mirror of
https://github.com/PR0M3TH3AN/SeedPass.git
synced 2025-09-08 07:18:47 +00:00
18 lines
653 B
Markdown
18 lines
653 B
Markdown
# Secret Scanning
|
|
|
|
SeedPass uses [Gitleaks](https://github.com/gitleaks/gitleaks) to scan the repository for accidentally committed secrets. The scan runs automatically for pull requests and on a nightly schedule. Any findings will cause the build to fail.
|
|
|
|
## Suppressing False Positives
|
|
|
|
If a file or string triggers the scanner but does not contain a real secret, add it to the allowlist in `.gitleaks.toml`.
|
|
|
|
```toml
|
|
[allowlist]
|
|
# Ignore specific files
|
|
paths = ["path/to/file.txt"]
|
|
# Ignore strings that match a regular expression
|
|
regexes = ["""dummy_api_key"""]
|
|
```
|
|
|
|
Commit the updated `.gitleaks.toml` to stop future alerts for the allowed items.
|