Gerrit

enterprise feature this feature is only available with trufflehog enterprise contact us to learn more source integration to gerrit , the code review tool configuration trufflehog will only scan what you have access to web configuration you can configure this integration via the web ui through the integrations tab or you can use a local configuration file as outlined below local configuration if you omit providing projects then all code projects that the credential can list and access will be scanned basic auth sources \ connection '@type' type googleapis com/sources gerrit endpoint https //gerrit example com basicauth password xxxxxxxxxxxxxxxxxxxxxxxxxx username scanner account name gerrit scanperiod 12h type source type gerrit verify true unauthenticated sources \ connection '@type' type googleapis com/sources gerrit endpoint https //gerrit example com unauthenticated {} name gerrit scanperiod 12h type source type gerrit verify true options key description required endpoint the url endpoint for the gerrit service yes projects the list of projects to scan omit to enumerate instead no skipbinaries if set to true , binary files will be skipped no skiparchives if set to true , binary files will be skipped no capabilities feature supported history ✅ scan archive files ✅ scan base64 encoded ✅ scan binaries ✅ exclude filter ✅ auto resume ✅ notes does not scan diffs > 1 gb