From 7f66b6d453054be08d4fd8dc39f85327ace845bf Mon Sep 17 00:00:00 2001
From: nbp <splinesreticulating@users.noreply.github.com>
Date: Sun, 6 Jul 2025 15:32:23 -0700
Subject: [PATCH 1/3] docs: add trufflehog as a required dependency

---
 README.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 732275e..aaeb7c3 100644
--- a/README.md
+++ b/README.md
@@ -10,11 +10,15 @@ This project was created in collaboration with [Sharon Brizinov](https://github.
 
 1. Download the Force Push Commits SQLite DB (`force_push_commits.sqlite3`) via a quick Google Form submission: <https://forms.gle/344GbP6WrJ1fhW2A6>. This lets you search all force push commits for any user/org locally.
 
-2. Install Python deps:
+2. Install Python deps and trufflehog:
 
 ```bash
 pip install -r requirements.txt
+pip install trufflehog
 ```
+
+   Note: trufflehog must be installed and available in your PATH as it's used for secret scanning.
+
 3. Scan an org/user for secrets:
 
 ```bash

From b7d22b4433fe874c025e5643a5ae5e655d5827b5 Mon Sep 17 00:00:00 2001
From: nbp <splinesreticulating@users.noreply.github.com>
Date: Mon, 7 Jul 2025 12:50:29 -0700
Subject: [PATCH 2/3] docs: clarify TruffleHog v3+ requirement and improve
 installation instructions

---
 README.md | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index aaeb7c3..e5edb3a 100644
--- a/README.md
+++ b/README.md
@@ -10,16 +10,27 @@ This project was created in collaboration with [Sharon Brizinov](https://github.
 
 1. Download the Force Push Commits SQLite DB (`force_push_commits.sqlite3`) via a quick Google Form submission: <https://forms.gle/344GbP6WrJ1fhW2A6>. This lets you search all force push commits for any user/org locally.
 
-2. Install Python deps and trufflehog:
+2. Install Python dependencies:
 
 ```bash
 pip install -r requirements.txt
-pip install trufflehog
 ```
 
-   Note: trufflehog must be installed and available in your PATH as it's used for secret scanning.
+3. Install TruffleHog (v3 or later — required for secret scanning):
 
-3. Scan an org/user for secrets:
+#### macOS (Homebrew):
+```bash
+brew install trufflehog
+```
+
+#### Linux / Other:
+Download the latest binary from the [Releases page](https://github.com/trufflesecurity/trufflehog/releases), or use:
+
+```bash
+go install github.com/trufflesecurity/trufflehog@latest
+```
+
+4. Scan an org/user for secrets:
 
 ```bash
 python force_push_scanner.py <org> --db-file /path/to/force_push_commits.sqlite3 --scan

From 810abb7beeaa6a5d528c2e3dbffc124fe1b93d19 Mon Sep 17 00:00:00 2001
From: nbp <splinesreticulating@users.noreply.github.com>
Date: Mon, 7 Jul 2025 12:53:07 -0700
Subject: [PATCH 3/3] fix: retain casualness

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index e5edb3a..be14646 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ This project was created in collaboration with [Sharon Brizinov](https://github.
 
 1. Download the Force Push Commits SQLite DB (`force_push_commits.sqlite3`) via a quick Google Form submission: <https://forms.gle/344GbP6WrJ1fhW2A6>. This lets you search all force push commits for any user/org locally.
 
-2. Install Python dependencies:
+2. Install Python deps:
 
 ```bash
 pip install -r requirements.txt