From fed547e45d30469103f281e6f7dc744dd08e7152 Mon Sep 17 00:00:00 2001 From: Matt Chowning Date: Tue, 3 Oct 2023 14:58:44 -0400 Subject: [PATCH] Improve gitleaks setup This accomplishes a few things: 1. Removes some entries in .gitleaksignore which were incorrect (the commit hash did not match the commit that introduced the change) 2. Moves our handling of the debug google services file to a gitleaks config file. That means that no matter where that secret shows up, it will be allowed (as opposed to handling it in the gitleaksignore file which required specifying every location/commit where the secret was introduced). 3. Adds the old IntentUtilTest example api key to the list of ignored secrets so that it does not get flagged up when running `gitleaks detect`. --- .gitleaks.toml | 8 ++++++++ .gitleaksignore | 9 ++++----- 2 files changed, 12 insertions(+), 5 deletions(-) create mode 100644 .gitleaks.toml diff --git a/.gitleaks.toml b/.gitleaks.toml new file mode 100644 index 0000000000..e7473b9002 --- /dev/null +++ b/.gitleaks.toml @@ -0,0 +1,8 @@ +[extend] +useDefault = true + +[allowlist] +description = "global allow list" +regexes = [ + "AIzaSyBguqVfwriVWjnSqRg50XPfZZH5r1VumNM", +] diff --git a/.gitleaksignore b/.gitleaksignore index f435f569eb..6cab03c85a 100644 --- a/.gitleaksignore +++ b/.gitleaksignore @@ -1,5 +1,4 @@ -e1cea16b77b1e331bfa8c5a8135dcdf24f32cf6f:app/google-services.json_debug-only:gcp-api-key:23 -e306375a06498977fa176519a0c4a5d463bb47bf:app/src/debugProd/google-services.json:gcp-api-key:23 -e306375a06498977fa176519a0c4a5d463bb47bf:app/src/debugProd/google-services.json:gcp-api-key:23 -e1cea16b77b1e331bfa8c5a8135dcdf24f32cf6f:automotive/google-services.json_debug-only:gcp-api-key:23 -28aab01a878ce90aa6202af6124e120524e3bfc8:wear/google-services.json_debug-only:gcp-api-key:23 +d1502d9bf89fec3e19098f3ec78bc41e1473b447:app/src/androidTest/java/au/com/shiftyjelly/pocketcasts/views/helper/IntentUtilTest.kt:generic-api-key:29 +d1502d9bf89fec3e19098f3ec78bc41e1473b447:app/src/androidTest/java/au/com/shiftyjelly/pocketcasts/views/helper/IntentUtilTest.kt:generic-api-key:33 +d1502d9bf89fec3e19098f3ec78bc41e1473b447:app/src/androidTest/java/au/com/shiftyjelly/pocketcasts/views/helper/IntentUtilTest.kt:generic-api-key:49 +d1502d9bf89fec3e19098f3ec78bc41e1473b447:app/src/androidTest/java/au/com/shiftyjelly/pocketcasts/views/helper/IntentUtilTest.kt:generic-api-key:53