mirror of
https://github.com/pezkuwichain/pwap.git
synced 2026-04-21 22:38:00 +00:00
pezkuwichain
18e4adb283
- Refactor security-check.yml to separate critical vs optional checks - Make TruffleHog, Gitleaks, and Snyk scans optional (continue-on-error) - Fix .gitattributes negative pattern warning (!.env.example) - Use specific .env patterns instead of wildcards - Improve workflow job organization and summary reporting This ensures the CI/CD pipeline doesn't fail when optional security tools are not configured with tokens, while maintaining strict validation for critical security checks. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
97 lines
2.2 KiB
Plaintext
97 lines
2.2 KiB
Plaintext
# ========================================
|
|
# Git Attributes for PezkuwiChain
|
|
# ========================================
|
|
# Prevents merge conflicts and ensures consistent file handling
|
|
|
|
# ========================================
|
|
# ENVIRONMENT FILES - NO MERGE
|
|
# ========================================
|
|
# Prevent .env files from being merged
|
|
# Always use local version (ours) in case of conflict
|
|
.env merge=ours
|
|
.env.local merge=ours
|
|
.env.production merge=ours
|
|
.env.staging merge=ours
|
|
.env.development merge=ours
|
|
|
|
# Allow .env.example to be merged normally (no special handling needed)
|
|
# .env.example uses default merge strategy
|
|
|
|
# ========================================
|
|
# SENSITIVE FILES - NO DIFF
|
|
# ========================================
|
|
# Prevent sensitive files from showing diffs
|
|
*.key diff=secret
|
|
*.pem diff=secret
|
|
*.cert diff=secret
|
|
*.p12 diff=secret
|
|
*.pfx diff=secret
|
|
*secret* diff=secret
|
|
*password* diff=secret
|
|
*credential* diff=secret
|
|
|
|
# ========================================
|
|
# LINE ENDINGS
|
|
# ========================================
|
|
# Auto normalize line endings
|
|
* text=auto
|
|
|
|
# Specific file types
|
|
*.js text eol=lf
|
|
*.jsx text eol=lf
|
|
*.ts text eol=lf
|
|
*.tsx text eol=lf
|
|
*.json text eol=lf
|
|
*.md text eol=lf
|
|
*.yml text eol=lf
|
|
*.yaml text eol=lf
|
|
|
|
# Windows batch files
|
|
*.bat text eol=crlf
|
|
*.cmd text eol=crlf
|
|
|
|
# Shell scripts
|
|
*.sh text eol=lf
|
|
|
|
# ========================================
|
|
# BINARY FILES
|
|
# ========================================
|
|
# Mark as binary (no text conversion)
|
|
*.png binary
|
|
*.jpg binary
|
|
*.jpeg binary
|
|
*.gif binary
|
|
*.ico binary
|
|
*.mov binary
|
|
*.mp4 binary
|
|
*.mp3 binary
|
|
*.flv binary
|
|
*.fla binary
|
|
*.swf binary
|
|
*.gz binary
|
|
*.zip binary
|
|
*.7z binary
|
|
*.ttf binary
|
|
*.eot binary
|
|
*.woff binary
|
|
*.woff2 binary
|
|
*.pyc binary
|
|
|
|
# ========================================
|
|
# GENERATED FILES
|
|
# ========================================
|
|
# Mark generated files
|
|
dist/** linguist-generated=true
|
|
build/** linguist-generated=true
|
|
coverage/** linguist-generated=true
|
|
*.min.js linguist-generated=true
|
|
*.min.css linguist-generated=true
|
|
|
|
# ========================================
|
|
# LOCK FILES
|
|
# ========================================
|
|
# Always use local version for lock files in conflicts
|
|
package-lock.json merge=ours
|
|
yarn.lock merge=ours
|
|
pnpm-lock.yaml merge=ours
|