mirror of
https://github.com/trufflesecurity/trufflehog.git
synced 2024-09-20 14:42:03 +00:00
Assume unauthenticated github scans have public visibility (#2308)
This commit is contained in:
parent
a1dc660f41
commit
c5af979aee
1 changed files with 4 additions and 8 deletions
|
@ -357,6 +357,10 @@ func (s *Source) visibilityOf(ctx context.Context, repoURL string) (visibility s
|
|||
s.mu.Unlock()
|
||||
}()
|
||||
logger := s.log.WithValues("repo", repoURL)
|
||||
if _, unauthenticated := s.conn.GetCredential().(*sourcespb.GitHub_Unauthenticated); unauthenticated {
|
||||
logger.V(3).Info("assuming unauthenticated scan has public visibility")
|
||||
return source_metadatapb.Visibility_public
|
||||
}
|
||||
logger.V(2).Info("Checking public status")
|
||||
u, err := url.Parse(repoURL)
|
||||
if err != nil {
|
||||
|
@ -379,10 +383,6 @@ func (s *Source) visibilityOf(ctx context.Context, repoURL string) (visibility s
|
|||
}
|
||||
}
|
||||
if err != nil || gist == nil {
|
||||
if _, unauthenticated := s.conn.GetCredential().(*sourcespb.GitHub_Unauthenticated); unauthenticated {
|
||||
logger.Info("Unauthenticated scans cannot determine if a repository is private.")
|
||||
visibility = source_metadatapb.Visibility_private
|
||||
}
|
||||
logger.Error(err, "Could not get Github repository")
|
||||
return
|
||||
}
|
||||
|
@ -402,10 +402,6 @@ func (s *Source) visibilityOf(ctx context.Context, repoURL string) (visibility s
|
|||
}
|
||||
if err != nil || repo == nil {
|
||||
logger.Error(err, "Could not get Github repository")
|
||||
if _, unauthenticated := s.conn.GetCredential().(*sourcespb.GitHub_Unauthenticated); unauthenticated {
|
||||
logger.Info("Unauthenticated scans cannot determine if a repository is private.")
|
||||
visibility = source_metadatapb.Visibility_private
|
||||
}
|
||||
return
|
||||
}
|
||||
if *repo.Private {
|
||||
|
|
Loading…
Reference in a new issue