Document how to greenlight trufflehog exception
The CHT Security team needs documentation on how to handle truffleHog failures. At the moment we have two ways of dealing with them, to whitelist a finding, or remove it from Git history using git-filter-repo. git-filter-repo has a couple of options when dealing with a finding as well. All of these cases need to be documented.
Cases
- Whitelisting
- When to use
skip_paths - When to use
skip_stings
- Removing finding from Git history
- How to remove a file from history
- How to remove a string or matched pattern from history, and replacement options
- Any other missing cases
Edited by David Freeman