Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-15 01:17:34 +00:00
Code Issues Projects Releases Packages Wiki Activity
3468 commits 137 branches 258 tags 180 MiB
Commit graph

3468 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bhodi
2830bed00b
Updated Cosign Install URL (#3364) 2024-10-03 14:12:58 -05:00
renovate[bot]
901fdff992
fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.0 (#3361) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-03 07:24:47 -07:00
Kashif Khan
a4cc5f7cc3
Added Pattern test cases for detectors (#3354) 
* Added Pattern test cases for detectors

* restructured the unit tests

* Added pattern test cases for few more detectors

* Added pattern test case for 3 more detectors

* formatted testing patterns
 2024-10-02 10:44:47 -07:00
ahrav
04eae7af42
remove size check (#3351) 2024-10-02 08:27:33 -07:00
renovate[bot]
93c8c95812
fix(deps): update module go.mongodb.org/mongo-driver to v1.17.1 (#3357) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-02 08:22:00 -07:00
ahrav
b63d6c02a7
[chore] - Rename memory cache package to 'simple' for clarity (#3352) 
* rename memory to cache

* Update

* fix imports
 2024-10-02 07:48:26 -07:00
Kashif Khan
effee2a912
Fixed github oauth2 token detector (#3353) 2024-10-01 04:07:22 -07:00
ahrav
a5b09951c1
[feat] - Add SizedLRU Cache (#3344) 
* add impl for lru sized cache

* update error message

* address comments

* rename

* update comments
 2024-09-30 13:18:15 -07:00
ahrav
350db3a11e
[bug] - Recover From Panic During Archive Handling (#3348) 
* recover from panic

* clarify comment
 2024-09-30 12:45:20 -07:00
ahrav
3dff283bb2
[fix] - Use Parent Context in Azure Detector (#3346) 
* use context

* sort imports
 2024-09-30 12:13:04 -07:00
ahrav
5f3b4521d7
[chore] - update Go version to 1.23.0 (#3340) 
* update Go version to 1.23.0

* update go version across the rest of the project
 2024-09-27 09:55:15 -07:00
Zachary Rice
8cb5e98804
disable secret scans for community PRs (#3343) 
* disable secret scans for community PRs

* check if fork too
 2024-09-27 11:55:04 -05:00
Kashif Khan
49cb9d395d
Enhanced the eraser detector to handle new status code from verification API (#3342) 2024-09-27 11:32:58 -05:00
ahrav
ee51fc5cc4
[feat] - Add Generic Hasher Interface with Blake2b Implementation (#3337) 
* Add hasher interface and fnv + sha256 implemenations

* update

* remove

* fix test

* update

* remove

* remove

* fix spelling
 2024-09-26 20:11:42 -07:00
Miccah
0328a19a9d
[fix] Move detector initialization to DefaultDetectors function (#3341) 2024-09-26 14:03:24 -07:00
Dustin Decker
f3630da1e0
Improve process cleanup (#3339) 
* ensures that cmd.Wait() is always called, even if there's a panic in the FromReader function or if stdOut.Close() returns an error

* close stdout and ensure wait is called when handling binaries

* process cleanup improvements

* lint
 2024-09-26 10:17:47 -07:00
Richard Gomez
6d022e7d8e
fix(decoder): prevent race (#3031) 2024-09-26 09:44:59 -07:00
ahrav
0ba3fa11ba
Add named params to interface methods (#3335) 2024-09-26 07:06:07 -07:00
renovate[bot]
c57b6b02f3
fix(deps): update module google.golang.org/api to v0.199.0 (#3336) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-25 19:38:33 -07:00
Miccah
1a0cf04c3d
[chore] Ensure testing Endpoints() doesn't silently pass on change (#3334) 
Since Endpoints() isn't a defined interface, we are testing an
implementation detail of EndpointSetter. If that function changes in
anyway, the test will now fail instead of skipping every detector and
passing.
 2024-09-25 15:27:13 -07:00
Miccah
4484bf443b
[fix] Correctly initialize detectors with cloud endpoint customization (#3333) 
* [fix] Correctly initialize detectors with cloud endpoint customization

We were only initializing if the detector was configured with a custom
endpoint, but not in the default case.

* Add test

* Fix gitlab.v2 detector
 2024-09-25 13:06:00 -07:00
Kashif Khan
eb40243984
RailwayApp Detector (#3331) 
* Added RailwayApp detector

* Updated Keywords
 2024-09-25 10:17:08 -05:00
renovate[bot]
37be0e0c6f
fix(deps): update module github.com/couchbase/gocb/v2 to v2.9.2 (#3332) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-25 07:56:33 -07:00
dylanTruffle
0f427b3c6a
Adding Descriptions (#3258) 
* adding AI generated descriptions of the key types and their capabilities

* removing empty file

* Update abbysale.go

* update to interface

* fixes

* fix

* small cleanup

---------

Co-authored-by: Dylan Ayrey <dxa4481@rit.edu>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-09-24 16:10:16 -07:00
ahrav
50ff17bd5b
update timeout to 60s (#3330) 2024-09-24 15:13:36 -07:00
Dustin Decker
9089fb7df1
Include all detector tests for captain (#3329) 
* Use captain for test aggregation

* no retries

* include all detector tests
 2024-09-24 12:04:56 -07:00
Dustin Decker
3b0f2fcf39
Use captain for test aggregation (#3328) 
* Use captain for test aggregation

* no retries
 2024-09-24 11:51:52 -07:00
Abdul Basit
b612e1e4fd
[Fix] (#3306) 
For AWS session token, substring is being searched to avoid false positive session tokens.
Reference: https://nitter.poast.org/TalBeerySec/status/1816449053841838223#m
 2024-09-24 11:24:46 -07:00
renovate[bot]
b921232a35
fix(deps): update module google.golang.org/api to v0.198.0 (#3323) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-24 10:38:42 -07:00
Kashif Khan
4b6957df66
Endpoint customizer refresh (#3308) 
* Refresh EndpointCustomizer for more explicit configuration

Also add CloudProvider interface.

* WIP: Update EndpointSetter

* Updated detectors with new endpoint customizer

* Fixed linter

* Added check for appending cloud endpoints

---------

Co-authored-by: Miccah Castorina <m.castorina93@gmail.com>
 2024-09-24 11:41:05 -05:00
Richard Gomez
b2311b4ad2
Ignore glTF & JPEG XL files (#3325) 
* feat: ignore glTF files

Inspired by https://github.com/gitleaks/gitleaks/issues/1526

* feat: ignore JPEG XL

* feat: ignore .avifs in addition to .avif
 2024-09-24 08:00:02 -07:00
renovate[bot]
e96c8e2f0a
fix(deps): update module golang.org/x/oauth2 to v0.23.0 (#3322) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-23 19:52:13 -07:00
renovate[bot]
ff3cabd3db
fix(deps): update module go.uber.org/automaxprocs to v1.6.0 (#3321) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-23 19:40:37 -07:00
renovate[bot]
c40f06c6cb
fix(deps): update module go.mongodb.org/mongo-driver to v1.17.0 (#3319) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-23 19:18:48 -07:00
ahrav
26ae7cb09d
[bug] - Improve seekability check for stdout pipes in BufferedReadSeeker (#3189) 
* fix bug

* update

* clarify comment

* cleanup

* fix test

* update comment

* remove code for large files

* address comments

* update
 2024-09-23 16:55:26 -07:00
Richard Gomez
75557f61ed
Improve MongoDB connection string matching (#1550) 
* feat(mongodb): improve conn string matching

* fix(mongodb): err -> verificationErr
 2024-09-23 15:42:06 -07:00
renovate[bot]
f8f2485c6d
fix(deps): update module github.com/xanzy/go-gitlab to v0.109.0 (#3318) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-23 14:31:55 -07:00
Abdul Basit
3e46b3f221
[Analyzer] Test and generated permissions for HuggingFace, Square & Stripe (#3294) 
* stripe analyzer unit test

* add huggingface analyzer unit test

* add permissions.yaml for huggingface and fix in analyzer

* square permissions generated

* permissions generated for stripe

* change permissions to lowercase

* skip unknown permissions for square and stripe

---------

Co-authored-by: Abdul Basit <abasit@folio3.com>
 2024-09-23 12:17:20 -07:00
Miccah
2f3a410e38
Implement SourceUnitEnumChunker for GitHub (#3298) 
* Implement SourceUnitEnumChunker for GitHub

This change refactors the internal scan method to introduce a scanRepo
method to perform the actual scan.

* Export unit fields so the values are captured in the report

* Add comment for scanRepo

* Break out ensureRepoInfoCache into a method

* Update comments and check errors

* Ensure that the repoInfoCache contains the repo during ChunkUnit

* Add integration test for ChunkUnit

* Move s.scanOptions initialization to Init()
 2024-09-23 10:56:55 -07:00
renovate[bot]
764db68116
fix(deps): update module github.com/wasilibs/go-re2 to v1.7.0 (#3317) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-23 09:29:31 -07:00
renovate[bot]
49c78c9724
fix(deps): update module github.com/schollz/progressbar/v3 to v3.16.0 (#3315) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-23 09:16:37 -07:00
Zachary Rice
b78be6d935
hit em w/ a min (#3316) 2024-09-23 11:07:39 -05:00
renovate[bot]
6c7c1ae206
fix(deps): update module github.com/snowflakedb/gosnowflake to v1.11.1 (#3313) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-23 07:46:07 -07:00
ahrav
97fd2f80ee
[fix] - Add Size Method to BufferedReadSeeker and Refactor Context Timeout Handling in HandleFile (#3307) 2024-09-23 06:21:07 -07:00
renovate[bot]
c33ab21ea6
fix(deps): update module github.com/sendgrid/sendgrid-go to v3.16.0+incompatible (#3312) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-22 10:57:58 -07:00
renovate[bot]
6b7c137e11
fix(deps): update module github.com/schollz/progressbar/v3 to v3.15.0 (#3311) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-21 15:14:53 -07:00
renovate[bot]
3d1cb2ce5e
fix(deps): update module github.com/getsentry/sentry-go to v0.29.0 (#3310) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-21 13:12:41 -07:00
renovate[bot]
e29785dbaf
fix(deps): update module github.com/elastic/go-elasticsearch/v8 to v8.15.0 (#3309) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-21 10:54:20 -07:00
Miccah
77dc2720a8
Update GitHub enumeration to report unique filtered values (#3292) 
The reported values should match the values populated in s.repos.
 2024-09-18 14:30:10 -07:00
Miccah
b2da2a6a5c
[analyze] Add client filter to detect successful unsafe HTTP requests (#3305) 
* Move analyzer client to its own file

* Add analyzer client filter to detect successful unsafe HTTP requests

* Close response body in test
 2024-09-18 10:31:21 -07:00