secret-bridge
secret-bridge copied to clipboard
duo-labs
Monitors Github for leaked secrets
**Description** Within the docker image for secret-bridge, one of the commands is to install the python requirements from requirement.txt. One of the required packages is version `1.43.8` of `PyGithub`. It...
hello in writing the access token do we just paste our github token plainly as it is as indicated in the picture below or what did you mean by place...
error
$ python3 main.py poll INFO:root:Setting up detector: detect-secrets INFO:root:Setting up detector: git-secrets INFO:root:Setting up detector: trufflehog INFO:root:Setting up notifier: slack_webhook INFO:root:Setting up notifier: console INFO:root:Monitoring user: Auz Traceback (most recent...
Hi Team, While Running it via Docker command: > sudo docker run -ti -v $(pwd)/config.toml:/usr/src/app/config.toml --rm -e GITHUB_WATCHER_TOKEN=XXXXXXXXXXXXXXXXXXX -p 5000:5000 duolabs/secret-bridge webhook > `INFO:werkzeug: * Running on http://0.0.0.0:5000/ (Press CTRL+C...
this patch allows for the pulling of repositories available under the scope of the token's user by modifying the `git clone` request to include the provided access token as basic...
Hey this is more of a general question...but is there a way to do file exclusion with secret-bridge? I want to exclude certain files that are prone to false positives...
While running this in Docker ``` docker run -ti --rm -e GITHUB_WATCHER_TOKEN=your_access_token duolabs/secret-bridge poll ``` I get prompted every time GitHub does a "pull" ``` INFO:root:Cloning repository ORG/REPO into /tmp/tmpglfe5wn9repo...
Bumps [jinja2](https://github.com/pallets/jinja) from 2.11.3 to 3.1.3. Release notes Sourced from jinja2's releases. 3.1.3 This is a fix release for the 3.1.x feature branch. Fix for GHSA-h5c8-rqwp-cp95. You are affected if...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [idna](https://github.com/kjd/idna) from 2.8 to 3.7. Release notes Sourced from idna's releases. v3.7 What's Changed Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time...
Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.7.22 to 2024.7.4. Commits bd81538 2024.07.04 (#295) 06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294) 13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293) e8abcd0 Bump pypa/gh-action-pypi-publish from...