Skip to content

Remove trufflehog scanner from secrets analyzer

What does this MR do?

We are removing trufflehog from the secrets analyzer as both scanners were doing repetitive work. This MR includes the following:

  • Removes the trufflehog package
  • Fixes integration test that missed a true positive secret
  • Replaces the scanner package with a gitleaks package
  • Adds trufflehog rules to gitleaks

What are the relevant issue numbers?

gitlab-org/gitlab#223212 (closed)

Does this MR meet the acceptance criteria?

Edited by Saikat Sarkar

Merge request reports

Loading