-
Notifications
You must be signed in to change notification settings - Fork 310
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to exclude paths? #77
Comments
@deviprasad303 please take a look |
@Chan9390 please add usr{sep}local{sep}share{sep}.cache inside blacklist path. There should not be {sep} at the start of the path. please also add usr{sep}local{sep}share{sep}.cache in the exclude path . the exclude path removes everything that contains the given subpath |
@Chan9390 can you check if it works out for you? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I read the documentation and found that I can exclude certain paths by appending them to
exclude_paths
.Trying to evaluate this tool, I found the following false positive:
While there's a private key in the path, it's added to the container by the repo's dependencies. So inorder to remove any detection of secrets in the
usr/local/share/.cache
path, I appended it toexclude_paths
list:Snippet:
And ran the command:
docker run -it --rm --name=deepfence-secretscanner -v $(pwd):/home/deepfence/output -v /var/run/docker.sock:/var/run/docker.sock deepfenceio/deepfence_secret_scanner:latest -image-name <image>:latest --config-path secretscanner
(where the config.yaml is saved in secretscanner directory).SecretScanner still detects this path and the false positive.
PS: I tried using
{name_sep}
instead of{sep}
, and tried adding the path toblacklisted_strings
andblacklisted_paths
. Nothing worked so far.The text was updated successfully, but these errors were encountered: