
    56. 

  56. # NOTE: Gitleaks >= v8.21.0 should use [[rules.allowlists] instead.
    57. 

  57. [rules.allowlist]
    58. 

  58. {{- with .MatchCondition }}{{println}}condition = "{{ .MatchCondition.String }}"{{ end }}
    59. 

  59. {{- with .Commits -}}{{println}}commits = [
    60. 

  60.     {{ range $j, $commit := . }}"{{ $commit }}",{{ end }}
    61. 

  61. ]{{ end }}
    62. 

  62. {{- with .Paths }}{{println}}paths = [
    63. 

  63.     {{ range $j, $path := . }}'''{{ $path }}''',{{ end }}
    64. 

  64. ]{{ end }}
    65. 

  65. {{- if and .RegexTarget .Regexes }}{{println}}regexTarget = "{{ .RegexTarget }}"{{ end -}}
    66. 

  66. {{- with .Regexes }}{{println}}regexes = [{{ range $i, $regex := . }}
    67. 

  67.     '''{{ $regex }}''',{{ end }}
    68. 

  68. ]{{ end }}
    69. 

  69. {{- with .StopWords }}{{println}}stopwords = [{{ range $j, $stopword := . }}
    70. 

  70.     "{{ $stopword }}",{{ end }}
    71. 

  71. ]{{ end }}{{ end }}{{ end }}
    72. 

  72. {{ else }}
    73. 

  73. {{ with $rule.Allowlists }}{{ range $i, $allowlist := . }}{{ if or $allowlist.Regexes $allowlist.Paths $allowlist.Commits $allowlist.StopWords }}
    74. 

  74. [[rules.allowlists]]
    75. 

  75. {{ with $allowlist.MatchCondition }}condition = "{{ .String }}"
    76. 

  76. {{ end -}}
    77. 

  77. {{- with $allowlist.Commits }}commits = [
    78. 

  78.     {{ range $j, $commit := . }}"{{ $commit }}",{{ end }}
    79. 

  79. ]{{ end }}
    80. 

  80. {{- with $allowlist.Paths }}paths = [
    81. 

  81.     {{ range $j, $path := . }}'''{{ $path }}''',{{ end }}
    82. 

  82. ]{{ end }}
    83. 

  83. {{- with $allowlist.RegexTarget }}regexTarget = "{{ . }}"
    84. 

  84. {{ end -}}
    85. 

  85. {{- with $allowlist.Regexes }}regexes = [{{ range $i, $regex := . }}
    86. 

  86.     '''{{ $regex }}''',{{ end }}
    87. 

  87. ]{{ end }}
    88. 

  88. {{ with $allowlist.StopWords }}stopwords = [{{ range $j, $stopword := . }}
    89. 

  89.     "{{ $stopword }}",{{ end }}
    90. 

  90. ]{{ end }}{{ end }}{{ end }}
    91. 

  91. {{ end }}{{ end }}
    92. 

  92. {{ end -}}
    93.