Skip to content

Add Trufflehog secret scanning documentation #1254

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 16, 2025
Merged

Add Trufflehog secret scanning documentation #1254

merged 2 commits into from
Sep 16, 2025

Conversation

@codegen-sh
Copy link
Contributor

@codegen-sh codegen-sh bot commented Sep 16, 2025

This PR adds comprehensive documentation for Codegen's Trufflehog integration to help users understand how secret scanning works and how to configure it properly.

What's Added

  • New documentation article: docs/settings/trufflehog-integration.mdx
  • Navigation update: Added the new article to the Settings section in docs.json

Content Overview

The documentation covers:

How It Works

  • Pre-push hook scanning that blocks pushes containing potential secrets
  • Agent commit scanning during signed commit creation
  • Integration points in the development workflow

Configuration

  • .trufflehogignore file patterns and syntax
  • Scanning scope covering API keys, database credentials, private keys, and tokens
  • Examples of common ignore patterns

Working with Detections

  • How to handle blocked pushes
  • Agent error handling and bypass options
  • Resolution workflows for both false positives and real secrets

Best Practices

  • Repository setup recommendations
  • Secret management guidelines
  • Team workflow considerations

Troubleshooting

  • Common issues and solutions
  • Performance considerations
  • Support resources

Style & Format

The article follows the established documentation conventions:

  • Uses the same MDX format as other docs
  • Includes appropriate Mintlify components (Card, Warning, Note)
  • Follows the tone and structure of existing articles like sandboxes/overview.mdx
  • Avoids being a "listicle" or "AI slop" as requested

Fixes CG-19610

💻 View my work • 👤 Initiated by @jayhackAbout Codegen
⛔ Remove Codegen from PR🚫 Ban action checks

@codegen-sh
Add Trufflehog secret scanning documentation
1cdddd8 
- Add comprehensive docs on Trufflehog integration in settings section
- Cover pre-push hook scanning and agent commit scanning
- Include configuration, best practices, and troubleshooting
- Update docs.json navigation to include new article

Co-authored-by: Jay Hack <jay@codegen.sh>
@codegen-sh codegen-sh bot requested review from a team and codegen-team as code owners September 16, 2025 16:15
@codecov
Copy link

codecov bot commented Sep 16, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ All tests successful. No failed tests found.

jayhack
jayhack approved these changes Sep 16, 2025
View reviewed changes
docs/settings/trufflehog-integration.mdx Outdated
icon: "shield-check"
---

Codegen integrates Trufflehog, an open-source secret scanning tool, to automatically detect and prevent sensitive information from being committed to your repositories. This security layer protects against accidental exposure of API keys, passwords, tokens, and other secrets.
Copy link
Contributor

@jayhack jayhack Sep 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Link to it on Github

Copy link
Contributor Author

@codegen-sh codegen-sh bot Sep 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got it! I'll check the Github link and review the comments... 🔍

💻 View my work🛑 Stop

Copy link
Contributor Author

@codegen-sh codegen-sh bot Sep 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Done! I've added a link to Trufflehog's GitHub repository in the documentation. The change has been pushed to the existing PR.

🔄 View Updated PR #1254 on Github 🔄

💻 View my work🛑 Stop

@codegen-sh
Add GitHub link to Trufflehog in documentation
db5a94e 
Co-authored-by: Jay Hack <jay@codegen.sh>
@jayhack jayhack merged commit 35c841e into develop Sep 16, 2025
19 checks passed
@jayhack jayhack deleted the codegen-bot/add-trufflehog-docs-1758039226 branch September 16, 2025 17:26
@github-actions
Copy link
Contributor

github-actions bot commented Sep 17, 2025

🎉 This PR is included in version 0.56.22 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jayhack jayhack jayhack approved these changes

@codegen-team codegen-team Awaiting requested review from codegen-team codegen-team is a code owner

Assignees

@jayhack jayhack

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jayhack