Danijel Martinek
9b235c7d1c
Blocks commits containing known secret patterns (e.g. Stripe sk_test_*) before they reach the remote. Exits gracefully with a warning when gitleaks is not in $PATH so developers who haven't installed it are not blocked. .gitleaks.toml extends the upstream default ruleset and allowlists __seeds__/** to prevent false positives from test fixtures. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
15 lines
368 B
TOML
15 lines
368 B
TOML
# Gitleaks configuration for this monorepo.
|
|
# Docs: https://github.com/gitleaks/gitleaks#configuration
|
|
|
|
title = "gitleaks config"
|
|
|
|
[extend]
|
|
# Use the upstream default ruleset as the base.
|
|
useDefault = true
|
|
|
|
[allowlist]
|
|
description = "Test fixtures in __seeds__ directories use token-shaped dummy strings that are not real credentials."
|
|
paths = [
|
|
'''__seeds__/''',
|
|
]
|