Bitbucket

enterprise feature this feature is only available with trufflehog enterprise contact us to learn more {{source}} to bitbucket configuration options web configuration you can configure this integration via the web ui through the integrations tab or you can use a local configuration file as outlined below local configuration bitbucket cloud with pat sources \ connection '@type' type googleapis com/sources bitbucket endpoint https //bitbucket org/myworkspace ignorerepos \ https //bitbucket ourbusiness com/linux kernel/ignore git \ https //bitbucket ourbusiness com/torvalds/ignore2 git skipbinaries true \# bitbucket provides three types of access tokens \# we recommend using the “workspace access token” \# as it provides access to all projects and repositories token atcttxxxxxxxxxxxxxxxxxxxxxxxxxxxxx name bitbucket cloud token auth scanperiod 12h type source type bitbucket verify true bitbucket cloud with basic auth sources \ connection '@type' type googleapis com/sources bitbucket basicauth \# the password needs to be a bitbucket generated app password \# the password must have read access for both the \# account and repositories tokens cannot be used \# in place of the password for bitbucket cloud password xxxxxxxxxxxxxxxxxxxxxxxxxx username scanner account endpoint https //bitbucket org/myworkspace ignorerepos \ https //bitbucket ourbusiness com/linux kernel/ignore git \ https //bitbucket ourbusiness com/torvalds/ignore2 git skipbinaries true name bitbucket cloud basic auth scanperiod 12h type source type bitbucket verify true bitbucket server/datacenter with basic auth sources \ connection '@type' type googleapis com/sources bitbucket endpoint https //bitbucket ourbusiness com basicauth \# for bitbucket server / datacenter you can use an \# app password or a token for authentication password xxxxxxxxxxxxxxxxxxxxxxxxxx username scanner account ignorerepos \ https //bitbucket ourbusiness com/linux kernel/ignore git \ https //bitbucket ourbusiness com/torvalds/ignore2 git name bitbucket server scanperiod 12h type source type bitbucket verify true key description required endpoint the endpoint uri for bitbucket yes if using basic auth repositories list of repositories to scan leaving it off will enumerate them instead no ignorerepos list of repositories to ignore typically used when using enumeration no skipbinaries if true, binary files will be ignored no skiparchives if true, archive files will be ignored no capabilities feature supported scan archive files ✅ scan archived repos ✅ scan base64 encoded data ✅ scan binaries ✅ exclude filter ✅ history ✅ include filter ✅ pre commit ✅ pre receive ✅ resumption ✅ notes trufflehog doesn't scan diffs larger than 1 gb