Captures the E11000 collision on the uniq_pending_request_network_by_buyer_session index, identifies reused purchaseRequestId as the root cause, and lays out the mongo unblock, frontend id-rotation, and backend idempotency fixes. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
19 lines
607 B
TOML
19 lines
607 B
TOML
title = "nick-doc gitleaks config"
|
|
|
|
[extend]
|
|
useDefault = true
|
|
|
|
# 'Pangolin/Newt' is the literal product name of a self-hosted tunneling tool
|
|
# mentioned in operational handoff docs, not a secret. The generic-api-key
|
|
# rule fires on entropy heuristics for the surrounding line.
|
|
[[allowlists]]
|
|
description = "Documentation-only false positives"
|
|
regexes = [
|
|
'''Pangolin/Newt''',
|
|
]
|
|
|
|
# Pin the known historical finding so we don't mask future leaks in the file.
|
|
[[allowlists]]
|
|
description = "Pre-existing FP in Telegram Mini App handoff doc, 2026-05-24"
|
|
commits = ["940ad0c655777e3bf6d5416fd2829be77bdfc4f8"]
|