Exclude Files from HackerOne Review
Last updated
Last updated
You may wish to restrict certain files/directories from ever being reviewed by or visible to engineers in the HackerOne reviewer network.
This can be done by adding a .pullrequestignore
configuration file to the root directory of your repository.
The formatting and behavior is nearly identical to a conventional . When a pull or merge request is sent to our network to be reviewed, and files involved in the code changes that meet restriction criteria will be excluded in the diff sent to us.
A repository contains the following rules defined in .pullrequestignore
:
And a pull request is opened involving changes to the following files:
packages/new-service/Helpers.js
packages/legacy-service/Helpers.js
src/frontend/about.html
src/components/Routes/Authentication.jsx
Here's what would be visible to HackerOne reviewers:
FILE
EXPOSURE
packages/new-service/Helpers.js
✔️ VISIBLE
packages/legacy-service/Helpers.js
⛔ NOT VISIBLE
src/frontend/about.html
⛔ NOT VISIBLE
src/components/Routes/Authentication.jsx
✔️ VISIBLE