tartufo
tartufo copied to clipboard
Add support for LFS files
Feature Request
Is your feature request related to a problem? Please describe.
Tartufo will currently flag all LFS files based on the SHA256 object id contained in the LFS pointer files rather than looking at the actual file contents. Unfortunately this means we need to add blanket rules to ignore all LFS files regardless of the contents which removes any safeguards Tartufo provides for these files.
Describe the solution you'd like
Ideally Tartufo would be able to follow the pointer file and scan the actual LFS file contents for secrets.