Skip to content

--since-commit does not include initial commit #4063

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
vacuumn opened this issue Apr 16, 2025 · 3 comments
Open

--since-commit does not include initial commit #4063

vacuumn opened this issue Apr 16, 2025 · 3 comments
Labels
bug

Comments

@vacuumn
Copy link

vacuumn commented Apr 16, 2025
edited
Loading

TruffleHog Version

trufflehog 3.79

Trace Output

mkdir test
cd test
echo "super-secret" > secret.file
git init
git add .
git commit -m "initial"
git log

-- get the commit hash, lets assume its is xxxxxxxxxxxx
trufflehog git file://. --since-commit xxxxxxxxxxxx --branch HEAD --trace
 

{"level":"info-2","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"trufflehog 3.79"}
{"level":"info-3","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"engine started","workers":1}
{"level":"info-4","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"default engine options set"}
{"level":"info-4","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"engine initialized"}
{"level":"info-4","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"setting up aho-corasick core"}
{"level":"info-4","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"set up aho-corasick core"}
{"level":"info-2","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"starting scanner workers","count":1}
{"level":"info-2","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"starting detector workers","count":50}
{"level":"info-2","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"starting verificationOverlap workers","count":1}
{"level":"info-2","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"starting notifier workers","count":1}
{"level":"info-1","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"cloned repo","path":"."}
{"level":"info-0","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"running source","source_manager_worker_id":"dwfKC","with_units":true}
{"level":"info-2","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"enumerating source","source_manager_worker_id":"dwfKC"}
{"level":"info-3","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"chunking unit","source_manager_worker_id":"dwfKC","unit":".","unit_kind":"dir"}
{"level":"info-0","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"scanning repo","source_manager_worker_id":"dwfKC","unit":".","unit_kind":"dir","repo":".","base":"aadae5477af5464839ff93f7b0ab44ea71cb29f4","head":"aadae5477af5464839ff93f7b0ab44ea71cb29f4"}
{"level":"info-1","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"reached base commit","source_manager_worker_id":"dwfKC","unit":".","unit_kind":"dir","repo":".","commit":"aadae5477af5464839ff93f7b0ab44ea71cb29f4"}
{"level":"info-2","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"finished parsing git log.","source_manager_worker_id":"dwfKC","unit":".","unit_kind":"dir","repo":".","total_log_size":0}
{"level":"info-1","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"scanning staged changes","source_manager_worker_id":"dwfKC","unit":".","unit_kind":"dir","path":".","base":"aadae5477af5464839ff93f7b0ab44ea71cb29f4","head":"aadae5477af5464839ff93f7b0ab44ea71cb29f4"}
{"level":"info-2","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"finished parsing git log.","source_manager_worker_id":"dwfKC","unit":".","unit_kind":"dir","total_log_size":0}
{"level":"info-1","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"scanning git repo complete","source_manager_worker_id":"dwfKC","unit":".","unit_kind":"dir","repo":"Could not get remote for repo","path":".","time_seconds":0,"commits_scanned":0}
{"level":"info-4","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"finished scanning chunks","scanner_worker_id":"crNzL"}
{"level":"info-0","ts":"2025-04-16T15:24:07-07:00","logger":"trufflehog","msg":"finished scanning","chunks":0,"bytes":0,"verified_secrets":0,"unverified_secrets":0,"scan_duration":"34.203417ms","trufflehog_version":"3.79"}

Expected Behavior

TH finds super-secret in secret.file

Actual Behavior

No findings

Steps to Reproduce

See steps above

Environment

  • OS: MacOS
  • Version 15.3.2

Additional Context
@vacuumn vacuumn added the bug label Apr 16, 2025
@zricethezav
Copy link
Collaborator

@vacuumn

-- get the commit hash, lets assume its is xxxxxxxxxxxx
trufflehog git file://. --since-commit xxxxxxxxxxxx --branch HEAD --trace

What would be the purpose of this? --since-commit implicitly suggests that you don't want to include the initial commit otherwise you wouldn't be using --since-commit.

@vacuumn
Copy link
Author

vacuumn commented Apr 21, 2025

@vacuumn

-- get the commit hash, lets assume its is xxxxxxxxxxxx
trufflehog git file://. --since-commit xxxxxxxxxxxx --branch HEAD --trace

What would be the purpose of this? --since-commit implicitly suggests that you don't want to include the initial commit otherwise you wouldn't be using --since-commit.

To specify the commit to scan.

@zricethezav
Copy link
Collaborator

To specify the commit to scan.

Well that totally makes sense. We should for sure let users do that. Might be time to introduce some sort of --log-opts system like in gitleaks https://github.com/gitleaks/gitleaks/blob/9bc725786d1874bf7d468e492c6e150f49739e1e/cmd/git.go#L20

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vacuumn @zricethezav