Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add trufflehog to scan secrets #59

Merged
merged 3 commits into from
Aug 1, 2022
Merged

Add trufflehog to scan secrets #59

merged 3 commits into from
Aug 1, 2022

Conversation

nmerget
Copy link
Member

@nmerget nmerget commented Jul 27, 2022

No description provided.

@github-actions github-actions bot added cicd Changes inside .github folder repo labels Jul 27, 2022
@mfranzke
Copy link
Member

@nmerget What about scanning on pre-commit (additionally), as we might want to prevent any checkin of secrets prior to the commit itself?

@nmerget
Copy link
Member Author

nmerget commented Jul 27, 2022

@nmerget What about scanning on pre-commit (additionally), as we might want to prevent any checkin of secrets prior to the commit itself?

Do you have a suggestion? We should use a npm package for local pre-commit

@mfranzke
Copy link
Member

mfranzke commented Jul 27, 2022
edited
Loading

@nmerget What about scanning on pre-commit (additionally), as we might want to prevent any checkin of secrets prior to the commit itself?

Do you have a suggestion? We should use a npm package for local pre-commit

what about using the same software on the localhosts? https://github.com/trufflesecurity/truffleHog#installation

@nmerget
Copy link
Member Author

nmerget commented Jul 27, 2022

@nmerget What about scanning on pre-commit (additionally), as we might want to prevent any checkin of secrets prior to the commit itself?

Do you have a suggestion? We should use a npm package for local pre-commit

sadly not :-(

All npm scanners are pretty old. Otherwise we would need docker to run some go/python scanner :(

@mfranzke
Copy link
Member

@nmerget What about scanning on pre-commit (additionally), as we might want to prevent any checkin of secrets prior to the commit itself?

Do you have a suggestion? We should use a npm package for local pre-commit

sadly not :-(

All npm scanners are pretty old. Otherwise we would need docker to run some go/python scanner :(

brew installation sounded feasible to me … at least for the Mac users … https://github.com/trufflesecurity/truffleHog#5-brew

@nmerget
Copy link
Member Author

nmerget commented Jul 27, 2022

@nmerget What about scanning on pre-commit (additionally), as we might want to prevent any checkin of secrets prior to the commit itself?

Do you have a suggestion? We should use a npm package for local pre-commit

sadly not :-(

All npm scanners are pretty old. Otherwise we would need docker to run some go/python scanner :(

brew installation sounded feasible to me … at least for the Mac users … https://github.com/trufflesecurity/truffleHog#5-brew

I think this is not a solution. We should use only npm packages or bash inside pre-commit...

@nmerget nmerget enabled auto-merge (squash) August 1, 2022 12:19
@mfranzke mfranzke mentioned this pull request Aug 1, 2022
Open
@nmerget nmerget merged commit 9f7bbc2 into main Aug 1, 2022
@nmerget nmerget deleted the test-trufflehog branch August 1, 2022 12:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mfranzke mfranzke mfranzke approved these changes

@dkolba dkolba Awaiting requested review from dkolba dkolba is a code owner

Assignees
No one assigned
Labels
cicd Changes inside .github folder repo
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@nmerget @mfranzke