I've installed git-secrets using Homebrew as in the instructions.
Also have run the following to setup:
git secrets --register-aws --global
git secrets --install ~/.git-templates/git-secrets
git config --global init.templateDir ~/.git-templates/git-secrets
If I create a brand new git repo and try to commit using any message, I get an error that the commit message matches a pattern:
mkdir test-secrets
cd test-secrets
git init
git commit --allow-empty -m 'test'
.git/COMMIT_EDITMSG:1:test
[ERROR] Matched one or more prohibited patterns
Possible mitigations:
- Mark false positives as allowed using: git config --add secrets.allowed ...
- Mark false positives as allowed by adding regular expressions to .gitallowed at repository's root directory
- List your configured patterns: git config --get-all secrets.patterns
- List your configured allowed patterns: git config --get-all secrets.allowed
- List your configured allowed patterns in .gitallowed at repository's root directory
- Use --no-verify if this is a one-time false positive
Output of my secrets.patterns:
git config --get-all secrets.patterns
(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}
("|')?(AWS|aws|Aws)?_?(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)("|')?\s*(:|=>|=)\s*("|')?[A-Za-z0-9/\+=]{40}("|')?
("|')?(AWS|aws|Aws)?_?(ACCOUNT|account|Account)_?(ID|id|Id)?("|')?\s*(:|=>|=)\s*("|')?[0-9]{4}\-?[0-9]{4}\-?[0-9]{4}("|')?
What am I missing?
I've installed git-secrets using Homebrew as in the instructions.
Also have run the following to setup:
If I create a brand new git repo and try to commit using any message, I get an error that the commit message matches a pattern:
Output of my secrets.patterns:
What am I missing?