Sometimes we check secrets into Github, which we should never do. check-for-secrets will look for the following things in Git history:
- API tokens
- Passwords in URLs (e.g. database URLS)
- IP addresses
- AWS addresses
- Non-empty jupyter notebook output
- non-empty files with data (csv, zip, tar.gz)
- graphs (just checks for PNG files)
Call audit-repo <git_repository_url>, ... for checking the working directory of the repository or check other available options with audit-repo --help.
You need to install trufflehog. Also you will need at least one of the following: ugrep, ripgrep or grep.