This PR:
Creates an optional interface that detectors can use to customize their false positive detection
Implements this interface on detectors that have custom logic
In most cases this "custom logic" is simply a no-op because the detector does not participate in false positive detection
Eliminates inline (old-style) false positive exclusion in a few detectors that #2643 missed
* pull out verification logic from github detectors
* deduplicate verify github logic
* pull out nil check
* return nil instead of empty struct
* skip gh old test bc we can't make new tokens
* Implement EndpointCustomizer
Add the EndpointCustomizer interface and EndpointSetter convenience struct,
implement EndpointCustomizer for github and gitlab detectors, and add
parsing, verification, and applying user-supplied configuration.
* Check error from SetEndpoints
* Rename variable for clarity
* Adjust types to use DetectorID struct
* Parse versions with detector include and exclude input
* Update detectors filter to use version
Co-authored-by: steeeve <steve@trufflesec.com>
* Implement Versioner for github, gitlab, and npm detectors
Co-authored-by: steeeve <steve@trufflesec.com>
---------
Co-authored-by: steeeve <steve@trufflesec.com>
* Add Type() to detector interface
The goal here is to allow the detector type information to be used
without the need for reflection. This could possibly allow us to more
easily inject information into detectors or filter them out if
necessary.
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
* remove test detector
---------
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
* Detectors that fail verification should still report the unverified secret
* fixup - change microsoft webhook keywords, filter false positives for old github detector
* fixup - fix typo
