Create a GitHub workflow called security.yml that scans for secrets that have been committed in the repository using TruffleHog. It should run against every push to master and on every pull request.
Problem You're Trying to Solve
Developers don't always view their diffs before pushing, so lets ensure that when (not if) they push secrets, we are immediately notified
Feature Description
Create a GitHub workflow called
security.yml
that scans for secrets that have been committed in the repository using TruffleHog. It should run against every push to master and on every pull request.Problem You're Trying to Solve
Developers don't always view their diffs before pushing, so lets ensure that when (not if) they push secrets, we are immediately notified