diff --git a/gitleaks.toml b/gitleaks.toml
index 3abe3c8..7f6f628 100644
--- a/gitleaks.toml
+++ b/gitleaks.toml
@@ -3,23 +3,30 @@ title = "Gitleaks Docker Compose CI/CD Config"
 [[rules]]
 id = "docker-env-password"
 description = "Possible password in docker-compose environment"
-regex = '''(?i)([A-Z0-9_]*(PASSWORD|PASS|PWD))[=:]\s*['"]?[A-Za-z0-9!@#$%^&*()_+={}\[\]:;,.<>?~-]{6,}['"]?'''
+regex = "(?i)([A-Z0-9_]*(PASSWORD|PASS|PWD))[=:]\\s*['\"]?[A-Za-z0-9!@#$%^&*()_+={}\\[\\]:;,.<>?~-]{6,}['\"]?"
 tags = ["docker", "compose", "password", "env"]
 
 [[rules]]
 id = "docker-env-secret"
 description = "Generic secret or token in docker-compose environment"
-regex = '''(?i)(SECRET|TOKEN|API[_-]?KEY)[=:]\s*['"]?[A-Za-z0-9_\-]{16,}['"]?'''
+regex = "(?i)(SECRET|TOKEN|API[_-]?KEY)[=:]\\s*['\"]?[A-Za-z0-9_\\-]{16,}['\"]?"
 tags = ["docker", "compose", "secret", "env"]
 
 [[rules]]
 id = "aws-credentials"
 description = "AWS Access Key or Secret"
-regex = '''(AKIA[0-9A-Z]{16}|(?i)aws[_-]secret[_-]access[_-]key\s*[:=]\s*[A-Za-z0-9/+=]{40})'''
+regex = "(AKIA[0-9A-Z]{16}|(?i)aws[_-]secret[_-]access[_-]key\\s*[:=]\\s*[A-Za-z0-9/+=]{40})"
 tags = ["aws", "compose", "credentials"]
 
 [[rules]]
 id = "private-key"
 description = "Private key detected"
-regex = '''-----BEGIN( RSA| EC| DSA)? PRIVATE KEY-----'''
+regex = "-----BEGIN( RSA| EC| DSA)? PRIVATE KEY-----"
 tags = ["key", "pem", "compose"]
+
+[allowlist]
+files = [
+  "docker-compose\\.ya?ml",
+  "\\.env"
+]
+