GitHub Scan Using GHE Endpoint and Specifying --org
Flag Scans Authenticated Users Repositories & Gists
#893
Labels
--org
Flag Scans Authenticated Users Repositories & Gists
#893
Community Note
TruffleHog Version
trufflehog 3.16.2
Trace Output
Cannot provide trace output because for security would expose the environment I am running in
Expected Behavior
When performing a
trufflehog github --endpoint="GHE_ENDPOINT" --org="ORG" --token="TOKEN" --only-verified
, I have the expectation that trufflehog is only scanning the repos in the organization specified on the command line.Actual Behavior
When performing a
trufflehog github --endpoint="GHE_ENDPOINT" --org="ORG" --token="TOKEN" --only-verified
, trufflehog appears to scan my personal repositories on GHE and it also appears to scan my gists. In scanning my gists trufflehog is getting a 404 error back from GHE indicating that the repo cannot be found despite the fact the gist does exist despite the fact I do not think there is an expectation that it be scanned.Steps to Reproduce
trufflehog github --endpoint="GHE_ENDPOINT" --org="ORG" --token="TOKEN" --only-verified
Environment
Additional Context
References
The text was updated successfully, but these errors were encountered: