sensitive-file/database-dump

Database dump

criticalSensitive filesensitive-file

What it detects

Database dump file (SQL dump, .dump, compressed SQL). May contain PII, hashed passwords, and business data.

Remove from repo history (BFG/git-filter-repo) and sanitize any exposed data.

Path / basename / content-header match. No content body is stored — only the path.

Found a false positive or want this rule tuned? File an issue. You can also suppress per-repo via a .repoguardignore line.