Skip to content

Allow Custom Regex Rules for GitLeaks Detection #1

Description

@ethanol1310

Enable org/project admins to add and manage custom regular-expression rules for the GitLeaks integration so domain-specific secrets are detected reliably.

Built-in GitLeaks rules miss some product/customer-specific patterns. In some projects, a credential assignment is not detected leading to inconsistent detection and missed leaks.

Example (missed by current rules)

bhyt_Password: 'pikachu', // GitLeaks cannot detect this

Changing 'pikachu' to another value sometimes triggers detection, but the above does not. We need a way to add targeted regex rules (with previews/tests) to ensure consistent detection.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions