Filter scans to only public repositories

CameronLonsdale commented 1 year ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

There is already code which checks the visibility of the repository https://github.com/trufflesecurity/trufflehog/blob/b48ac24c464d954cb4ffc444ab069ec2fd179f29/pkg/sources/github/github.go#L259, it would be great if we could use this value to filter scans.

One use case is for public repo monitoring for an organization on GitHub. We'd still like to use a user token to have a higher rate limit, but for speed, we should be able to ignore all internal repos and only scan those which are public.

Problem to be Addressed

A fast scan just for public repositories belonging to an organization

Description of the Preferred Solution

inside of the GitHub sub command perhaps a flag like --visibility=public with other values where useful.

Coruscant11 commented 1 year ago

Hello. I would like to work on this issue for my first contribution on trufflehog :smile: I will keep you updated

CameronLonsdale commented 1 month ago

Still very keen for this feature. I think it would be great to specify --org <my-org> --include-members --visibility public so you could scan your org's public repos & all public repos/gists for members of that org.

trufflesecurity / trufflehog