Open NolanT opened 2 years ago
I would second this request. I plan to test out Rusty Hog soon for scanning a GitHub Enterprise server's repos. Most definitely secrets could be shared in comments, just as easily as they could be committed within code.
Summary
Scan GitHub and GitHub Enterprise PR comments for secrets
Additional context
Users or bots (Terraform Atlantis) may inadvertently commit secrets in the comments of a Pull Request