cleanup

2025-08-27 12:30:24 -07:00 · 2025-08-27 12:30:24 -07:00 · 126ee1a849
commit 126ee1a849
parent d782a8a4fb
76 changed files with 1683 additions and 470 deletions
--- a/.gitleaks.toml
+++ b/.gitleaks.toml
@ -0,0 +1,38 @@
+[allowlist]
+  description = "Test and example keys and passwords that should not be reported as leaks"
+  regexes = [
+      '''AKIAIOSFODNN7EXAMPLE''',  # example AWS access key ID in README
+      '''wJalrXUtnFEMI\/K7MDENG\/bPxRfiCYEXAMPLEKEY''',  # example AWS secret access key in README
+  ]
+  paths = [
+  ]
+
+[[rules]]
+  id = "generic-api-key"
+  description = "Generic API Key"
+  regex = '''(?i)(api[_-]?key|apikey|secret|password|token|key|auth[_-]?token|access[_-]?token|private[_-]?key)['"`]?\s*[:=]\s*['"`]?[a-zA-Z0-9\-_]{8,64}['"`]?'''
+  tags = ["key", "generic", "api"]
+
+[[rules]]
+  id = "aws-access-key-id"
+  description = "AWS Access Key ID"
+  regex = '''AKIA[0-9A-Z]{16}'''
+  tags = ["key", "AWS"]
+
+[[rules]]
+  id = "aws-secret-access-key"
+  description = "AWS Secret Access Key"
+  regex = '''(?i)aws[_-]?secret[_-]?access[_-]?key['"`]?\s*[:=]\s*['"`]?[A-Za-z0-9/+=]{40}['"`]?'''
+  tags = ["key", "AWS"]
+
+[[rules]]
+  id = "private-key"
+  description = "Private Key"
+  regex = '''-----BEGIN[^-]+PRIVATE KEY-----'''
+  tags = ["key", "private"]
+
+[[rules]]
+  id = "ssh-private-key"
+  description = "SSH Private Key"
+  regex = '''-----BEGIN OPENSSH PRIVATE KEY-----'''
+  tags = ["key", "SSH", "private"]