|
|
|
@ -17,8 +17,8 @@ container { |
|
|
|
alpine_secdb = true |
|
|
|
alpine_secdb = true |
|
|
|
|
|
|
|
|
|
|
|
secrets { |
|
|
|
secrets { |
|
|
|
matchers = { |
|
|
|
matchers { |
|
|
|
// Use default list, minus Vault (`hashicorp`), which has experienced false positives. |
|
|
|
// Use most of default list, minus Vault (`hashicorp`), which has experienced false positives. |
|
|
|
// See https://github.com/hashicorp/security-scanner/blob/v0.0.2/pkg/scanner/secrets.go#L130C2-L130C2 |
|
|
|
// See https://github.com/hashicorp/security-scanner/blob/v0.0.2/pkg/scanner/secrets.go#L130C2-L130C2 |
|
|
|
known = [ |
|
|
|
known = [ |
|
|
|
// "hashicorp", |
|
|
|
// "hashicorp", |
|
|
|
@ -53,6 +53,7 @@ binary { |
|
|
|
# (yarn.lock) in the Consul binary. This is something we may investigate in the future. |
|
|
|
# (yarn.lock) in the Consul binary. This is something we may investigate in the future. |
|
|
|
|
|
|
|
|
|
|
|
secrets { |
|
|
|
secrets { |
|
|
|
|
|
|
|
matchers { |
|
|
|
// Use most of default list, minus Vault (`hashicorp`), which has experienced false positives. |
|
|
|
// Use most of default list, minus Vault (`hashicorp`), which has experienced false positives. |
|
|
|
// See https://github.com/hashicorp/security-scanner/blob/v0.0.2/pkg/scanner/secrets.go#L130C2-L130C2 |
|
|
|
// See https://github.com/hashicorp/security-scanner/blob/v0.0.2/pkg/scanner/secrets.go#L130C2-L130C2 |
|
|
|
known = [ |
|
|
|
known = [ |
|
|
|
@ -66,3 +67,4 @@ binary { |
|
|
|
] |
|
|
|
] |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
Michael Zalimeni
10 months ago
committed by