Merge pull request #61 from matter-labs/secrets_monitoring

chore(security): add workflow for leaked secrets monitoring
matter-labs · Feb 21, 2023 · 4843f85 · 4843f85
2 parents bc50d98 + 750df06
commit 4843f85
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/.github/workflows/secrets_scanner.yaml b/.github/workflows/secrets_scanner.yaml
@@ -0,0 +1,17 @@
+name: Leaked Secrets Scan
+on: [pull_request]
+jobs:
+  TruffleHog:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3
+        with:
+          fetch-depth: 0
+      - name: TruffleHog OSS
+        uses: trufflesecurity/trufflehog@0c66d30c1f4075cee1aada2e1ab46dabb1b0071a
+        with:
+          path: ./
+          base: ${{ github.event.repository.default_branch }}
+          head: HEAD
+          extra_args: --debug --only-verified