Add output-file parameter to GitHub Action #4589
Description
Description:
It would be helpful if the trufflehog@main GitHub Action supported
saving scan results directly to a file.
Proposed Solution:
Add an optional output-file input parameter to action.yml that
allows users to specify a file path for saving JSON results.
Example usage:
- uses: trufflesecurity/trufflehog@main
with:
output-file: scan-results.json
extra_args: --results=verified,unknown
Current Workaround:
Users must run TruffleHog via Docker with output redirection instead
of using the action.
Benefits:
- Easier artifact upload in CI/CD pipelines
- Consistent with action-based workflows
- Better integration with other GitHub Actions
- Users can parse the output file and post findings as comments on pull
requests, which cannot be achieved without using Docker or installing
TruffleHog directly on the executor - Enables custom post-processing workflows (filtering, formatting,
notifications) without requiring Docker runtime or CLI installation
Thanks,
Brijesh