# Gitleaks configuration for secret detection
title = "MCP ComfyUI Flux Gitleaks Config"
[allowlist]
description = "Allowlist for MCP ComfyUI Flux"
paths = [
'''package-lock\.json''',
'''\.gitleaks\.toml''',
'''.*\.md'''
]
[[rules]]
description = "AWS Access Key"
regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}'''
tags = ["aws", "key"]
[[rules]]
description = "AWS Secret Key"
regex = '''(?i)aws(.{0,20})?(?-i)['\"]?([0-9a-zA-Z\/+]{40})['\"]?'''
tags = ["aws", "secret"]
[[rules]]
description = "GitHub Personal Access Token"
regex = '''ghp_[0-9a-zA-Z]{36}'''
tags = ["github", "pat"]
[[rules]]
description = "GitHub OAuth Access Token"
regex = '''gho_[0-9a-zA-Z]{36}'''
tags = ["github", "oauth"]
[[rules]]
description = "GitHub App Token"
regex = '''ghs_[0-9a-zA-Z]{36}'''
tags = ["github", "app"]
[[rules]]
description = "GitHub Refresh Token"
regex = '''ghr_[0-9a-zA-Z]{36}'''
tags = ["github", "refresh"]
[[rules]]
description = "GitLab Personal Access Token"
regex = '''glpat-[0-9a-zA-Z\-]{20}'''
tags = ["gitlab", "pat"]
[[rules]]
description = "Anthropic API Key"
regex = '''sk-ant-[a-zA-Z0-9]{90,}'''
tags = ["anthropic", "api", "key"]
[[rules]]
description = "OpenAI API Key"
regex = '''sk-[a-zA-Z0-9]{48}'''
tags = ["openai", "api", "key"]
[[rules]]
description = "Hugging Face Token"
regex = '''hf_[a-zA-Z0-9]{30,}'''
tags = ["huggingface", "token"]
[[rules]]
description = "Generic API Key"
regex = '''(?i)(api[_\-\s]?key|apikey|api_token|apitoken)['"]?\s*[:=]\s*['"]?([a-zA-Z0-9\-_]{32,})['"]?'''
tags = ["generic", "api", "key"]
[[rules]]
description = "Generic Secret"
regex = '''(?i)(secret|password|passwd|pwd|token|auth)['"]?\s*[:=]\s*['"]?([a-zA-Z0-9\-_!@#$%^&*]{8,})['"]?'''
tags = ["generic", "secret"]
