Please review the Community Note before submitting
Description
It'd be nice to have support for a .trufflehogignore file. In this file you could add "fingerprints"/trufflehog json output of secret findings that are either false positives or have been rotated previously. This way you won't have to rebase the entire repository and still be able to ignore findings that have already been resolved. I think this would be a nice alternative to rebasing the repository as rotated/false positive secrets are not problematic if they stay in the repository IMO.
Preferred Solution
A .trufflehogignore file containing either fingerprints (hashes of the findings) or the JSON output of findings.
Additional Context
I'd be willing to work on this, I'd like to hear what the contents of the .trufflehogignore file should be.
References
Please review the Community Note before submitting
Description
It'd be nice to have support for a .trufflehogignore file. In this file you could add "fingerprints"/trufflehog json output of secret findings that are either false positives or have been rotated previously. This way you won't have to rebase the entire repository and still be able to ignore findings that have already been resolved. I think this would be a nice alternative to rebasing the repository as rotated/false positive secrets are not problematic if they stay in the repository IMO.
Preferred Solution
A .trufflehogignore file containing either fingerprints (hashes of the findings) or the JSON output of findings.
Additional Context
I'd be willing to work on this, I'd like to hear what the contents of the .trufflehogignore file should be.
References