Is your feature request related to a problem? Please describe.
I want to be able to block PRs until new secrets are either marked as false-positive, or purged from the git history. I think it's unlikely that we'll be able to get every dev to install this hook in every repo, and to install the utility locally. They're honestly likely to just up the usage of --no-verify.
Describe the solution you'd like
I'd like to have an officially supported Github Action that will provide feedback on what secrets are potentially present, and to generate failing checks until the secret is marked as safe, or removed from the git history of the branch
Describe alternatives you've considered
There are some third-party actions built on Talisman, but I'm wary of using them because they're not implemented by thoughtworks. I'd feel more at ease using actions that have your blessing and backing.
If we were running GH Enterprise Server, I'd have installed Talisman as a hook serverside, but that's not the case.
Is your feature request related to a problem? Please describe. I want to be able to block PRs until new secrets are either marked as false-positive, or purged from the git history. I think it's unlikely that we'll be able to get every dev to install this hook in every repo, and to install the utility locally. They're honestly likely to just up the usage of
--no-verify.Describe the solution you'd like I'd like to have an officially supported Github Action that will provide feedback on what secrets are potentially present, and to generate failing checks until the secret is marked as safe, or removed from the git history of the branch
Describe alternatives you've considered There are some third-party actions built on Talisman, but I'm wary of using them because they're not implemented by thoughtworks. I'd feel more at ease using actions that have your blessing and backing.
If we were running GH Enterprise Server, I'd have installed Talisman as a hook serverside, but that's not the case.