The tool is great! It would be greater if the tool can perform secret scans on Postman public repos

GitGuardian / ggshield

Find and fix 400+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

https://gitguardian.com

MIT License

1.62k stars 143 forks source link

The tool is great! It would be greater if the tool can perform secret scans on Postman public repos #935

Open nth347 opened 1 month ago

nth347 commented 1 month ago

Secrets leaked on Postman public repos are increasing these days, so if the tool can perform secret scans on public repos of the platform, it would be very nice.

mathieubellon commented 1 month ago

Hi @nth347, thanks for your feedback. We are having some debates over a certain design and if you don't mind, I have a quick question

Would you prefer a source scanning feature to be:

Option A: CLI level only, I will not use the GitGuardian dashboard, I prefer the flexibility of a CLI and will configure my workflows/cron as I wish

Option B: At the CLI level AND at the SaaS level: The CLI is useful for occasional checks but I want the GitGuardian platform to handle scheduled checks for me.

nth347 commented 1 month ago

Hi @mathieubellon, I believe option B is better. Those who want a beautiful dashboard can use the GitGuardian platform, while those who prefer flexible and customizable workflows and cron jobs can still do so with CLI level.

mathieubellon commented 1 month ago

Clear, thanks for your feedback !