Filter scans to only public repositories

[CameronLonsdale]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

There is already code which checks the visibility of the repository

trufflehog/pkg/sources/github/github.go

Line 259 in b48ac24

func (s *Source) visibilityOf(ctx context.Context, repoURL string) (visibility source_metadatapb.Visibility) {

, it would be great if we could use this value to filter scans.

One use case is for public repo monitoring for an organization on GitHub. We'd still like to use a user token to have a higher rate limit, but for speed, we should be able to ignore all internal repos and only scan those which are public.

Problem to be Addressed

A fast scan just for public repositories belonging to an organization

Description of the Preferred Solution

inside of the GitHub sub command perhaps a flag like --visibility=public with other values where useful.

[Coruscant11]

Hello. I would like to work on this issue for my first contribution on trufflehog 😄
I will keep you updated

[CameronLonsdale]

Still very keen for this feature. I think it would be great to specify --org <my-org> --include-members --visibility public so you could scan your org's public repos & all public repos/gists for members of that org.