senke 0c38966aed ci(security): allowlist test fixtures and historic backup dirs in gitleaks ... The gitleaks job reported 389 leaks, but every match fell into one of: - eyJ...invalid_signature fake JWTs in *_test.go (used to exercise auth failure paths — never a real credential) - veza-backend-api/internal/services/.backup-pre-uuid-migration/ which existed in commits 2425c15b0 / 2425c15b0 but is gone from HEAD; gitleaks scans full git history so removing the dir would not help - test-jwt-secret / test-internal-api-key constants in setupTestRouter Add a .gitleaks.toml that extends the v8 default ruleset and allowlists those paths and stopwords. Update the workflow to pass --config so the file is honored.		2026-04-14 11:45:43 +02:00
..
ISSUE_TEMPLATE	chore(cleanup): remove veza-chat-server directory and all operational references	2026-02-22 21:13:00 +01:00
workflows	ci(security): allowlist test fixtures and historic backup dirs in gitleaks	2026-04-14 11:45:43 +02:00
dependabot.yml	chore(cleanup): remove veza-chat-server directory and all operational references	2026-02-22 21:13:00 +01:00
pull_request_template.md	chore(cleanup): remove veza-chat-server directory and all operational references	2026-02-22 21:13:00 +01:00