sensitive-file/docker-config

Docker auth config

criticalSensitive filesensitive-file

What it detects

Docker CLI auth config containing base64-encoded registry credentials.

Delete file, revoke registry tokens, and use a credential helper instead.

Path / basename / content-header match. No content body is stored — only the path.

Found a false positive or want this rule tuned? File an issue. You can also suppress per-repo via a .repoguardignore line.