Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Policy to identify sensitive files that should not be in the repository #19

Open
david3107 opened this issue May 17, 2024 · 0 comments
Open

Policy to identify sensitive files that should not be in the repository #19

david3107 opened this issue May 17, 2024 · 0 comments
Labels
enhancement New feature or request good first issue Good for newcomers

Comments

@david3107
Copy link
Contributor

Files like .env contain most of the times plain text credentials. While these files should be added to the .gitignore list, sometimes they can be pushed to the repo by mistake , leaking API tokens, passwords or other sensitive info.

Policy proposed: disallow specific files

file-disallow:
     - .env
     - conf.xml

This policy could also check that these files are inside the .gitignore. We can use https://github.com/github/gitignore as reference and example.
@david3107 david3107 added enhancement New feature or request good first issue Good for newcomers labels May 17, 2024
@david3107 david3107 changed the title Include repo check to identify sensitive files that should not be in the repository Policy to identify sensitive files that should not be in the repository May 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers
Projects
GitArmor Improvements
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@david3107