Skip to content

Commit 4df88fc

Browse files
nullvariantclaude
andcommitted
chore(security): add .gitleaks.toml to allowlist test fixtures and PEM header constants
Gitleaks correctly detects dummy API keys in test fixtures and PEM header strings in sshAgent.ts, but these are intentional: test fixtures use fake secrets for security testing, and sshAgent.ts uses PEM headers as format detection constants (not actual keys). Signed-off-by: Null;Variant <null@nullvariant.com> 🖥️ IDE: [VS Code](https://code.visualstudio.com/) 🔌 Extension: [Claude Code](https://claude.ai/download) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Model-Raw: claude-opus-4-6
1 parent 11a709d commit 4df88fc

1 file changed

Lines changed: 10 additions & 0 deletions

File tree

.gitleaks.toml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
[extend]
2+
useDefault = true
3+
4+
[[allowlist.paths]]
5+
description = "Test fixtures contain intentional dummy secrets for security testing"
6+
regex = '''src/test/'''
7+
8+
[[allowlist.paths]]
9+
description = "SSH key format detection uses PEM header strings as constants"
10+
regex = '''src/sshAgent\.ts'''

0 commit comments

Comments
 (0)