It's probably either that they took the picture a while ago, or they were going character by character and accidentally screenshot with one too few. All of these are valid right now, and the first one is the one they show:

https://github.com/trufflesecurity/trufflehog/commit/7bc0b2 https://github.com/trufflesecurity/trufflehog/commit/7bc0b4 https://github.com/trufflesecurity/trufflehog/commit/7bc0b8 https://github.com/trufflesecurity/trufflehog/commit/7bc0b8

Thanks! Yeah probably the latter. The chance of they having 4 commits sharing the same first 5 letters after the fact is unlikely with mere 3k commits. So it's more plausible that they searched around their commit hashes and used the most duplicated prefix as an example at the time.

As mentioned it works for valid short hashes, if there are multiple commits with those first 5 characters then you need to make it more specific by bruteforcing, appending a 2, 4, 7, or 8 will lead to a valid commit.

But the author can visit it fine as shown in the picture? https://framerusercontent.com/images/B0wRJU4mjHvmKdy7mpZ3Z3w...