GitLab
The GitLab integration scans repositories in GitLab. To scan artifacts in GitLab CI, see Scanning in CI instead.
Key | Description | Required |
---|---|---|
endpoint | The URL endpoint for the GitLab server. Defaults to GitLab cloud. | No |
repositories | List of repository names to scan in GitLab. Omit to enumerate instead. | No |
ignoreRepos | List of repository names to ignore in an organization scan. Supports globbing with *. | No |
includeRepos | List of repository names to include in an organization scan. Supports globbing with *. | No |
skipBinaries | whether to skip scanning binary files | No |
skipArchives | whether to skip scanning archive files | No |
Feature | Supported |
---|---|
Scan archive files | ✅ |
Scan archived repos | ✅ |
Scan base64 encoded data | ✅ |
Scan binaries | ✅ |
Exclude Filter | ✅ |
Include Filter | ✅ |
Pre-commit | ✅ |
Pre-receive | ✅ |
Scan Gitlab Actions | ✅ |
Auto resume | ✅ |
Notes:
- TruffleHog does not scan diffs > 1 GB