crash.software
Projects
Pull Requests
Issues
Builds
bearer
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY bearer Files
🤬
v0.23.0
ROOT /
docs /
reference /
config.md
71 lines | ISO-8859-1 | 2 KB

title: Configuration layout: layouts/doc.njk

Configuring Curio

Configuration of Curio can be done with flags on the scan command, or by using a curio.yml file in the project directory.

To initialize the config file, run the following from your project directory:

curio init

This creates a config file in your current directory. Below is an annotated version of that file.

# Detector settings
detector:
    # Specify the comma-separated ids of the detectors you would like to run. 
    # Skips all other detectors.
    only-detector: []
    # Specify the comma-separated ids of the detectors you would like to skip. 
    # Runs all other detectors.
    skip-detector: []
# Rule settings
rule:
    # Specify the comma-separated ids of the rules you would like to run. 
    # Skips all other rules.
    only-rule: []
    # Specify the comma-separated ids of the rules you would like to skip. 
    # Runs all other rules.
    skip-rule: []
# Report settings
report:
    # Specify report format (json, yaml)
    format: ""
    # Specify the output path for the report.
    output: ""
    # Specify the type of report (detectors, dataflow, summary, stats). 
    report: summary
# Scan settings
scan:
    # Expand context of schema classification 
    # For example, "health" will include data types particular to health
    context: ""
    # Enable debug logs
    debug: false
    # Do not attempt to resolve detected domains during classification.
    disable-domain-resolution: true
    # Set timeout when attempting to resolve detected domains during classification.
    domain-resolution-timeout: 3s
    # Specify directories paths that contain .yaml files with external custom detectors configuration.
    external-detector-dir: []
    # Specify directories paths that contain .rego files with external rules configuration.
    external-rule-dir: []
    # Disable the cache and runs the detections again every time scan runs.
    force: false
    # Define regular expressions for better classification of private or unreachable domains
    # e.g., ".*.my-company.com,private.sh"
    internal-domains: []
    # Suppress non-essential messages
    quiet: false
    # Specify the comma separated files and directories to skip. Supports * syntax.
    skip-path: []

Utilizing a custom config

By default, Curio will look for a curio.yml file in the project directory where the scan is run. Alternately, you can use the --config-file flag with the scan command to reference a config file that is outside the project directory.

Please wait...
Page is in error, reload to recover