secret-scanning

Detect leaked secrets in source code

Synopsis

Scan a repository or directory for accidentally committed secrets and produce a SARIF report.

This command runs the configured secret-scanning tool (gitleaks) and uploads the SARIF results to DevGuard for analysis and issue creation. The command signs the request using the configured token before uploading the SARIF results.

You may pass the target as the first positional argument instead of using --path.

Examples

Options

Options inherited from parent commands

Have feedback? We want to hear from you!

Fields marked with * are required