Tune pre-push security patterns to allow placeholders

goldenjacob · goldenjacob · commit 3f3420d9e68d · 2026-04-17T14:30:44.000-04:00
diff --git a/Scripts/security/pre-push-security-check.ps1 b/Scripts/security/pre-push-security-check.ps1
@@ -35,9 +35,9 @@ $patterns = @(
     '(?i)api[_-]?key\s*[:=]\s*"[A-Za-z0-9_\-]{16,}"',
     '(?i)client[_-]?secret\s*[:=]\s*"[^"]+"',
     '(?i)password\s*[:=]\s*"[^"]+"',
-    '(?i)Server=[^;]+;Database=',
-    '(?i)[A-Za-z0-9\-]+\.openai\.azure\.com',
-    '(?i)[A-Za-z0-9\-]+\.services\.ai\.azure\.com'
+    '(?i)Server=DBAFGLSQLP12;Database=',
+    '(?i)dbadashai\.openai\.azure\.com',
+    '(?i)kmxdapeaihubmsmodels\.services\.ai\.azure\.com'
 )
 
 $allowedPlaceholders = @(
@@ -46,7 +46,11 @@ $allowedPlaceholders = @(
     '<your-foundry-resource>.services.ai.azure.com',
     '<your-azure-openai-api-key>',
     '<your-deployment-name>',
-    '<your-anthropic-model-deployment>'
+    '<your-anthropic-model-deployment>',
+    'YOUR_SQL_SERVER',
+    'YOUR_AOAI_RESOURCE.openai.azure.com',
+    'YOUR_FOUNDRY_RESOURCE.services.ai.azure.com',
+    'Server=<server>;Database=<db>'
 )
 
 $violations = New-Object System.Collections.Generic.List[string]
