From 79f6233cef2a03247710d698c0251a1e957653f3 Mon Sep 17 00:00:00 2001 From: Divyam Talwar Date: Mon, 30 Mar 2026 16:37:02 +0530 Subject: [PATCH] chore(repo): require owner review on protected branches --- .github/CODEOWNERS | 2 ++ .github/secret_scanning.yml | 12 ++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 .github/CODEOWNERS create mode 100644 .github/secret_scanning.yml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..ed75266 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,2 @@ +# Require repository-owner review for all changes on protected branches. +* @DivyamTalwar diff --git a/.github/secret_scanning.yml b/.github/secret_scanning.yml new file mode 100644 index 0000000..b685072 --- /dev/null +++ b/.github/secret_scanning.yml @@ -0,0 +1,12 @@ +# Exclude intentional fake-secret fixtures used by the secret-detector test suite. +# Keep this list as narrow as possible so real leaks elsewhere still surface. +paths-ignore: + - ".gitleaks.toml" + - "tests/detectors/security/test_rules.py" + - "tests/detectors/security/test_security.py" + - "tests/detectors/test_security_internals.py" + - "tests/detectors/test_security_patterns.py" + - "tests/e2e/test_cli_flags.py" + - "tests/e2e/test_config_mutations.py" + - "tests/e2e/test_core_commands.py" + - "tests/e2e/test_scan_workflow.py"