The highest tagged major version is
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func SSHAuth ¶
func SSHAuth(opts Options) (*ssh.PublicKeys, error)
SSHAuth tried to generate ssh public keys based on what was passed via cli. If no path was passed via cli then this will attempt to retrieve keys from the default location for ssh keys, $HOME/.ssh/id_rsa. This function is only called if the repo url using the ssh:// protocol or scp-like syntax.
Types ¶
type Options ¶
type Options struct {
Verbose bool `short:"v" long:"verbose" description:"Show verbose output from scan"`
Quiet bool `short:"q" long:"quiet" description:"Sets log level to error and only output leaks, one json object per line"`
RepoURL string `short:"r" long:"repo-url" description:"Repository URL"`
Path string `short:"p" long:"path" description:"Path to directory (repo if contains .git) or file"`
ConfigPath string `short:"c" long:"config-path" description:"Path to config"`
RepoConfigPath string `long:"repo-config-path" description:"Path to gitleaks config relative to repo root"`
ClonePath string `long:"clone-path" description:"Path to clone repo to disk"`
Version bool `long:"version" description:"Version number"`
Username string `long:"username" description:"Username for git repo"`
Password string `long:"password" description:"Password for git repo"`
AccessToken string `long:"access-token" description:"Access token for git repo"`
Threads int `long:"threads" description:"Maximum number of threads gitleaks spawns"`
SSH string `long:"ssh-key" description:"Path to ssh key used for auth"`
Unstaged bool `long:"unstaged" description:"Run gitleaks on unstaged code"`
Branch string `long:"branch" description:"Branch to scan"`
Redact bool `long:"redact" description:"Redact secrets from log messages and leaks"`
Debug bool `long:"debug" description:"Log debug messages"`
NoGit bool `long:"no-git" description:"Treat git repos as plain directories and scan those files"`
CodeOnLeak int `long:"leaks-exit-code" default:"1" description:"Exit code when leaks have been encountered"`
AppendRepoConfig bool `long:"append-repo-config" description:"Append the provided or default config with the repo config."`
AdditionalConfig string `` /* 186-byte string literal not displayed */
// Report Options
Report string `short:"o" long:"report" description:"Report output path"`
ReportFormat string `short:"f" long:"format" default:"json" description:"json, csv, sarif"`
// Commit Options
FilesAtCommit string `long:"files-at-commit" description:"Sha of commit to scan all files at commit"`
Commit string `long:"commit" description:"Sha of commit to scan or \"latest\" to scan the last commit of the repository"`
Commits string `long:"commits" description:"Comma separated list of a commits to scan"`
CommitsFile string `long:"commits-file" description:"Path to file of line separated list of commits to scan"`
CommitFrom string `long:"commit-from" description:"Commit to start scan from"`
CommitTo string `long:"commit-to" description:"Commit to stop scan"`
CommitSince string `` /* 135-byte string literal not displayed */
CommitUntil string `` /* 129-byte string literal not displayed */
Depth int `long:"depth" description:"Number of commits to scan"`
}
Options stores values of command line options
func ParseOptions ¶
ParseOptions is responsible for parsing options passed in by cli. An Options struct is returned if successful. This struct is passed around the program and will determine how the program executes. If err, an err message or help message will be displayed and the program will exit with code 0.
func (Options) CheckUncommitted ¶
CheckUncommitted returns a boolean that indicates whether or not gitleaks should check unstaged pre-commit changes or if gitleaks should check the entire git history
func (Options) CloneOptions ¶
CloneOptions returns a git.cloneOptions pointer. The authentication method is determined by what is passed in via command-Line options. If No Username/PW or AccessToken is available and the repo target is not using the git protocol then the repo must be a available via no auth.
Source Files