--shallow-since for git and github scans

[chr-b]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Scanning of git repositories with a long history can take hours. The --max-depth and --since-commit flags that are available for the git sub command allow to restrict the git history to be scanned.
However, these parameters are not that useful when trying to only scan git history up to a specific point in time. The since-commit flag can be correlated with time, but is AFAIK restricted to a particular branch.

Problem to be Addressed

It would be useful to scan all commits of a git branch up to a particular point in time. E.g. last 24 hours or last 5 days. This will scan all commits across all branches from NOW backwards for the specified time range (or to the specified point in time).

git itself has the --shallow-since parameter that creates a shallow clone with a history after the specified time.

Description of the Preferred Solution

An additional flag --shallow-since (or something named similar) that allows the user to specify a date range, or a specific date in the past. Trufflehog will then scan all commits within the specified date range and will abort once an older commit outside this date range is encountered.

This flag should be available for both the git and github sub commands.

[dustin-decker]

Related, but isn't doing a shallow clone yet: #1631

[svennergr]

@dustin-decker not sure if I misunderstood it, but isn't trufflehog already using --shallow-since for git clones:
https://github.com/trufflesecurity/trufflehog/blob/main/pkg/sources/git/git.go#L812-L818

[svennergr]

#564