How to enable git history analysis and enable commit authors?

In this section, you will find a tutorial to make an analysis with git history activated and show who are the authors of vulnerabilities you may found.

If using this functionality on CI, make sure all commits are being cloned. Check the recommended configuration for each CI in Installation via pipeline

Horusec run its analysis through Horusec-CLI and, by default, has the commit authors and the git history disabled. To enable it, add an option for each action, see on the examples below:

1. Enable analysis in all git history Rode o comando abaixo:

horusec start -p . --enable-git-history="true"

When you enable this function, Horusec will start the GitLeaks tool and it will search for leaks in your history.

2. Enable commit authors Run the command below:

horusec start -p . --enable-commit-author="true"

Regardless the tool, the vulnerabilities' authors will be shown on yhe analysis. If there is an integration with web application, you will see on the graphic interface’s dashboard the 5 users that created more vulnerabilities.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last modified November 10, 2021: Fix links of the redirect (79ea2f3a)