TruffleHog

TruffleHog is a secret scanner with verification capabilities that can detect and verify secrets in code. CodeRabbit runs TruffleHog version 3.95.3 in filesystem mode with a repository-supplied config file.

​

Files

TruffleHog scans changed pull request files when a supported TruffleHog config file is present. CodeRabbit does not restrict TruffleHog to specific file extensions.

​

Configuration

TruffleHog requires a config file in the repository. CodeRabbit allows the following to be used:

• trufflehog-config.yml
• trufflehog-config.yaml
• trufflehog.yml
• trufflehog.yaml
• .trufflehog.yml
• .trufflehog.yaml

If none of these are found, TruffleHog is skipped for the run.

​

Links

• TruffleHog GitHub
• TruffleHog Documentation