search

thoughtworks / talisman

Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.
https://thoughtworks.github.io/talisman/
MIT License
1.87k stars 241 forks source link

use existing path matching logic when filtering allowed patterns on file configs #418

Open second-frank opened 1 year ago

second-frank commented 1 year ago

Resolves #414

This PR adds the possibility to use allowed_patterns together with file path wildcards in the fileignoreconfig, while still allowing file specific checksum-based ignore configs - as printed by the githook reports.

For example, something like this would be possible:

fileignoreconfig:
- filename: 'sub-folder/*.yml'
  allowed_patterns: [key]
- filename: sub-folder/foo.yml
  checksum: a21f3d967b236bd1ae3d056323c7ee054ac63b2b374dd1864d8bba21169b2b33

The program was tested solely for our own use cases, which might differ from yours.
Frank Seidel frank.seidel@mercedes-benz.com, Mercedes-Benz Tech Innovation GmbH
Provider Information