Talisman acts as as a hook (pre-commit or pre-push) to your git repository on the developer’s machine itself.
However, you can’t always guarantee that all checkins made to the git repository came through a similar validation. Which is why you might also want to run Talisman to scan your complete git history.
Here are the different ways you can use Talisman:
- Talisman as a hook : Sits on a developer’s machine to ensure secrets do not get checked-in
- Talisman as a git scanner : Run against the complete git history to find if secrets got leaked or checked in your repository
- Other utilities : Find more utilities as a CLI to calculate checksum, debug etc.
You will be able to find more details about how to configure