Add a gitleaks rule to find hex strings in URLs

but allow things that look like Github SHAs.
This commit is contained in:
Mike Dalessio
2025-12-17 13:40:07 -05:00
parent 605f4ed2a4
commit 75ef9bfd64
+8
View File
@@ -9,3 +9,11 @@ paths = [
'''docs/''',
'''test/''',
]
[[rules]]
id = "basecamp-integration-url"
description = "Basecamp Integration URL"
regex = '''https://[^\s]*?([0-9a-fA-F]{16,})'''
[rules.allowlist]
regexTarget = "match"
regexes = ['''github\.com''']