Skip to content

Enable TruffleHog in pre-commit #439

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Enable TruffleHog in pre-commit #439

wants to merge 4 commits into from

Conversation

@ParagEkbote
Copy link
Contributor

@ParagEkbote ParagEkbote commented Nov 13, 2025
edited
Loading

Description

This is a follow up PR which includes files like .py or .md for scanning and have not linted any files as advised. Currently, the pre-commit hook for trufflehog fails with a package not installed warning. Since it is a golang package, I have adjusted the configuration for it to work. It currently scans src, tests and .github/workflows in order for the checks to be completed in a reasonable amount of time.

Could you please review?

cc: @davidberenstein1957

Related Issue

Fixes #(issue number)

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes

Additional Notes

cursor[bot]
cursor bot reviewed Nov 13, 2025
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comment @cursor review or bugbot run to trigger another review on this PR

@ParagEkbote
Copy link
Contributor Author

ParagEkbote commented Nov 13, 2025

@cursor review

cursor[bot]
cursor bot reviewed Nov 13, 2025
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Bugbot reviewed your changes and found no bugs!

Comment @cursor review or bugbot run to trigger another review on this PR

@ParagEkbote
Copy link
Contributor Author

ParagEkbote commented Nov 18, 2025

Gentle ping @davidberenstein1957

Could you please review?

davidberenstein1957
davidberenstein1957 reviewed Nov 26, 2025
View reviewed changes
.pre-commit-config.yaml
- id: trufflehog
name: TruffleHog Secrets Scanner
entry: trufflehog
language: golang
Copy link
Member

@davidberenstein1957 davidberenstein1957 Nov 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why are we setting this to golang?

Copy link
Contributor Author

@ParagEkbote ParagEkbote Nov 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since trufflehog is a package written in golang, we have to specify the language for the hook to run.

davidberenstein1957
davidberenstein1957 reviewed Nov 26, 2025
View reviewed changes
.pre-commit-config.yaml
name: TruffleHog Secrets Scanner
entry: trufflehog
language: golang
types_or: [python, yaml, json, text]
Copy link
Member

@davidberenstein1957 davidberenstein1957 Nov 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any reason for this specific config?

Copy link
Contributor Author

@ParagEkbote ParagEkbote Nov 26, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In types_or we define the types of program files for scanning using trufflehog. Do you think we need to define additional file types?

davidberenstein1957
davidberenstein1957 reviewed Nov 26, 2025
View reviewed changes
Copy link
Member

@davidberenstein1957 davidberenstein1957 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR :) I had 2 minor remarks.

@ParagEkbote
Copy link
Contributor Author

ParagEkbote commented Nov 28, 2025

Could you please review?

cc: @minettekaum

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@davidberenstein1957 davidberenstein1957 davidberenstein1957 approved these changes

@minettekaum minettekaum Awaiting requested review from minettekaum

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ParagEkbote @davidberenstein1957