38 lines
1.2 KiB
TypeScript
38 lines
1.2 KiB
TypeScript
/**
|
|
* Security-related configuration types.
|
|
*/
|
|
|
|
export type SecretDetectionConfig = {
|
|
/** Enable high-entropy string detection. Default: true. */
|
|
enabled?: boolean;
|
|
/** Minimum Shannon entropy threshold for flagging secrets. Default: 4.5. */
|
|
minEntropyThreshold?: number;
|
|
/** Minimum string length to analyze for entropy. Default: 24. */
|
|
minLength?: number;
|
|
/** Additional custom regex patterns to detect as secrets. */
|
|
customPatterns?: string[];
|
|
};
|
|
|
|
export type SecretHandlingConfig = {
|
|
/** Enable interactive prompts when secrets are detected. Default: true. */
|
|
interactive?: boolean;
|
|
/** Default action when interactive mode is disabled or times out. Default: "redact". */
|
|
defaultAction?: 'redact' | 'block' | 'allow';
|
|
/** Timeout for interactive confirmation prompts in milliseconds. Default: 15000. */
|
|
confirmationTimeoutMs?: number;
|
|
};
|
|
|
|
export type SecretHandlingFullConfig = {
|
|
/** Secret detection settings. */
|
|
detection?: SecretDetectionConfig;
|
|
/** Secret handling behavior. */
|
|
handling?: SecretHandlingConfig;
|
|
};
|
|
|
|
export type SecurityConfig = {
|
|
/** Secret/credential handling configuration. */
|
|
secrets?: SecretHandlingFullConfig;
|
|
/** Constitutional principles that override user messages (optional). */
|
|
constitution?: string[];
|
|
};
|