Analyzing GitHub Enterprise Cloud Managed User secrets always fails when getting gists

[Nothing4You]

TruffleHog Version

trufflehog 3.90.2

Trace Output

N/A: analyze does not work with log level

trufflehog --log-level=5 analyze
2025-07-28T17:34:47+02:00	info-2	trufflehog	trufflehog 3.90.2
🐷🔑🐷  TruffleHog. Unearth your secrets. 🐷🔑🐷

2025-07-28T17:34:47+02:00	info-4	trufflehog	default engine options set
2025-07-28T17:34:47+02:00	info-4	trufflehog	engine initialized
2025-07-28T17:34:47+02:00	info-4	trufflehog	setting up aho-corasick core
2025-07-28T17:34:47+02:00	info-4	trufflehog	set up aho-corasick core
2025-07-28T17:34:47+02:00	info-2	trufflehog	starting scanner workers	{"count": 14}
2025-07-28T17:34:47+02:00	info-2	trufflehog	starting detector workers	{"count": 112}
2025-07-28T17:34:47+02:00	info-2	trufflehog	starting verificationOverlap workers	{"count": 14}
2025-07-28T17:34:47+02:00	info-2	trufflehog	starting notifier workers	{"count": 14}
2025-07-28T17:34:47+02:00	error	trufflehog	error running scan	{"error": "invalid command: analyze"}

Expected Behavior

Analyzing GitHub secrets should work.

Actual Behavior

Always stuck on

Error getting gists.
[x] GET https://api.github.com/gists?page=1&per_page=100: 403 Rate Limit Exceeded []

Steps to Reproduce

1. Run trufflehog analyze
2. Select GitHub
3. Enter ghp_* or github_pat_* secret
4. Run TruffleHog Analyze
5. See error

Environment

• OS: macOS
• Version: 15.5

Additional Context

This is 100% reproducible with enterprise managed users.
With a non-managed user it seems to just get stuck, but due to the lack of logs I can't tell what's going on there works, it just takes a long time for my account due to the public repos being iterated.

Since GitHub Enterprise Managed Users don't support gists and they're only able to see public gists this is likely just a misleading error message, as the rate limit headers on the response seem to indicate being well within limits:

< HTTP/2 403
< content-type: application/json; charset=utf-8
< content-length: 113
< x-github-media-type: github.v3; format=json
< x-github-api-version-selected: 2022-11-28
< x-ratelimit-limit: 5000
< x-ratelimit-remaining: 4996
< x-ratelimit-reset: 1753720865
< x-ratelimit-used: 4
< x-ratelimit-resource: core
[…]
<
{
  "message": "Rate Limit Exceeded",
  "documentation_url": "https://docs.github.com/rest",
  "status": "403"
}

References

Maybe related to #4259, though the description seems to be just about the message and not about an error being newly raised.

[shahzadhaider1]

Hi @Nothing4You,

Thank you for taking the time to open this issue and sharing detailed information. We appreciate your contribution to the project!
We’ll take a look and get back to you as soon as we can. If we need any clarification, we’ll follow up here.

Thanks again for helping make this project better!

[kashifkhan0771]

N/A: analyze does not work with log level

That's correct. Analyze uses its own terminal user interface, which doesn't support log levels directly. However, you can save logs to a file by specifying a filename in the "log file" section of the analyze command.

Regarding the rate limit error for Gists, I’ll investigate that further.

Maybe related to #4259, though the description seems to be just about the message and not about an error being newly raised.

It’s not related. PR #4259 only updated the error message to include the actual error for better context. It didn’t introduce a new error or change behavior.