Add gitleaks secret scanning for SOC2/HIPAA compliance (#10)

Adityav369 · Security Automation · web-flow · commit bfb8fef15299 · 2025-11-14T13:31:44.000-08:00
Co-authored-by: Security Automation &lt;security@morphik.org&gt;
diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml
@@ -0,0 +1,13 @@
+name: gitleaks
+on: [pull_request, push, workflow_dispatch]
+jobs:
+  scan:
+    name: gitleaks
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: gitleaks/gitleaks-action@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
