From 6609e5ea75a9e119651e19574c30c11ce19c62d0 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Thu, 4 Mar 2021 21:08:59 +0000 Subject: Add latest changes from gitlab-org/gitlab@master --- doc/user/application_security/secret_detection/index.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'doc/user/application_security/secret_detection') diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md index 9390a5def18..d3709023085 100644 --- a/doc/user/application_security/secret_detection/index.md +++ b/doc/user/application_security/secret_detection/index.md @@ -102,8 +102,7 @@ as shown in the following table: Secret Detection is performed by a [specific analyzer](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Secret-Detection.gitlab-ci.yml) during the `secret-detection` job. It runs regardless of your app's programming language. -The Secret Detection analyzer includes [Gitleaks](https://github.com/zricethezav/gitleaks) and -[TruffleHog](https://github.com/dxa4481/truffleHog) checks. +The Secret Detection analyzer includes [Gitleaks](https://github.com/zricethezav/gitleaks) checks. Note that the Secret Detection analyzer ignores Password-in-URL vulnerabilities if the password begins with a dollar sign (`$`), as this likely indicates the password is an environment variable. @@ -200,7 +199,7 @@ Secret Detection can be customized by defining available CI/CD variables: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211387) in GitLab 13.5. You can customize the default secret detection rules provided with GitLab. -Customization allows you to exclude rules and add new rules. +Customization allows replace the default secret detection rules with rules that you define. To create a custom ruleset: -- cgit v1.2.3