trufflehog

mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-09-20 14:42:03 +00:00

Author	SHA1	Message	Date
dependabot[bot]	1df352bac5	Bump google.golang.org/api from 0.114.0 to 0.122.0 (#1342 ) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.114.0 to 0.122.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.114.0...v0.122.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-15 08:23:42 -05:00
dependabot[bot]	4fcea1e772	Bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 (#1339 ) Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.1.0 to 1.3.3. - [Release notes](https://github.com/cloudflare/circl/releases) - [Commits](https://github.com/cloudflare/circl/compare/v1.1.0...v1.3.3) --- updated-dependencies: - dependency-name: github.com/cloudflare/circl dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-15 08:21:39 -05:00
vickygoel	4c04bbbe85	added pulumi cloud Access token detector (#1295 ) * added pulumi cloud Access token detector * removed accidentally committed tokens * added the databricks token detection * made recommended changes * added supabase management api token * nuget api key detector * added aiven.io token detector * added prefect.io api key detector * update protos. --------- Co-authored-by: Developer <garg47294+1@gmail.com> Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>	2023-05-11 09:08:48 -07:00
Brendan Shaklovitz	584db86031	Support line numbers in filesystem source (#1297 )	2023-05-09 08:02:34 -07:00
Brendan Shaklovitz	fad34d4dc6	git worktree scanning fix for #827 (#1315 ) * Fix worktree scan by setting EnableDotGitCommonDir * Change `PlainOpenOptions` to set `EnableDotGitCommonDir` to true. In every current usage of this function, it is on an already-cloned repository, so it should always be valid to have this set. By doing so, it should fix some issues with worktrees. * Remove unused go.mod replace directives * Remove replace directives for libraries that are not in use.	2023-05-09 08:00:47 -07:00
Brendan Shaklovitz	e3213fbdeb	Do extraction after decompression (#1320 ) * Fix error where some files do not get properly scanned due to order of extraction / decompression steps. Doing decompression first ensures that a compressed archive (e.g., gzipped zip file), is handled correctly.	2023-05-09 07:56:08 -07:00
Bill Rich	f2924f3061	Make sure context lines are properly handled (#1331 ) * Make sure context lines are properly handled * Fix git test to account for context change	2023-05-05 12:51:27 -07:00
Miccah	6699ccd2b5	Generate protos (#1329 )	2023-05-04 12:26:41 -05:00
Brendan Shaklovitz	87f3f27dab	Fix SquareApp detector type return value (#1322 ) * Change SquareApp detector type to report as SquareApp instead of Square.	2023-05-04 10:25:20 -07:00
ahrav	deb0f63d25	Update regex. (#1328 )	2023-05-04 10:23:13 -07:00
ahrav	030c093392	Fix how we scan orgs (#1327 ) * Fix how we scan orgs. * fix integration test.	2023-05-04 08:07:11 -07:00
Brendan Shaklovitz	be4147a24e	Output git timestamps as UTC times (#1323 )	2023-05-03 11:47:00 -05:00
ahrav	323c093818	Normalize GitHub repos during enumeration (#1269 ) * Normalize repos during enumeration. * fix test. * Add benchmark. * Add benchmark. * Add more realistic benchmark values. * add gist mocks. * Remove old normalize fxn. * abstract away the repo cache. * update test. * increase repo count. * increase page limnit to 100. * move callee fxns below caller for Chunks. * Add context to normalize. * remove extra logic in normalize repo. * Delete new.txt * Delete old.txt * Handle errors in a thread safe manner. * fix test.' * fix test. * handle repos that are included by users. * Abstract include ignore logic within repoCache. * Add better comment around repoCache. * Rename params. * remove commented out code. * use repos instead of items. * remove commented out code. * Use ++ instead of atomic increment. * update to use logger var. * use cache pkg. * Address comments. * fix test. * make less sucky test. * Update test.	2023-05-03 08:35:53 -07:00
ahrav	9cb91a6e4f	Extend cache interface (#1318 ) * Extend cache interface. * update test.	2023-05-03 08:21:00 -07:00
ahrav	714c480931	Add log to track git log size (#1325 ) * Add log to track git log size. * Add calc for large commits and last commit.	2023-05-02 16:36:39 -07:00
Zachary Rice	21258f4160	add performance test (#1301 ) * add performance test * only run on PRs, test out failure * remove extras	2023-05-01 10:54:05 -05:00
Dustin Decker	65305ed9f6	Scan only for verified secrets in our CI (#1310 )	2023-05-01 10:28:46 -05:00
dependabot[bot]	156aaac745	Bump github.com/lib/pq from 1.10.8 to 1.10.9 (#1307 ) Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.8 to 1.10.9. - [Release notes](https://github.com/lib/pq/releases) - [Commits](https://github.com/lib/pq/compare/v1.10.8...v1.10.9) --- updated-dependencies: - dependency-name: github.com/lib/pq dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-01 07:55:12 -07:00
dependabot[bot]	531d17bd3a	Bump github.com/mholt/archiver/v4 from 4.0.0-alpha.7 to 4.0.0-alpha.8 (#1305 ) Bumps [github.com/mholt/archiver/v4](https://github.com/mholt/archiver) from 4.0.0-alpha.7 to 4.0.0-alpha.8. - [Release notes](https://github.com/mholt/archiver/releases) - [Changelog](https://github.com/mholt/archiver/blob/master/.goreleaser.yml) - [Commits](https://github.com/mholt/archiver/compare/v4.0.0-alpha.7...v4.0.0-alpha.8) --- updated-dependencies: - dependency-name: github.com/mholt/archiver/v4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-01 07:49:15 -07:00
Jason Solis	c13c56283d	add tineswebhook detector (#1304 )	2023-05-01 07:48:58 -07:00
dependabot[bot]	56cd1df414	Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.3.0 to 2.4.0 (#1306 ) Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation) from 2.3.0 to 2.4.0. - [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases) - [Commits](https://github.com/bradleyfalzon/ghinstallation/compare/v2.3.0...v2.4.0) --- updated-dependencies: - dependency-name: github.com/bradleyfalzon/ghinstallation/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-01 07:41:11 -07:00
ahrav	67972683ea	[chore] - format log msg (#1299 ) * format log msg. * snake. * lowercase repo.	2023-04-27 17:14:00 -07:00
ahrav	a2266b4e28	add additional logging (#1298 ) * add additional logging. * update test. * remove continue. * address comments.	2023-04-27 16:48:04 -07:00
Miccah	b1675194ca	Implement EndpointCustomizer (#1291 ) * Implement EndpointCustomizer Add the EndpointCustomizer interface and EndpointSetter convenience struct, implement EndpointCustomizer for github and gitlab detectors, and add parsing, verification, and applying user-supplied configuration. * Check error from SetEndpoints * Rename variable for clarity	2023-04-27 12:23:50 -05:00
Dustin Decker	4086895249	add scripts to benchmark and plot performance across tags (#1293 ) * add scripts to benchmark and plot performance across tags * missing newline * fmt	2023-04-26 15:43:23 -07:00
Brendan Shaklovitz	10902f802a	Add max object size flag for s3 bucket scanning (#1294 ) Co-authored-by: Dustin Decker <dustin@trufflesec.com>	2023-04-26 15:39:43 -07:00
Aman Sakhuja	2a3f8942ee	Fixed contentfulpersonalaccesstoken regex (#1199 )	2023-04-26 14:32:36 -07:00
Shabbir B	d1cbc54fc6	Updated BrowserStack detector endpoint (#1290 ) Updated endpoint	2023-04-26 08:59:24 -07:00
Miccah	5a86c18302	Fix include and exclude detector logic (#1267 ) * Fix include and exclude detector logic * Fix test * Add more clarifying comments	2023-04-26 10:49:54 -05:00
ahrav	622700b6ec	update proto to allow for ignoring projects. (#1289 )	2023-04-26 07:30:43 -07:00
ahrav	15ed428e28	update jira detector. (#1288 )	2023-04-25 17:26:51 -07:00
Shabbir B	6f801f64c7	Added a new detector for percy.io (#1284 ) * Feature: Added a new detector for percy.io * Updated variable name --------- Co-authored-by: ahrav <ahravdutta02@gmail.com>	2023-04-25 13:18:34 -07:00
Dustin Decker	3485a6dab1	improve sqlserver detection and testing (#1285 ) * improve sqlserver detection and testing * add data source keyword	2023-04-25 11:00:37 -07:00
ahrav	34f5db64ae	Small optimizations for the base64 decoder (#1278 ) * Small optimizations. * remove unnecessary timer reset. * remove blank lines. * remove test file. * Move b64 character mapping creation to init.	2023-04-24 11:27:07 -07:00
dependabot[bot]	91bd843ba7	Bump cloud.google.com/go/storage from 1.29.0 to 1.30.1 (#1282 ) Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.29.0 to 1.30.1. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.29.0...spanner/v1.30.1) --- updated-dependencies: - dependency-name: cloud.google.com/go/storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-24 10:37:48 -07:00
dependabot[bot]	584ab043a2	Bump github.com/envoyproxy/protoc-gen-validate from 0.10.1 to 1.0.0 (#1280 ) Bumps [github.com/envoyproxy/protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate) from 0.10.1 to 1.0.0. - [Release notes](https://github.com/envoyproxy/protoc-gen-validate/releases) - [Changelog](https://github.com/bufbuild/protoc-gen-validate/blob/main/.goreleaser.yaml) - [Commits](https://github.com/envoyproxy/protoc-gen-validate/compare/v0.10.1...v1.0.0) --- updated-dependencies: - dependency-name: github.com/envoyproxy/protoc-gen-validate dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-24 10:27:10 -07:00
dependabot[bot]	7578a3a56e	Bump google.golang.org/api from 0.118.0 to 0.119.0 (#1279 ) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.118.0 to 0.119.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.118.0...v0.119.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-24 10:12:12 -07:00
ahrav	800ac30ea0	optimize base64 decoder. (#1277 )	2023-04-20 20:36:46 -07:00
ahrav	abdff53d5d	optimize utf-8 decoder (#1275 ) * optimize utf-8 decoder. * remove string conversion.	2023-04-20 16:52:34 -07:00
Yassine Ilmi	a002ba9a75	Add RawV2 Results to the JSON Output (#1273 ) * Add RawV2 to JSON Output * Adding RawV2 results to Azure, Datadog and GCP Detectors	2023-04-20 16:31:53 -07:00
ahrav	cec1543894	Add utf16 decoder proto. (#1276 )	2023-04-20 15:25:36 -07:00
Dustin Decker	e217e2fbfd	Ensure multipart credentials are deduplicated correctly (#1271 ) * Ensure multipart credentials are deduplicated correctly * update tests	2023-04-20 15:07:59 -07:00
ahrav	4116a24b1c	Add utf16 decoder (#1274 ) * Add utf16 decoder. * Add test for utf-8. * Remove else if. * optimize to use a single loop.	2023-04-20 15:07:49 -07:00
Bill Rich	a6902ae9cb	Add configurable detectors (#1139 ) * JDBC detector ignore patterns * Remove newline --------- Co-authored-by: Bill Rich <bill.rich@trufflesec.com>	2023-04-20 11:44:28 -07:00
Zubair Khan	6dd24d17d4	Switch Endpoint Field to Client ID (#1270 ) * no longer using endpoint, but do need client id * use oauth2 credential type	2023-04-19 16:54:37 -04:00
ahrav	5b2b434a8a	Allow multipel team IDs. (#1259 )	2023-04-19 11:47:25 -07:00
ah̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d	1c1f034468	Adding Google drive to MetaData proto (#1264 )	2023-04-19 10:49:40 -04:00
dependabot[bot]	661e62f006	Bump github.com/xanzy/go-gitlab from 0.81.0 to 0.83.0 (#1268 ) Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.81.0 to 0.83.0. - [Release notes](https://github.com/xanzy/go-gitlab/releases) - [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go) - [Commits](https://github.com/xanzy/go-gitlab/compare/v0.81.0...v0.83.0) --- updated-dependencies: - dependency-name: github.com/xanzy/go-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-18 08:48:26 -07:00
dependabot[bot]	92244019a9	Bump github.com/lib/pq from 1.10.7 to 1.10.8 (#1260 ) Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.7 to 1.10.8. - [Release notes](https://github.com/lib/pq/releases) - [Commits](https://github.com/lib/pq/compare/v1.10.7...v1.10.8) --- updated-dependencies: - dependency-name: github.com/lib/pq dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-18 08:36:17 -07:00
Miccah	dfc5a9f5db	[chore] Log possible duplicate detectors (#1266 ) * [chore] Log possible duplicate detectors * Fix typos	2023-04-18 10:36:00 -05:00

1 2 3 4 5 ...

2017 commits