morwn
commented
2 years ago Hi @Dentrax, Could you please elaborate on the motivation and the expected behaviors? Just to mention that most of the checks require API data fetching.
Open Dentrax opened 2 years ago
morwn
commented
2 years ago Hi @Dentrax, Could you please elaborate on the motivation and the expected behaviors? Just to mention that most of the checks require API data fetching.
codykenb
commented
2 years ago If you have a git repo checked out locally to disk, can you scan that repo locally? ( without connecting to a git server.. )
Dentrax
commented
2 years ago Sorry for the lack of detail - I was rushing up to something, so I didn't have time to explain the details. 🙏
Imagine how official $ gh tool works. I can easily play with gh without passing additional --repository-url <REPOSITORY_URL> --access-token <TOKEN> flags. It somehow automatically recognize the URL and gets the token from ~/.config/gh/hosts.yml file.
My idea is here to implement similar UX (auth parameterless) to scan remote repository. It's not about the "scanning repo locally".
krol3
commented
2 years ago @Dentrax you're suggesting to improve the experience to support the gihub config ~/.config/gh/hosts.yml of the tool "gh" , is another use case of your proposal ? or is only an improvement to gh?
For example:
I think currently passing
--repository-urlis a must.