Description
Add a new varlock scan cli command which will scan files for plaintext secrets.
The idea here is that it could be wired up as a git hook.
Default behaviour can be to scan the current directory (and below) but we should have options. Also the default use case is to be ensuring no plaintext secrets will be committed to git, so we can ignore git-ignored files. But there is another use case to ensure nothing is in plaintext, so this can be an option.
We may also want to consider an option to scan all files, versus only scanning committed files or even just committed changes.
Motivation
No response
Proposed Solution
No response
Alternatives
No response
Additional Information
No response
Description
Add a new
varlock scancli command which will scan files for plaintext secrets.The idea here is that it could be wired up as a git hook.
Default behaviour can be to scan the current directory (and below) but we should have options. Also the default use case is to be ensuring no plaintext secrets will be committed to git, so we can ignore git-ignored files. But there is another use case to ensure nothing is in plaintext, so this can be an option.
We may also want to consider an option to scan all files, versus only scanning committed files or even just committed changes.
Motivation
No response
Proposed Solution
No response
Alternatives
No response
Additional Information
No response