Link Search Menu Expand Document
Talisman

Git history Scanner

You can now execute Talisman from CLI, and potentially add it to your CI/CD pipelines, to scan git history of your repository to find any sensitive content. This includes scanning of the files listed in the .talismanrc file as well.

Steps:

  1. Get into the git directory path to be scanned cd <directory to scan>
  2. Run the scan command talisman --scan
    • Running this command will create a folder named talisman_reports in the root of the current directory and store the report files there.
    • You can also specify the location for reports by providing an additional parameter as –reportDirectory or –rd
      For example, talisman --scan --reportdirectory=/Users/username/Desktop

You can use the other options to scan as given above.

Talisman currently does not support ignoring of files for scanning.

HTML Reporting

Powered by

Talisman CLI tool talisman also comes with the capability to provide detailed and sharable HTML report. Once you have installed Talisman, please follow the steps mentioned in talisman-html-report, to install the reporting package in .talisman folder. To generate the html report, run:

  • talisman --scanWithHtml

This will scan the repository and create a folder talisman_html_report under the the scanned repository. We need to start an HTTP server inside this repository to access the report.Below is a recommended approach to start a HTTP server:

  • python -m SimpleHTTPServer <port> (eg: 8000)

You can now access the report by navigating to:

http://localhost:8000

Sample Screenshots

  • Welcome

  • Summary

  • Detailed Report

  • Error Report

Note: You don’t have to start a server if you are running Talisman in CI or any other hosted environment

© 2015-2020 ThoughtWorks, Inc.