-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add trufflehog to scan secrets #59
Conversation
@nmerget What about scanning on pre-commit (additionally), as we might want to prevent any checkin of secrets prior to the commit itself? |
Do you have a suggestion? We should use a npm package for local pre-commit |
what about using the same software on the localhosts? https://github.com/trufflesecurity/truffleHog#installation |
All npm scanners are pretty old. Otherwise we would need docker to run some go/python scanner :( |
brew installation sounded feasible to me … at least for the Mac users … https://github.com/trufflesecurity/truffleHog#5-brew |
I think this is not a solution. We should use only npm packages or bash inside pre-commit... |
� Conflicts: � package.json
No description provided.