finos
diff --git a/‎.github/workflows/codeql.yml‎
Lines changed: 3 additions & 3 deletions b/‎.github/workflows/codeql.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎.github/workflows/dependency-review.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/dependency-review.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 0 additions & 60 deletions b/‎.github/workflows/release.yml‎
Lines changed: 0 additions & 60 deletions
diff --git a/‎.github/workflows/scorecard.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/scorecard.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎config.schema.json‎
Lines changed: 22 additions & 7 deletions b/‎config.schema.json‎
Lines changed: 22 additions & 7 deletions
diff --git a/‎experimental/li-cli/package-lock.json‎
Lines changed: 10 additions & 4 deletions b/‎experimental/li-cli/package-lock.json‎
Lines changed: 10 additions & 4 deletions
diff --git a/‎experimental/li-cli/package.json‎
Lines changed: 1 addition & 1 deletion b/‎experimental/li-cli/package.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎package-lock.json‎
Lines changed: 18 additions & 3 deletions b/‎package-lock.json‎
Lines changed: 18 additions & 3 deletions
diff --git a/‎package.json‎
Lines changed: 2 additions & 2 deletions b/‎package.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎packages/git-proxy-cli/package.json‎
Lines changed: 1 addition & 1 deletion b/‎packages/git-proxy-cli/package.json‎
Lines changed: 1 addition & 1 deletion
@@ -60,7 +60,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3
+        uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -73,7 +73,7 @@ jobs:
       # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@192325c86100d080feab897ff886c34abd4c83a3 # v3
+        uses: github/codeql-action/autobuild@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -86,6 +86,6 @@ jobs:
       #     ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3
+        uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3
         with:
           category: '/language:${{matrix.language}}'
@@ -17,7 +17,7 @@ jobs:
       - name: 'Checkout Repository'
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
       - name: Dependency Review
-        uses: actions/dependency-review-action@595b5aeba73380359d98a5e087f648dbb0edce1b # v4
+        uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4
         with:
           comment-summary-in-pr: always
           fail-on-severity: high
 
@@ -72,6 +72,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: 'Upload to code-scanning'
-        uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3
+        uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
         with:
           sarif_file: results.sarif
@@ -7,7 +7,7 @@
   "properties": {
     "proxyUrl": {
       "type": "string",
-      "description": "Used in early versions of git proxy to configure the remote host that traffic is proxied to. In later versions, the repository URL is used to determine the domain proxied, allowing multiple hosts to be proxied by one instance.",
+      "description": "Deprecated: Used in early versions of git proxy to configure the remote host that traffic is proxied to. In later versions, the repository URL is used to determine the domain proxied, allowing multiple hosts to be proxied by one instance.",
       "deprecated": true
     },
     "cookieSecret": { "type": "string" },
@@ -27,19 +27,34 @@
                 "https://somedomain.com/some/path/checkUserGroups?domain=<domain>&name=<name>&id=<id>"
               ]
             }
-          }
+          },
+          "additionalProperties": false
         },
         "github": {
           "type": "object",
+          "description": "Deprecated: Defunct property that was used to provide the API URL for GitHub. No longer referenced in the codebase.",
           "properties": {
             "baseUrl": {
               "type": "string",
               "format": "uri",
-              "examples": ["https://api.github.com"]
+              "examples": ["https://api.github.com"],
+              "deprecated": true
             }
+          },
+          "additionalProperties": false
+        },
+        "gitleaks": {
+          "type": "object",
+          "description": "Configuration for the gitleaks (https://github.com/gitleaks/gitleaks) plugin",
+          "properties": {
+            "enabled": { "type": "boolean" },
+            "ignoreGitleaksAllow": { "type": "boolean" },
+            "noColor": { "type": "boolean" },
+            "configPath": { "type": "string" }
           }
         }
-      }
+      },
+      "additionalProperties": false
     },
     "commitConfig": {
       "description": "Enforce rules and patterns on commits including e-mail and message",
@@ -118,7 +133,7 @@
       "description": "List of authentication sources. The first source in the configuration with enabled=true will be used.",
       "type": "array",
       "items": {
-        "$ref": "#/definitions/authentication"
+        "$ref": "#/definitions/authenticationElement"
       }
     },
     "tempPassword": {
@@ -136,7 +151,7 @@
       "description": "List of authentication sources for API endpoints. May be empty, in which case all endpoints are public.",
       "type": "array",
       "items": {
-        "$ref": "#/definitions/authentication"
+        "$ref": "#/definitions/authenticationElement"
       }
     },
     "tls": {
@@ -239,7 +254,7 @@
       },
       "required": ["type", "enabled"]
     },
-    "authentication": {
+    "authenticationElement": {
       "type": "object",
       "description": "Configuration for an authentication source",
       "oneOf": [
 
@@ -21,7 +21,7 @@
   },
   "devDependencies": {
     "@jest/globals": "^29.7.0",
-    "@types/node": "^22.18.6",
+    "@types/node": "^22.18.7",
     "@types/yargs": "^17.0.33",
     "jest": "^29.7.0",
     "rimraf": "^6.0.1",
 
@@ -1,6 +1,6 @@
 {
   "name": "@finos/git-proxy",
-  "version": "2.0.0-rc.2",
+  "version": "2.0.0-rc.3",
   "description": "Deploy custom push protections and policies on top of Git.",
   "scripts": {
     "cli": "node ./packages/git-proxy-cli/index.js",
@@ -53,7 +53,7 @@
     "connect-mongo": "^5.1.0",
     "cors": "^2.8.5",
     "diff2html": "^3.4.52",
-    "env-paths": "^2.2.1",
+    "env-paths": "^3.0.0",
     "express": "^4.21.2",
     "express-http-proxy": "^2.1.2",
     "express-rate-limit": "^8.1.0",
 
@@ -1,6 +1,6 @@
 {
   "name": "@finos/git-proxy-cli",
-  "version": "0.1.0",
+  "version": "2.0.0-rc.3",
   "description": "Command line interface tool for FINOS GitProxy.",
   "bin": "./index.js",
   "dependencies": {
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@finos/git-proxy-cli",`
`3`		`- "version": "0.1.0",`
	`3`	`+ "version": "2.0.0-rc.3",`
`4`	`4`	`"description": "Command line interface tool for FINOS GitProxy.",`
`5`	`5`	`"bin": "./index.js",`
`6`	`6`	`"dependencies": {`