Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Exclude wp-admin and wp-includes in gitleaks.toml file

Ahmad Yazbek
Ahmad Yazbek
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 14, 2025

I am trying to exclude the WordPress files wp-includes and wp-admin in gitleaks.toml to avoid unnecessary checks and errors. I am trying to include the two files paths like this :
paths = [

'''app/public/wp-admin/.*''',

'''app/public/wp-includes/.*'''

and I tried this path also: 
path=[

'''^app/public/wp-admin/.*''',

'''^app/public/wp-includes/.*''',

]

but the results are the same. The folders are being scanned. 

Any suggestions?

Answer
Watch
Like Be the first to like this
25 views

1 answer

0 votes
Igor Stoyanov
Igor Stoyanov
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 14, 2025

Hi @Ahmad Yazbek . Please, check the docs.
You should add paths under [allowlist] section.
Example:

# This is a global allowlist which has a higher order of precedence than rule-specific allowlists.
# If a commit listed in the `commits` field below is encountered then that commit will be skipped and no
# secrets will be detected for said commit. The same logic applies for regexes and paths.
[allowlist]
description = "global allow list"
commits = [ "commit-A", "commit-B", "commit-C"]
paths = [
  '''gitleaks\.toml''',
  '''(.*?)(jpg|gif|doc)'''
]

Regards, Igor

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events