* added pattern test cases
* some more test cases with some fixes too
* improved apimetrics regex and added test cases
* added more pattern test cases
* added more pattern test cases
* last brick of pattern test cases for a Alphabet
* implement analyzer interface for gitlab
* generated permissions, added unit test for gitlab analyzer
* revert deletion of scopes.go
* appending domain in resource names
* [chore]
moved expected output of test in json file to neat the code.
* updated the test for gitlab analyzer
to make more unique FullyQualifiedName, Ids are added for resources.
* remove unnecessary metadata field and fix github -> gitlab
* extract user id from access token json, make user as resource
* link analyzer with gitlab v2 detector
* fixed code breaking changes due to analyzer protobuf removal.
---------
Co-authored-by: Abdul Basit <abasit@folio3.com>
* Implemented gitlab inclusion globbing.
Included test.
* implemented two new flags for gitlab scan, includeRepo and excludeRepo to support globbing.
Apply globbing filter when repos is not provided.
* implemented integration test for inclusion globbing
remove test to check errors if globs are invalid.
* made changes to support glob compile errors.
modified changes to support glob compilation errors.
* removed unused context from few functions.
This PR implements global log redaction for the credentials of most other source types. It doesn't redact for sources that don't load their credentials with Init as a way to keep the PR simple - we can do those separately.
Some source use client libraries that can emit errors that contain sensitive information - in particular, git-facing libraries that embed tokens into repository URLs. This PR introduces a way of redacting them - starting with GitLab (where we've seen this most recently), but in theory extensible to other sources as needed.
This implementation uses a custom zap core; this might also be possible with a custom zap encoder, but I didn't test it out.
(The deleted core.go file was entirely unused.)
* Handle custom detector response and include in extra data
* Added todo
* fixed panic
* simplicity is always good
* limit the response to 200 chars
* results should print now in output
Result.DecoderType is only ever used by ResultWithMetadata (via its embedded Result). This unnecessarily complicates the relationship between the types and adds some warts to #3457, so this PR moves DecoderType directly into the only struct which actually uses it.
* Implemented a box detector with test cases.
* corrected comments
* remove generic keyword for box detector
remove PII details of user.
* Added Box Oauth detector
Implemented description for Box detectors.
Separated out test for Box detectors.
* removed user information from ExtraData.
---------
Co-authored-by: 0x1 <13666360+0x1@users.noreply.github.com>
