diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-05 00:08:59 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-05 00:08:59 +0300 |
commit | 6609e5ea75a9e119651e19574c30c11ce19c62d0 (patch) | |
tree | 81a6e3b927ca6278983129e670a0ece1fce8c059 /doc/user/application_security/secret_detection | |
parent | 60bb1b9734536021c8eba9d15ac1a666af45be74 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user/application_security/secret_detection')
-rw-r--r-- | doc/user/application_security/secret_detection/index.md | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md index 9390a5def18..d3709023085 100644 --- a/doc/user/application_security/secret_detection/index.md +++ b/doc/user/application_security/secret_detection/index.md @@ -102,8 +102,7 @@ as shown in the following table: Secret Detection is performed by a [specific analyzer](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Secret-Detection.gitlab-ci.yml) during the `secret-detection` job. It runs regardless of your app's programming language. -The Secret Detection analyzer includes [Gitleaks](https://github.com/zricethezav/gitleaks) and -[TruffleHog](https://github.com/dxa4481/truffleHog) checks. +The Secret Detection analyzer includes [Gitleaks](https://github.com/zricethezav/gitleaks) checks. Note that the Secret Detection analyzer ignores Password-in-URL vulnerabilities if the password begins with a dollar sign (`$`), as this likely indicates the password is an environment variable. @@ -200,7 +199,7 @@ Secret Detection can be customized by defining available CI/CD variables: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211387) in GitLab 13.5. You can customize the default secret detection rules provided with GitLab. -Customization allows you to exclude rules and add new rules. +Customization allows replace the default secret detection rules with rules that you define. To create a custom ruleset: |