chromium/src
0
Fork 0
Code

Exclude the CT log list from git-secrets hooks.

Browse Source 
Some Chromium developers have global git-secrets enforcement on in their
environments, but this detects certificate transparency log list changes
as potential secrets whenever they try to make a commit which includes
them (most often, due to git-merge including it).

This excludes this particular case from that protection, to avoid these
false positives.

The syntax for this file is that every non-blank non-comment line is a
regular expression which is matched against
"filename:linenumber:linecontents" strings, where the filename is
generally but not always relative to the repository root.

Change-Id: Ib7974bad8067cccb6892d1f6e106ab5421775e3d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5186635
Reviewed-by: Rick Byers <rbyers@chromium.org>
Commit-Queue: Jeremy Roman <jbroman@chromium.org>
Reviewed-by: Carlos IL <carlosil@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1247272}
This commit is contained in:
Jeremy Roman 2024-01-15 19:39:27 +00:00 committed by Chromium LUCI CQ
parent d009713d74
commit 116914aec4
1 changed files with 5 additions and 0 deletions

5
.gitallowed Normal file

@ -0,0 +1,5 @@
# This file contains patterns which are excluded from git-secrets matching.
# Only add patterns where this is extremely likely to be a false positive.
# This directory contains publicly available keys and is updated frequently.
^([^:]*/)?components/certificate_transparency/data/