NotGitBleed shhgit support #100
Description
Although shhgit scans file systems and git repos as far as I am aware it doesn't currently scan commit metadata for passwords.
Recently this has been published:
https://www.notgitbleed.com/
A lot of Github users of large open source projects accidentally commit their GitHub credentials even when tools such as shhgit are being used at an alarming rate.
Since this work has been published we have worked with GitHub to mitigate this on GitHub and they have built a scanning tool:
https://github.blog/changelog/2022-04-11-secret-scanning-detects-and-revokes-leaked-passwords/
It would be great to confirm that shhgit doesn't currently scan git commit metadata and to find out if this is something you can support in future.