Search Results for "detect"

...It validates the outgoing changeset for things that look suspicious - such as potential SSH keys, authorization tokens, private keys etc. Talisman can also be used as a repository history scanner to detect secrets that have already been checked in, so that you can take an informed decision to safeguard secrets. We recommend installing Talisman as a pre-commit git hook template, as that will cause Talisman to be present, not only in your existing git repositories, but also in any new repository that you 'init' or 'clone'. Installation of Talisman globally does not clobber pre-existing hooks on repositories. ...

...A syntax-only check enables extensions and unsafe constructs which would otherwise be forbidden. Using this option removes all guarantees of portability to other yaml implementations. Detect symlinks which are changed to regular files with a content of a path that that symlink was pointing to. This usually happens on Windows when a user clones a repository that has symlinks but they do not have permission to create symlinks. Limits checked files to those indicated as staged for addition by git. Check all listed files not just those staged for addition.

Automatically Commit changed Files back to GitHub with GitHub Actions for the 80% use case. A GitHub Action to detect changed files during a Workflow run and to commit and push them back to the GitHub repository. By default, the commit is made in the name of "GitHub Actions" and co-authored by the user that made the last commit. Note that the Action has to be used in a Job that runs on a UNIX system (e.g. ubuntu-latest). If you don't use the default permission of the GITHUB_TOKEN, give the Job or Workflow at least the contents: write permission. ...

...Available commands are split into two groups: those that are already present in git but that are extended through hub, and custom ones that hub provides. Most hub commands are supposed to be run in a context of an existing local git repository. Hub will automatically detect the GitHub repository that the current working directory belongs to by scanning its git remotes. In case there are multiple git remotes that are all pointing to GitHub, hub assumes that the main one is named "upstream", "github", or "origin", in that order of preference.

...Teams often deploy it as part of their developer toolchain to enforce a security guardrail: you catch leaks early rather than discovering them later. It is also often used in CI pipelines or continuous code quality checks to detect in-flight vulnerabilities. While git-secrets is not a full secrets management system, it plays a key role in defense-in-depth by preventing accidental exposure in source.