Git history Scanner
You can now execute Talisman from CLI, and potentially add it to your CI/CD pipelines, to scan git history of your repository to find any sensitive content. This includes scanning of the files listed in the .talismanrc file as well.
Steps:
- Get into the git directory path to be scanned
cd <directory to scan>
- Run the scan command
talisman --scan
- Running this command will create a folder named talisman_reports in the root of the current directory and store the report files there.
- You can also specify the location for reports by providing an additional parameter as –reportDirectory or –rd
For example,talisman --scan --reportdirectory=/Users/username/Desktop
You can use the other options to scan as given above.
Talisman currently does not support ignoring of files for scanning.
HTML Reporting
Talisman CLI tool talisman
also comes with the capability to provide detailed and sharable HTML report. Once you have installed Talisman, please follow the steps mentioned in talisman-html-report, to install the reporting package in .talisman
folder. To generate the html report, run:
talisman --scanWithHtml
This will scan the repository and create a folder talisman_html_report
under the the scanned repository. We need to start an HTTP server inside this repository to access the report.Below is a recommended approach to start a HTTP server:
python -m SimpleHTTPServer <port> (eg: 8000)
You can now access the report by navigating to:
http://localhost:8000
Sample Screenshots
- Welcome
- Summary
- Detailed Report
- Error Report
Note: You don’t have to start a server if you are running Talisman in CI or any other hosted environment