docs 📝: Add new rule to detect Sidekiq secret in README.md #23
@@ -9,10 +9,10 @@ title = "Gitleaks Config"
|
||||
# # Add all placeholder-like patterns that trigger false positives
|
||||
# regex = "cafebabe|deadbeef|DB_PASSWORD"
|
||||
|
||||
[[allowlist]]
|
||||
description = "Ignore badge URLs in README"
|
||||
filepath = "README.md"
|
||||
regex = "https://img.shields.io"
|
||||
# [[allowlist]]
|
||||
|
|
||||
# description = "Ignore badge URLs in README"
|
||||
# filepath = "README.md"
|
||||
# regex = "https://img.shields.io"
|
||||
|
||||
gitea-actions
commented
[Lines 14-16] [Score: 2] This rule allows ignoring badge URLs within the README.md file, which is a common practice to help avoid false positives during scans. It's good to have this allowlist rule in place to prevent unnecessary alerts. [Lines 14-16] [Score: 2] This rule allows ignoring badge URLs within the README.md file, which is a common practice to help avoid false positives during scans. It's good to have this allowlist rule in place to prevent unnecessary alerts.
|
||||
# ==========================
|
||||
# Rules
|
||||
|
||||
Reference in New Issue
Block a user
[Lines 10-12] [Score: 2] This line includes specific patterns to ignore in the README.md file, such as cafebabe and deadbeef (common byte sequences), and DB_PASSWORD (likely a placeholder). These are common best practices when setting up Gitleaks allowlists.