-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.detect-secrets.cfg
More file actions
30 lines (28 loc) · 932 Bytes
/
.detect-secrets.cfg
File metadata and controls
30 lines (28 loc) · 932 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# detect-secrets exclusion patterns (regex)
#
# Note: detect-secrets does not read this file by default. If you want these
# applied, wire them into your scan command (e.g. translate to --exclude-files
# / --exclude-lines) or into a baseline's filters_used.
[exclude-files]
# npm lockfiles contain package integrity hashes that look like secrets
pattern = (^|/)package-lock\.json$
# Generated output and dependencies
pattern = (^|/)(dist|node_modules)/
# Local config file with allowlist patterns
pattern = (^|/)\.detect-secrets\.cfg$
[exclude-lines]
# Environment variable examples in documentation
pattern = AI_API_KEY=
pattern = OPENROUTER_API_KEY=
pattern = CLAUDE_MODEL=
pattern = GEMINI_MODEL=
# Config key names (not actual values)
pattern = "apiKey"
pattern = "botToken"
pattern = apiKey:
pattern = botToken:
pattern = "apiKeyEnv"
pattern = apiKeyEnv:
# Type checking
pattern = === "string"
pattern = typeof.*=== "string"