search

newrelic / rusty-hog

A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in Python.
Apache License 2.0
443 stars 58 forks source link

Scan GitHub and GitHub Enterprise comments #42

Open NolanT opened 2 years ago

NolanT commented 2 years ago

Summary

Scan GitHub and GitHub Enterprise PR comments for secrets

Additional context

Users or bots (Terraform Atlantis) may inadvertently commit secrets in the comments of a Pull Request

Spencer-Doak commented 1 year ago

I would second this request. I plan to test out Rusty Hog soon for scanning a GitHub Enterprise server's repos. Most definitely secrets could be shared in comments, just as easily as they could be committed within code.