-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.gitleaksignore
More file actions
19 lines (15 loc) · 1.11 KB
/
.gitleaksignore
File metadata and controls
19 lines (15 loc) · 1.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# Gitleaks allowlist — fingerprints of known dev-only secrets
# These are local development stack credentials (in-memory Vault, JAD bootstrap).
# They are NOT production secrets.
# jad/issuerservice.env — base64-encoded dev superuser key for local Issuer Service
93bba9e675890d1370e5828402049e82f10b72b2:jad/issuerservice.env:generic-api-key:14
# typescript (compiled output) — Vault dev clientSecret (in-memory, reset on restart)
7444429b1c452b94330127964824124af2a4cd23:typescript:generic-api-key:2502
# neo4j/seed.sh — base64-encoded Neo4j dev credentials (neo4j:healthdataspace, local only)
fe7320a578f5136c47218a80e351859235221353:neo4j/seed.sh:generic-api-key:5
# .github/workflows/reset-demo.yml — false positive: curl -u with GitHub Actions
# secret template (${{ secrets.NEO4J_PASSWORD }}) flagged by curl-auth-user rule.
# Not a real credential; the token is resolved by Actions at runtime. The current
# file on HEAD uses an env var + header to avoid the pattern; this fingerprint
# covers the original commit in history.
25ae55ec0402f17406a78f7f137c583517d4d9d9:.github/workflows/reset-demo.yml:curl-auth-user:74