You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The documentation for [extend] config files states:
# Extend the base (this) configuration. When you extend a configuration
# the base rules take precedence over the extended rules. I.e., if there are
# duplicate rules in both the base configuration and the extended configuration
# the base rules will override the extended rules.
This seems counterintuitive because extensibility by definition adds to or modifies base functionality, and in fact after testing with an extend file that makes private-key just match on the substring toto I see that it does in fact override the base rules.
title = "Test extend"
[extend]
useDefault = true
[[rules]]
description = "test"
id = "private-key"
regex = '''toto'''
And using the extend file I get a match based on the extend rule, not the base rule.
I'm currently battling with this but can't work out what's going on. I think the documentation is severely lacking.
My problem:
I want to configure gitleaks via pre-commit to scan for secrets
I want to define a list of files that are ignored (e.g. .terraform.lock.hcl which triggers for some reason)
I want to exempt certain files from particular rules (e.g. we store some access key IDs in constants.tf and I want to stop getting nagged about it)
This is probably a common use case - "I've found a thing I need to allow list, how do I set that up" - and yet the documentation doesn't seem to provide a clear example.
The documentation for [extend] config files states:
This seems counterintuitive because extensibility by definition adds to or modifies base functionality, and in fact after testing with an extend file that makes private-key just match on the substring
toto
I see that it does in fact override the base rules.And using the extend file I get a match based on the extend rule, not the base rule.
In my opinion this is the desired functionality for an extend rule, and the documentation should be corrected to reflect it.
The text was updated successfully, but these errors were encountered: