trufflehog catalog hook scans gitignored target/ in Rust consumers, blocks every commit #287
Labels
No labels
burndown-2026-06
coherence-core
consult
headless
interactive
P0
P1
P2
P3
P4
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
coilyco-flight-deck/agentic-os#287
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Problem
The catalog
trufflehog (secret scan, offline)hook shipped from this repo(
.pre-commit-hooks.yaml) false-positives on Rust build artifacts. On any hostthat has run a release build,
target/exists (gitignored, untracked) and thehook reads its binary blobs (
libzerocopy-*.rlib,.rmeta,*.pdb), emittingthousands of bogus "unverified" hits that block every
git commit.Reported in coilyco-bridge/agentic-os-kai#530. It blocked landing the
.forgejo/migration in
coilysiren/repo-recallon a tower untilrm -rf target/(4.6GB,fully reproducible). It affects every Rust-shaped consumer of this hook
(repo-recall, cli-guard, ward, coily).
Current hook entry
.pre-commit-hooks.yaml, idtrufflehog:Root cause
trufflehog's
git file://.scan reads the working copy, and for untracked filesit does not consult
.gitignore(upstream feature request trufflesecurity/trufflehog#3356confirms trufflehog does not honor
.gitignore). So gitignoredtarget/getswalked. Removing
target/is what clears the hits, which proves the working-treeread is the source.
Fix shape (verify empirically with a live trufflehog before landing)
This repo is the right home because the entry is centrally managed: consumers
carry it via the
apply-agentic-os-hooks.pymanaged block, and that block isregenerated with no per-hook args, so a consumer-side override does not survive.
Candidates, in rough order of preference:
--exclude-globsappended inline (travels with the shared entry, no per-repofile needed): e.g.
--exclude-globs 'target/**,dist/**,build/**,node_modules/**'.Caveat to verify:
--exclude-globsis documented as filtering at thegit loglevel, so confirm it also suppresses the untracked working-tree read, not just
committed objects.
--exclude-paths <file>of regexes (the pattern already used inagentic-os-kai's
.github/workflows/trufflehog.ymlCI scan:(^|/)target/,\.venv/,node_modules/, the cache dirs). Downside: needs a committedregex file each consumer carries, awkward for a shared entry.
The carrying agent should reproduce with
cargo build --release+ an emptycommit, pick whichever flag actually suppresses the working-tree read, and keep
real staged-secret detection intact (do not blanket
--only-verified, the hookis offline
--no-verification).Rollout (part of done)
Landing the entry change is not enough on its own. Consumers pin a
rev:, soafter this lands and a release tag cuts, bump the pin fleet-wide via
make apply-agentic-os-hooks/apply-agentic-os-hooks.py --rev vXso Rustrepos actually receive the fix. Closing agentic-os-kai#530 depends on that
rollout reaching the affected repos.
Repro
Filed from the agentic-os-kai#530 carry container, which is scoped to
agentic-os-kai and cannot push this repo. Cross-ref: coilyco-bridge/agentic-os-kai#530.
Duplicate of #288 (double-submit from the carry container). Tracking in #288.