Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-13 00:17:18 +00:00
Code Issues Projects Releases Packages Wiki Activity
1557 commits 140 branches 258 tags 164 MiB
Commit graph

1557 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jeff Wenzbauer
4a3bba78cc
Update github action to support generic cli command input (#670) 
* Update github action to support generic cli command input

* revert removal of inputs

* echo in entrypoint

* test custom docker image

* revert docker image reference
 2022-08-01 15:05:08 -07:00
dependabot[bot]
dc516933f3
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 (#669) 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-28 16:26:13 -07:00
dependabot[bot]
ff8cf8fa09
Bump github.com/aws/aws-sdk-go from 1.44.56 to 1.44.61 (#668) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.56 to 1.44.61.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.56...v1.44.61)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-28 16:15:42 -07:00
Dustin Decker
5b7eff5c57
Improve test filtering in Makefile (#673) 2022-07-28 13:27:57 -07:00
ahrav
21e1ff4a8a
Fix the order to correctly match the params in NewGit. (#676) 2022-07-28 13:23:45 -07:00
Adrian Gąsior
0752503872
refactor: improved Dockerfile (#672) 2022-07-26 13:43:42 -07:00
Ariel Ril
4b0315c90a
added support for gitlab subgroups (#664) 2022-07-26 13:37:37 -07:00
trufflesteeeve
176552b07a
Fix commit attribution, git tests, and run make protos (#667) 
* Update dependency to fix commit attribution, fix git tests

* Run make protos to match code with current proto definitions
 2022-07-25 11:44:15 -04:00
Ariel Ril
2515fbeebe
added http protocol support for gitlab repositories (#662) 2022-07-20 10:35:24 -07:00
trufflesteeeve
3b655870c4
Update gitleaks to custom8 (#663) 2022-07-20 13:31:01 -04:00
dependabot[bot]
910072d89f
Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.0.4 to 2.1.0 (#661) 
Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation) from 2.0.4 to 2.1.0.
- [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases)
- [Commits](https://github.com/bradleyfalzon/ghinstallation/compare/v2.0.4...v2.1.0)

---
updated-dependencies:
- dependency-name: github.com/bradleyfalzon/ghinstallation/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-18 17:04:12 -07:00
dependabot[bot]
33a7ccbb91
Bump github.com/xanzy/go-gitlab from 0.65.0 to 0.69.0 (#660) 
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.65.0 to 0.69.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases)
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.65.0...v0.69.0)

---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-18 17:02:27 -07:00
dependabot[bot]
175306d88d
Bump github.com/aws/aws-sdk-go from 1.44.51 to 1.44.56 (#659) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.51 to 1.44.56.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.51...v1.44.56)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-18 17:01:37 -07:00
trufflesteeeve
20051e7ec1
Add SlackTokens option for slack credentials (#647) 2022-07-18 14:51:27 -04:00
trufflesteeeve
96106563a9
Remove git fragment trace (#656) 
The fragment trace was a bit too verbose even at the trace level. We may
want to trace the file being chunked or something like that, but not the
entire diff.
 2022-07-14 13:13:23 -04:00
Dustin Decker
2741fd8387
Add codeowners file (#653) 2022-07-12 18:06:35 -07:00
Dustin Decker
2d3ddad076
Pr/589 (#654) 
* added common regex patterns for detectors

* For HexPattern

* enhancements

* used parseInt

* enhancement

* enhanced regex for email and subdomain

* enhancement for email pattern

* update pattern and detector

Co-authored-by: Roxanne Tampus <roxannetampus02@gmail.com>
 2022-07-12 08:34:02 -07:00
dependabot[bot]
3053169a0d
Bump github.com/aws/aws-sdk-go from 1.44.49 to 1.44.51 (#648) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.49 to 1.44.51.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.49...v1.44.51)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-11 09:03:51 -07:00
roxanne-tampus
e9f503a083
added new detectors (#639) 
* added new detectors

* added gemini
 2022-07-08 08:19:03 -07:00
Dustin Decker
c2426df4d6
Disable sentiment verifier and update teams webhook to avoid being stateful (#646) 2022-07-07 16:55:45 -07:00
Miccah
c4ca7d7c8b
Mark detector tests with a build flag (#613) 2022-07-07 10:27:21 -07:00
dependabot[bot]
721a33ee09
Bump github.com/rs/zerolog from 1.26.1 to 1.27.0 (#621) 
Bumps [github.com/rs/zerolog](https://github.com/rs/zerolog) from 1.26.1 to 1.27.0.
- [Release notes](https://github.com/rs/zerolog/releases)
- [Commits](https://github.com/rs/zerolog/compare/v1.26.1...v1.27.0)

---
updated-dependencies:
- dependency-name: github.com/rs/zerolog
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-07 10:19:48 -07:00
dependabot[bot]
d1cb7e6f83
Bump github.com/aws/aws-sdk-go from 1.44.20 to 1.44.49 (#645) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.20 to 1.44.49.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.20...v1.44.49)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-07 10:19:30 -07:00
dependabot[bot]
7d97119bae
Bump cloud.google.com/go/secretmanager from 1.4.0 to 1.5.0 (#641) 
Bumps [cloud.google.com/go/secretmanager](https://github.com/googleapis/google-cloud-go) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/dlp/v1.4.0...redis/v1.5.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/secretmanager
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-07 10:16:27 -07:00
dependabot[bot]
2bbc264891
Bump github.com/stretchr/testify from 1.7.2 to 1.8.0 (#642) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.2...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-07 10:15:47 -07:00
Miccah
8e6289e70c
Test numeric password redaction (#644) 2022-07-07 10:13:50 -07:00
ahrav
5ac54ac107
[THOG-531] - remove ending word boundary AWS detector (#637) 
* Remove the ending word boundary for the AWS dectector. This will prevent missing secrets that end with / due to it not being ASCII.

* Update regex to be more strict.
 2022-07-07 10:10:33 -07:00
Dustin Decker
db7045acb1
Update go-gitdiff dependency to fix hanging issue (#632) 2022-06-24 14:11:35 -07:00
Dustin Decker
85ed11519f
fix npd for incompatible sources on json legacy output (#623) 2022-06-21 09:50:55 -07:00
trufflesteeeve
d1a81afbb5
Only include one result per AWS Key ID, preferably verified (#619) 
Also ignore unverified results that match hashes, because they are
probably just hashes.
 2022-06-17 16:22:36 -04:00
trufflesteeeve
e793f4a5e6
Properly count the number of repos after a github scan resume (#625) 2022-06-17 16:21:22 -04:00
trufflesteeeve
10f4d02c31
Allow gitlab to resume from encoded resume info (#611) 2022-06-17 11:45:17 -04:00
Dustin Decker
ffacaa1816 replace dependency with patched version 2022-06-14 21:17:26 -07:00
Dustin Decker
2527ee26e6 improve zombie fix 2022-06-14 20:21:39 -07:00
Dustin Decker
423040f80b upgrade dependency 2022-06-13 23:48:22 -07:00
Dustin Decker
2f006f5590 fix dockerfiles 2022-06-13 19:45:24 -07:00
Dustin Decker
0570e0fea4 bump dependency 2022-06-13 18:56:22 -07:00
Dustin Decker
2178f1f42e reword and fix error logging 2022-06-13 16:14:22 -07:00
trufflesteeeve
e123e9f177
Cleanup individual repositories after scanning (#614) 2022-06-10 14:00:50 -04:00
Dustin Decker
9bcddbc45a
Change GHE org enum to use since ID instead of pages (#618) 
* Change GHE org enum to use since ID instead of pages

* fix logging
 2022-06-09 15:09:13 -07:00
trufflesteeeve
26bf1664eb
Move aws detector back to ID checking against secrets, make ID the redacted secret (#617) 2022-06-09 15:06:08 -07:00
Dustin Decker
8051b03bbf
improve debug logging for GHE enum (#615) 2022-06-08 13:56:07 -07:00
Dustin Decker
1a12a25f4d
Enumerate all visible orgs in GHE (#612) 2022-06-07 09:24:31 -07:00
Dustin Decker
e3bbf293e2
Fix NPD on mutex (#609) 
* Fix NPD on mutex

* fix test
 2022-06-06 17:20:27 -07:00
Miccah
9074006695
Fix bug in GitHub unit test mocking (#608) 2022-06-06 16:58:34 -07:00
dependabot[bot]
56c8717e2f
Bump github.com/stretchr/testify from 1.7.1 to 1.7.2 (#606) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-06 15:19:47 -07:00
trufflesteeeve
fd79a367f1
Allow github to resume from encoded resume info (#601) 2022-06-06 12:08:57 -04:00
ahrav
59fc54b94a
[Thog-441] create public event monitoring source (#599) 
* Add source for public event monitoring.

* Update protos.

* Add source for public event monitoring.

* Update metadata.

* Update proto.

* Update proto.

* Update pb files.
 2022-06-03 14:46:31 -07:00
Miccah
fc18a5ae0c
Bug fix and add authentication in shallow clone (#595) 2022-05-31 20:45:28 -05:00
Miccah
d7d5db9e78
Replace AccessToken protobuf with a simpler string type (#594) 2022-05-31 14:28:07 -05:00