Skip to content

fix: add gitleaks configuration to handle test data #21

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Oct 19, 2025
Merged

fix: add gitleaks configuration to handle test data #21

merged 7 commits into from
Oct 19, 2025

Conversation

@d-oit
Copy link
Owner

@d-oit d-oit commented Oct 18, 2025

Fixes Security & Compliance workflow false positives by adding comprehensive .gitleaks.toml configuration for test/demo content.

d-oit added 3 commits October 18, 2025 10:17
@d-oit
feat: add gitleaks configuration to handle test data
25c9d0e 
🔧 SECURITY CONFIGURATION:

Added .gitleaks.toml to properly handle:
✅ Test data in llm_detectors.rs (intentional test secrets)
✅ Demo content in examples/ (documentation API keys)
✅ Script placeholders (doc generation references)
✅ Higher entropy threshold to reduce false positives
✅ Smart patterns to distinguish test vs real secrets

🎯 RESULT:
- Allows legitimate test/demo content
- Still catches real security issues
- Maintains security while enabling development
- Fixes the 6 false positives in Security & Compliance workflow

This should achieve 100% green status for our consolidated workflows! 🚀
@d-oit
fix: update gitleaks workflow to use custom config for test data
213cd1a
@d-oit
fix: correct gitleaks config format for allowlist
46c09a9
@d-oit
Copy link
Owner Author

d-oit commented Oct 19, 2025

The workflow is using an outdated version of gitleaks-action that doesn't support the 'config-path' input. Please update to use 'gitleaks/gitleaks-action@v2' and set 'GITLEAKS_CONFIG' environment variable instead. Also, ensure 'GITLEAKS_LICENSE' is set for organization repositories.

@d-oit d-oit merged commit 2b92f55 into main Oct 19, 2025
7 checks passed
@d-oit d-oit deleted the fix/gitleaks-config-for-test-data branch October 19, 2025 15:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@d-oit