Upload files to "/"

This commit is contained in:
2026-04-23 16:22:48 +00:00
parent 7a06dd6ce1
commit df25a8efa6
5 changed files with 418 additions and 0 deletions

88
.gitguardian.yml Normal file
View File

@@ -0,0 +1,88 @@
# GitGuardian configuration
# See: https://docs.gitguardian.com/ggshield-docs/reference/gitguardian-yaml
secret:
# Paths that contain test fixtures, example files, and dev configs — not real secrets
ignored-paths:
- "**/tests/**"
- "**/test_*"
- "**/conftest.py"
- "**/*.test.*"
- "**/testdata/**"
- "deploy/env-example"
- "features/**/tests/**"
- "tests2/**"
- "tests3/**"
# Backup env files (deleted from tree, exist only in git history)
- ".env.backup"
- "deploy/compose/.env.bak"
# Notebook test fixtures with test API keys
- "packages/vexa-client/tests.ipynb"
- "packages/vexa-client/tests/tutorial.ipynb"
# Example/template files with placeholder credentials
- "**/.pypirc.example"
# Dashboard validation scripts with test tokens
- "services/dashboard/agent-inspect.js"
- "services/dashboard/agent-flow.js"
- "services/dashboard/auth-validate*.js"
- "services/dashboard/feature-validate.js"
# Known test/dev patterns that are not real secrets
ignored-matches:
# Test admin tokens (hardcoded in test fixtures)
- name: "test-admin-token"
match: "test-admin-token*"
- name: "changeme-default"
match: "changeme"
# Test API key prefixes (fake tokens in unit tests)
- name: "test-vxa-bot-tokens"
match: "vxa_bot_abc*"
- name: "test-vxa-bot-testkey"
match: "vxa_bot_testkey*"
- name: "test-vxa-user-tokens"
match: "vxa_user_*"
# Chrome password-store flag (not a secret)
- name: "chrome-password-store"
match: "password-store=basic"
# Helm chart template placeholders
- name: "helm-changeme"
match: "CHANGE_ME"
# vexa-internal-secret default (used in dev only)
- name: "internal-secret-default"
match: "vexa-internal-secret"
# staging admin token (dev-only, not production)
- name: "staging-admin-token"
match: "staging-admin-token"
# test-admin-token-t3 (tests3 test cluster)
- name: "test-cluster-token"
match: "test-admin-token-t3"
# Dev-only default database password (postgres:postgres for local dev)
- name: "dev-postgres-password"
match: "POSTGRES_PASSWORD=postgres"
- name: "dev-db-password"
match: "DB_PASSWORD=postgres"
- name: "dev-db-password-value"
match: "password: \"postgres\""
- name: "dev-db-url-password"
match: "postgres:postgres@"
# Dev-only MinIO defaults (non-production)
- name: "dev-minio-access-key"
match: "vexa-access-key"
- name: "dev-minio-secret-key"
match: "vexa-secret-key"
# Dev-only JWT secret
- name: "dev-jwt-secret"
match: "vexa-dev-jwt-secret"
# PyPI example placeholder
- name: "pypi-placeholder"
match: "your-pypi-api-token-here"