Skip to content

AST-120196-Enable/disable commit history scanning #1357

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

AST-120196-Enable/disable commit history scanning #1357

wants to merge 10 commits into from
+560 −39

Conversation

@cx-rui-oliveira
Copy link
Collaborator

@cx-rui-oliveira cx-rui-oliveira commented Nov 19, 2025
edited by atlassian bot
Loading

Description

This PR adds support for enabling/disabling Git commit history scanning in Secret Detection scans through a new CLI flag --git-commit-history. This enhancement allows users to explicitly enable scanning of the full Git commit history to detect secrets that may have been committed in the past, even if they've been removed from the current working tree.

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update

Related Issues

Ticket: AST-120196

Checklist

  • I have performed a self-review of my code
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)
  • Any dependent changes have been merged and published in downstream modules
  • I have updated the CLI help for new/changed functionality in this PR (if applicable)
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used

Screenshots (if applicable)

  • N/A.

Additional Notes

  • N/A.

@cx-rui-oliveira cx-rui-oliveira force-pushed the AST-120196-cli-enable-disable-commit-history-scanning branch from 30b19de to 00789f3 Compare November 19, 2025 15:34
@github-actions
Copy link

github-actions bot commented Nov 19, 2025
edited
Loading

Logo
Checkmarx One – Scan Summary & Details17dbe526-85a0-409b-8b06-35bed915c1bf

Great job! No new security vulnerabilities introduced in this pull request

cx-diogo-rocha
cx-diogo-rocha previously approved these changes Nov 19, 2025
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cx-diogo-rocha cx-diogo-rocha cx-diogo-rocha left review comments

@cx-anurag-dalke cx-anurag-dalke Awaiting requested review from cx-anurag-dalke cx-anurag-dalke is a code owner

@cx-anjali-deore cx-anjali-deore Awaiting requested review from cx-anjali-deore cx-anjali-deore is a code owner

@cx-umesh-waghode cx-umesh-waghode Awaiting requested review from cx-umesh-waghode cx-umesh-waghode is a code owner

@cx-plugins-releases cx-plugins-releases Awaiting requested review from cx-plugins-releases

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cx-rui-oliveira @cx-diogo-rocha