Comments (2)
This looks like it's working as intended.
Allowed patterns are evaluated after checking for prohibited patterns. git-secrets will first identify that "password=somethingsecret1" is prohibited. It will then pipe the matching grep output for that line to another grep that checks for allowed patterns. If any of the allowed patterns match, then the text that was found is ignore.
I don't know what you're trying to do, but one way to mitigate these kinds of situations is to be more specific with your allowed patterns.
from git-secrets.
@mtdowling I think I misunderstood the syntax. Thanks!!
from git-secrets.
Related Issues (20)
- Support for mirrorred repositories
- AWS patterns seem to match everything HOT 1
- Provide a warning and remediation suggestion when NO secret patterns are defined
- Add support for a configuration file that can contain the patterns, etc. and be included in the repo is desired. HOT 1
- Github Actions HOT 2
- grep: warning: stray \ before - HOT 1
- Error : Custom secret provider detection patterns aren't loaded when executing git secrets on windows. HOT 3
- Installation fails without a terminal HOT 9
- Secret rules being applied to unstaged files
- `say` command during install should be removed or made configurable by flag HOT 6
- /usr/local/bin/git-secrets: line 208: say: command not found HOT 1
- custom patterns wont work HOT 4
- Problem with file HEAD.secret HOT 1
- Can't get any response from scans HOT 4
- How to pass multiple patterns in .gitallowed file HOT 1
- `git-secrets --install` test failures without code changes
- Add a test for PRs that change README without updating the man page HOT 1
- Add *hashed* file version to .gitallowed? So future changes get caught containing secrets again HOT 1
- Java Key Store files
- How to allow aws account numbers with .gitallowed HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from git-secrets.