aboutsummaryrefslogtreecommitdiffstats
path: root/master_list.yaml
blob: c40e138560d42dc2fafc928c4560335f69e3ea28 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
---
# When adding projects all `arrays: []` sections must have
# a value, Use 'nullvalue' if no waivers are available.
#
# This file uses standard regular expression syntax,  however be mindful
# of escaping YAML delimiters too (such as `:`) using double quotes "".

binaries:
  binary_ignore:
    - \.git/(index|objects)

file_audits:
  file_names:
    - \.asc
    - \.gpg
    - \.key
    - \.md(2|3|4|5)
    - \.sha1
    - \.sig
    - \.pcap
    - \.kdb
    - \.pypirc
    - \.pem
    - \.cer
    - \.der
    - \.crt
    - \.crl
    - \.p7b
    - \.p7r
    - \.spc
    - \.sst
    - \.stl
    - \.pfx
    - \.p12
    - _rsa
    - _dsa
    - (irb|plsq|mysql|bash|zsh)_history
    - (zsh|bash)rc-secrets
    - \.vimrc
    - \.gem\/credentials
    - configuration\.user\.xpl
    - \.dockercfg
    - \.npmrc
    - key(store|ring)
    - ovpn
    - secret_token\.rb
    - omniauth\.rb
    - carrierwave\.rb
    - schema\.rb
    - database\.yml
    - settings\.py
    - keychain
    - backup
    - credentials\.xml
    - htpasswd
    - kwallet
    - aws_access_key_id
    - aws_secret_access_key

  file_contents:
    - -----BEGIN\sRSA\sPRIVATE\sKEY----
    - (password|passwd)(.*:|.*=.*)
    - curl
    - git.*clone
    - dual_ec_drbg
    - base64_decode
    - gost
    - md[245]
    - panama
    - private_key
    - rc4
    - ripemd
    - secret
    - sha0
    - snefru
    - ssh_key
    - sslv[12]
    - streebog
    - tlsv1
    - wget
    - run_as_root.*=.*True
    - exec\s*(\"|\().+(\"|\))
    - \beval\b
    - app\.run\s*\(.*debug.*=.*True.*\)
    - autoescape.*=.*False
    - safestring\.mark_safe.*\(.*\)
    - shell.*=.*True
    - \/tmp\/
    - \yaml\.load
    - telnet
    - ftp
    - finger

licence:
  licence_ext:
    - '.java'
    - '.md'
    - '.py'
    - '.rb'
    - '.rst'
    - '.sh'
  licence_ignore:
    - '__init__.py'

project_exceptions:
  - apex: exceptions/apex.yaml
  - armband: exceptions/armband.yaml
  - bamboo: exceptions/bamboo.yaml
  - barometer: exceptions/barometer.yaml
  - bottlenecks: exceptions/bottlenecks.yaml
  - calipso: exceptions/calipso.yaml
  - compass4nfv: exceptions/compass4nfv.yaml
  - conductor: exceptions/conductor.yaml
  - copper: exceptions/copper.yaml
  - cperf: exceptions/cperf.yaml
  - daisy: exceptions/daisy.yaml
  - doctor: exceptions/doctor.yaml
  - dovetail: exceptions/dovetail.yaml
  - dpacc: exceptions/dpacc.yaml
  - enfv: exceptions/enfv.yaml
  - escalator: exceptions/escalator.yaml
  - fds: exceptions/fds.yaml
  - functest: exceptions/functest.yaml
  - octopus: exceptions/octopus.yaml
  - pharos: exceptions/pharos.yaml
  - releng: exceptions/releng.yaml
  - sandbox: exceptions/sandbox.yaml
  - yardstick: exceptions/yardstick.yaml