Miccah
e391e89f3e
Initial implementation of JobReport with SourceManager usage ( #1557 )
...
* Initial implementation of JobReport with SourceManager usage
* Limit concurrent units
* Only save the last JobReport per handle
2023-07-27 10:49:56 -05:00
Zachary Rice
3897454dbb
add merge support ( #1561 )
2023-07-27 09:24:49 -05:00
ahrav
ade5d91d5c
Add azure repos protos. ( #1559 )
2023-07-26 19:53:10 -07:00
Dustin Decker
84d4bf0d51
Override broken dependency version ( #1558 )
2023-07-26 16:13:02 -07:00
Richard Gomez
f925da7cea
fix(mongodb): detect CosmoDB access keys ( #1511 )
...
https://learn.microsoft.com/en-us/microsoft-365/compliance/sit-defn-azure-cosmos-db-account-access-key?view=o365-worldwide
2023-07-26 16:50:12 -05:00
dependabot[bot]
e0011ac08e
Bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 ( #1554 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.8.0 to 5.8.1.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.8.0...v5.8.1 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-26 14:13:12 -07:00
dependabot[bot]
7a29f8a514
Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.4.0 to 2.6.0 ( #1503 )
...
Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation ) from 2.4.0 to 2.6.0.
- [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases )
- [Commits](https://github.com/bradleyfalzon/ghinstallation/compare/v2.4.0...v2.6.0 )
---
updated-dependencies:
- dependency-name: github.com/bradleyfalzon/ghinstallation/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-26 09:03:55 -07:00
Richard Gomez
46823f77c9
feat(github): clarify comment log statement ( #1553 )
2023-07-26 09:40:30 -05:00
Miccah
10f0963bc9
Add SourceManager tests for Run and Wait methods ( #1530 )
...
* Miscellaneous SourceManager updates
* Own the chunks channel instead of accepting it as an input
* Add Chunks and Wait methods
* Fix bug in Enroll so it actually returns the handle
* Add context.Context parameter to the SourceInitFunc type
* Add SourceManager tests for Run and Wait methods
* Rename man variables to mgr
2023-07-26 00:48:28 -05:00
dependabot[bot]
35b332c498
Bump github.com/google/go-containerregistry from 0.14.0 to 0.15.2 ( #1504 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.14.0 to 0.15.2.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.14.0...v0.15.2 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bill Rich <bill.rich@gmail.com>
2023-07-25 20:33:18 -07:00
dependabot[bot]
c814ae4d83
Bump github.com/xanzy/go-gitlab from 0.86.0 to 0.88.0 ( #1522 )
...
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.86.0 to 0.88.0.
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.86.0...v0.88.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bill Rich <bill.rich@gmail.com>
2023-07-25 20:31:29 -07:00
Richard Gomez
2290954b02
fix(github): use apiEndpoint for basic or no auth ( #1454 )
2023-07-25 20:03:08 -07:00
Richard Gomez
f48a635c34
feat: update gitparse logic ( #1486 )
2023-07-25 17:52:34 -05:00
Miccah
91cbca941a
Fix data race in context wrapper library ( #1546 )
2023-07-25 17:09:36 -05:00
Zachary Rice
1a1977f7e6
case insensitive ( #1547 )
2023-07-25 17:01:15 -05:00
Bill Rich
f39303495a
Add commitsScanned metrics ( #1533 )
...
* Add commitsScanned metrics
* Just keep commit count
2023-07-25 11:31:01 -07:00
ahrav
b5b01d3eba
[chore] - optimize chunker ( #1535 )
...
* Use chunkbytes that includes the size of peek.
* linter.
* continue.
* add TotalChunkSize const.
2023-07-24 19:30:29 -07:00
Zachary Rice
85f363f093
init ( #1538 )
2023-07-24 19:09:57 -05:00
Dustin Decker
302c3ce8d1
Downgrade couchbase dep ( #1543 )
...
* update couchbase dep
* downgrade couchbase dep
2023-07-24 17:00:13 -07:00
Dustin Decker
fd6c281589
update couchbase dep ( #1540 )
2023-07-24 16:27:11 -07:00
Miccah
93c561f324
Add match boundary to okta regular expressions ( #1531 )
2023-07-24 10:52:50 -05:00
Dustin Decker
fab80445d1
continue scanning on detector / decoder panic ( #863 )
2023-07-24 07:34:43 -07:00
ahrav
9e0a2e9ddd
[chore] - Remove password info from log ( #1528 )
...
* Remove password info from log.
* update.
* one more.
2023-07-22 20:25:45 -07:00
Miccah
69515bb7ac
Correctly route pprof endpoint ( #1527 )
2023-07-21 22:45:27 -05:00
Miccah
91c5472876
Implement SourceManager basics ( #1515 )
...
* Implement SourceManager basics
* Rename identifiers and add a default headlessAPI implementation
* Rewrite to use SourceInitFunc
* Update variable name to accurately reflect its value
2023-07-21 15:20:25 -05:00
Miccah
a613bbb979
[chore] Remove parent manipulation in context package ( #1525 )
...
The ability to set the parent allowed creating context cycles which
shouldn't be allowed, or at the very least have unintuitive behavior.
2023-07-21 13:51:51 -05:00
Cody Rose
ebf1038392
Support indeterminacy in alchemy and update detector docs ( #1510 )
2023-07-21 14:50:14 -04:00
Zachary Rice
be68eb044a
Decrease frequency of dependabot alerts to monthly ( #1524 )
...
* Barely useful
* Update dependabot.yml
2023-07-21 11:22:03 -05:00
Cody Rose
06a562688d
capture json error ( #1509 )
2023-07-21 10:44:47 -05:00
dependabot[bot]
af428d5e88
Bump github.com/go-git/go-git/v5 from 5.7.0 to 5.8.0 ( #1523 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.7.0 to 5.8.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.7.0...v5.8.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-21 09:43:01 -05:00
dependabot[bot]
a3cc756ec6
Bump google.golang.org/api from 0.130.0 to 0.131.0 ( #1502 )
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.130.0 to 0.131.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.130.0...v0.131.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-21 09:16:14 -05:00
dependabot[bot]
3e077d874f
Bump github.com/googleapis/gax-go/v2 from 2.11.0 to 2.12.0 ( #1501 )
...
Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go ) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/googleapis/gax-go/releases )
- [Commits](https://github.com/googleapis/gax-go/compare/v2.11.0...v2.12.0 )
---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-21 09:15:37 -05:00
Miccah
e8b5e3cea3
Revert "[chore] Remove parent setting / getting in Context wrapper ( #1516 )" ( #1519 )
...
This reverts commit 8ec5e4916c
.
This commit is somehow causing AWS verification (and possibly others) to
not work.
2023-07-20 23:31:28 -05:00
Miccah
8ec5e4916c
[chore] Remove parent setting / getting in Context wrapper ( #1516 )
...
* [chore] Remove parent setting / getting in Context wrapper
* Keep the cancellable context from errgroup
2023-07-20 13:33:09 -05:00
Cody Rose
20b7793828
JDBC indeterminacy ( #1507 )
...
This PR adds an indeterminacy check to the JDBC verifiers.
2023-07-19 16:57:57 -04:00
Brandon Yan
8fad5fff79
add dockerhub scanner ( #1496 )
...
* add dockerhub scanner
* clean
* clean and fix regex logic and tests
* check length of userMatches before access
* Use camelcase.
---------
Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-07-19 09:26:28 -07:00
Cody Rose
cb1a63a4e2
unify JDBC detector ping logic ( #1506 )
...
Previously, the various JDBC detectors would independently try to verify credentials by a process of trying various permutations of candidates one-by-one. The upcoming tri-state verification work will need to add sophistication to this process in the same way for each one, so this PR first combines all of the logic so it can be upgraded in a single spot.
2023-07-19 11:45:56 -04:00
Cody Rose
f6aaa4924f
use go 1.20 for all github workflows ( #1508 )
2023-07-18 12:41:51 -04:00
Zubair Khan
be549a7287
add thog enterprise detector for web keys ( #1448 )
...
* saving progress
* proto changes
* run make protos
* verify response, add test case
* resolve linter warning about unescaped . in regex pattern
* resolve overlapping proto number
2023-07-18 09:53:12 -04:00
ahrav
3b00c0062c
[chore] - update detector template file ( #1500 )
...
* update detector template file.
* updatge replace string.
2023-07-17 14:35:51 -07:00
Brandon Yan
cab416b533
add launch_darkly keyword to launchdarkly scanner ( #1495 )
2023-07-17 14:05:58 -05:00
Cody Rose
ee814a67bd
tweak jdbc redaction ( #1490 )
...
JDBC redaction could fail in some irritating edge cases involving passwords that contain the @ character. The logic has been tweaked to eliminate these cases and some tests have been added.
2023-07-17 11:04:12 -04:00
Brandon Yan
17b90b32d0
add couchbase scanner to defaults ( #1497 )
...
Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-07-16 17:45:56 -07:00
Brandon Yan
9af31f00a9
add envoy api key scanner ( #1482 )
...
* add envoy api key scanner
* Use detectors4.
---------
Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-07-16 16:46:28 -07:00
trufflesteeeve
d03a74776e
Fix URI detector false results when the redacted password has been URL encoded ( #1489 )
2023-07-14 13:35:50 -04:00
Brandon Yan
aab8fddc67
fix twilio verification side effect ( #1494 )
...
change POST request to GET request
2023-07-13 17:48:51 -07:00
Miccah
4e774d1f01
Define SourceUnit chunking interface ( #1484 )
...
* Define SourceUnit chunking interface
* Refactor to use a ChunkReporter interface
* Rename shadowed err to scanErr
2023-07-13 14:11:43 -05:00
Miccah
4b7f94dea1
Rewrite SourceUnitEnumerator to use UnitReporter instead of a channel ( #1485 )
2023-07-13 13:48:33 -05:00
ahrav
a9213a1103
[chore] - Update loop to switch. ( #1487 )
...
* Update loop to switch.
* remove unused fxn.
2023-07-12 15:47:43 -07:00
Richard Gomez
1594fddf05
feat(git): include line in github & gitlab links ( #1466 )
2023-07-11 20:02:27 -07:00