From 22e81cc8969116bf15f14fcf9f3c2f11f0d36cf4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=94=D0=BC=D0=B8=D1=82=D1=80=D0=B8=D0=B9?=
 <donnalee11681676@gmail.com>
Date: Thu, 21 May 2026 08:50:44 +0300
Subject: [PATCH] chore(gitleaks): allowlist Nuclei docs false-positive
 (curl-auth-user)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .gitleaksignore | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 .gitleaksignore

diff --git a/.gitleaksignore b/.gitleaksignore
new file mode 100644
index 00000000..b9684a1e
--- /dev/null
+++ b/.gitleaksignore
@@ -0,0 +1,6 @@
+# gitleaks false-positive allowlist (fingerprints).
+# Format: one fingerprint per line. `gitleaks detect --report-format json` outputs them.
+
+# Nuclei docs `-u http://...` — nuclei's -u flag is "target URL", not curl basic-auth.
+# Rule `curl-auth-user` matches the pattern but it's not authentication.
+f696ca50266eb1c2974b5fc89f6fa585edaf4b6b:docs/security/nuclei-setup.md:curl-auth-user:27