npm package.json parsing and license requesting

I wrote some lines to parse a package.json and retrieve the license info from the NPM registry.

Unfortunately npm project files are not yet passed to the script, guess I missed some config property somewhere, @mdolling hope you can point me in the right direction.

.sqa/check_credentials/gitleaks_config.toml

@@ -128,12 +128,8 @@ title = "gitleaks config"
 	description = "Generic Credential"
 	regex = '''(?i)(dbpasswd|dbuser|dbname|dbhost|api_key|apikey|secret|key|api|password|user|guid|hostname|pw|auth)(.{0,20})?['|"]([0-9a-zA-Z-_\/+!{}/=]{4,120})['|"]'''
 	tags = ["key", "API", "generic"]
-	[[rules.allowlist]]
-    	regex = """key[12]?'?s? ?(in|=|:)? ?[{[]?('ignore'|'license[s1]'|'foo[12]': 'bar[12]'|settings|config|'ignore'|'unknown'|'submodules')"""
-	[[rules.allowlist]]
-    	regex = """[Aa]uthors"""
-	[[rules.allowlist]]
-    	regex = """keys.?.?.? .? .?'submodules'"""
+	[rules.allowlist]
+    	regexes = ["""key[12]?'?s? ?(in|=|:)? ?[{[]?('ignore'|'license[s1]'|'foo[12]': 'bar[12]'|settings|config|'ignore'|'unknown'|'submodules')""", """[Aa]uthors""", """keys.?.?.? .? .?'submodules'"""]
 [allowlist]
 	description = "Allowlisted files"
 	files = ['''.*gitleaks_config.toml$''', '''.*config.toml$''', '''.*QUALITY.md$''', '''.*software-quality-assurance-report.md$''']