SAST tool used to check leaks from your repositories
You must install the tools:
$> apt install python3-pip
$> cd sast-git-leaks
$> pip3 install -r requirements.txt$> brew install python3
$> cd sast-git-leaks
$> pip3 install -r requirements.txt$> git clone https://github.com/orgs/leboncoin/sast-git-leaks --branch master --depth 1
$> cd sast-git-leaks
$> pip3 install -r requirements.txt
$> python3 sast_git_leaks.py -r <repo_name> -o <report_path.json> -t <tools,to,use,default,all>
$> cat <report_path.json> | jq$> python3 sast_git_leaks.py --help
usage: sast_git_leaks.py [-h] -r REPO -o OUTPUT [-t TOOLS]
optional arguments:
-h, --help show this help message and exit
-r REPO, --repo REPO name of the repo to scan
-o OUTPUT, --output OUTPUT
name of the json report
-t TOOLS, --tools TOOLS
tools to use (gitleaks,shhgit)Link: https://github.com/zricethezav/gitleaks
Link: https://github.com/eth0izzle/shhgit
Licensed under the Apache License, Version 2.0 (the "License").
Copyright 2020 Leboncoin