Closed sven-dmlr closed 2 months ago
The SecHub client per default add only source code files. See explanation in #3078
Many secrets scanners are able to scan the scm history (e.g. .git folder) in order to find secrets that were checked in once.
.git
A client option -addScmHistory / environment variable SECHUB_ADD_SCM_HISTORY so the .git folder is being uploaded to the SecHub server for scanning.
-addScmHistory
Situation
The SecHub client per default add only source code files. See explanation in #3078
Many secrets scanners are able to scan the scm history (e.g.
.gitfolder) in order to find secrets that were checked in once.Wanted
A client option
-addScmHistory/ environment variable SECHUB_ADD_SCM_HISTORY so the.gitfolder is being uploaded to the SecHub server for scanning.