Skip to content

Add trufflehog scanner for npm package before publish #1622

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
fisehara wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add trufflehog scanner for npm package before publish #1622

fisehara wants to merge 2 commits into from

Conversation

@fisehara
Copy link
Contributor

@fisehara fisehara commented Nov 14, 2025

@fisehara fisehara force-pushed the fisehara/scan-npm-pack-with-trufflehog branch from cad5b8a to 63db736 Compare November 14, 2025 09:20
@flowzone-app
Copy link
Contributor

flowzone-app bot commented Nov 14, 2025
edited
Loading

Website deployed to CF Pages, 👀 preview link https://1285640e.flowzone.pages.dev

@flowzone-app flowzone-app bot enabled auto-merge November 14, 2025 09:25
@fisehara fisehara force-pushed the fisehara/scan-npm-pack-with-trufflehog branch from 63db736 to 7452ee7 Compare November 14, 2025 09:53
@fisehara fisehara force-pushed the fisehara/scan-npm-pack-with-trufflehog branch from 7452ee7 to cb9379e Compare November 14, 2025 10:56
klutchell
klutchell reviewed Nov 14, 2025
View reviewed changes
flowzone.yml Outdated

env:
# renovate: datasource=github-releases depName=trufflesecurity/trufflehog
TRUFFLEHOG_VERSION: "3.91.0"
Copy link
Contributor

@klutchell klutchell Nov 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Move these envs from the job to the step, as we shouldn't use global envs unless required for multiple steps.

Copy link
Contributor Author

@fisehara fisehara Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

@fisehara fisehara force-pushed the fisehara/scan-npm-pack-with-trufflehog branch from cabe805 to 67e7c41 Compare November 20, 2025 08:57
@fisehara fisehara force-pushed the fisehara/scan-npm-pack-with-trufflehog branch from 67e7c41 to 8f9626e Compare November 20, 2025 08:59
@fisehara fisehara requested a review from klutchell November 20, 2025 08:59
klutchell
klutchell reviewed Dec 1, 2025
View reviewed changes
Copy link
Contributor

@klutchell klutchell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we know how to exclude npm test fixture directories to avoid the issues we saw with the docker scanning?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@klutchell klutchell klutchell left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fisehara @klutchell