You can now execute Talisman from CLI, and potentially add it to your CI/CD pipelines, to scan git history of your repository to find any sensitive content. This includes scanning of the files listed in the .talismanrc file as well.
- Get into the git directory path to be scanned
cd <directory to scan>
- Run the scan command
- Running this command will create a folder named talisman_reports in the root of the current directory and store the report files there.
- You can also specify the location for reports by providing an additional parameter as –reportDirectory or –rd
talisman --scan --reportdirectory=/Users/username/Desktop
You can use the other options to scan as given above.
Talisman currently does not support ignoring of files for scanning.
Talisman CLI tool
talisman also comes with the capability to provide detailed and sharable HTML report. Once you have installed Talisman, please follow the steps mentioned in talisman-html-report, to install the reporting package in
.talisman folder. To generate the html report, run:
This will scan the repository and create a folder
talisman_html_report under the the scanned repository. We need to start an HTTP server inside this repository to access the report.Below is a recommended approach to start a HTTP server:
python -m SimpleHTTPServer <port> (eg: 8000)
You can now access the report by navigating to:
- Detailed Report
- Error Report
Note: You don’t have to start a server if you are running Talisman in CI or any other hosted environment