trufflehog icon indicating copy to clipboard operation
trufflehog copied to clipboard

Published 20 hours ago verified publisher icon trufflesecurity

Scanning personal gist(s?) when specific repo supplied

Open xplo8 opened this issue 3 years ago • 0 comments

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

TruffleHog Version

trufflehog 3.6.1

Trace Output

Ran the following command (obfuscating repo name) docker run -it -v "$PWD:/pwd" trufflesecurity/trufflehog:latest github --repo https://github.com/$org/$repo --only-verified --debug --token=$GH_TOKEN

Expected Behavior

I expected it only to scan the specified repo

Actual Behavior

It scanned my personal gist (the only one tied to my username) AND the specified repo

Additional Context (Debug flag output)

DEBU[0000] running version 3.6.1
2022/06/08 21:17:32 [updater parent] run 2022/06/08 21:17:32 [updater parent] checking for updates... 2022/06/08 21:17:32 [updater parent] failed to get latest version: already up to date 2022/06/08 21:17:32 [updater parent] starting /usr/bin/trufflehog DEBU[0000] running version 3.6.1
2022/06/08 21:17:32 [updater child#1] run 2022/06/08 21:17:32 [updater child#1] start program trufflehog 3.6.1 DEBU[0000] running with up to 6 workers
DEBU[0000] loaded 2 decoders
DEBU[0000] loaded 695 detectors total, 695 with verification enabled. 0 with verification disabled INFO[0000] starting pprof and fgprof server on :18066 /debug/pprof and /debug/fgprof 🐷🔑🐷 TruffleHog. Unearth your secrets. 🐷🔑🐷

DEBU[0000] Found 2 total repos to scan
DEBU[0000] attempting to clone repo 2/2 name="trufflehog - github" repo="https://gist.github.com/ad2e8{obfuscated..}.git" source=SOURCE_TYPE_GITHUB DEBU[0000] attempting to clone repo 1/2 name="trufflehog - github" repo="https://github.com/{obfuscated...}.git" source=SOURCE_TYPE_GITHUB 2022/06/08 21:17:33 [updater parent] checking for updates... {"level":"debug","time":"2022-06-08T21:17:33Z","message":"executing: /usr/bin/git -C /tmp/trufflehog2056972441 log -p -U0 --full-history --all"} DEBU[0001] Scanning complete. Scan time: 0.054571
DEBU[0001] scanned 1/2 repos
{"level":"debug","time":"2022

Environment

  • Docker on MacOS

xplo8 avatar Jun 08 '22 21:06 xplo8