We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent a26b614 commit 2ccddeaCopy full SHA for 2ccddea
1 file changed
.github/workflows/security-audit.yml
@@ -32,12 +32,15 @@ jobs:
32
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
33
with:
34
fetch-depth: 0
35
- - uses: trufflesecurity/trufflehog@47e7b7cd74f578e1e3145d48f669f22fd1330ca6 # v3.94.3
36
- with:
37
- path: ./
38
- base: ${{ github.event.repository.default_branch }}
39
- head: HEAD
40
- extra_args: --results=verified,unknown
+ - name: TruffleHog scan
+ run: |
+ docker run --rm -v "$GITHUB_WORKSPACE:/tmp" -w /tmp \
+ ghcr.io/trufflesecurity/trufflehog:latest \
+ git file:///tmp/ \
+ --only-verified \
41
+ --fail \
42
+ --no-update \
43
+ --github-actions
44
45
semgrep:
46
name: Semgrep (SAST)
0 commit comments