The infisical scan command serves to scan repositories, directories, and files. It’s compatible with both individual developer machines and Continuous Integration (CI) environments.
When you run infisical scan on a Git repository, Infisical will parses the output of a git log -p command. This command generates patches that Infisical uses to identify secrets in your code.
You can configure the range of commits that git log will cover using the --log-opts flag.
Any options you can use with git log -p are valid for --log-opts.
For instance, to instruct Infisical to scan a specific range of commits, use the following command: infisical scan --log-opts="--all commitA..commitB". For more details, refer to the Git log documentation.
To scan individual files and directories, use the --no-git flag.
