Ahrav Dutta
5a2820c164
revert s3 source file
2024-11-06 18:17:29 -08:00
Ahrav Dutta
789bd39255
more testing
2024-11-06 15:54:15 -08:00
Ahrav Dutta
804da8ef55
initial progress tracking logic
2024-11-05 15:54:01 -08:00
Ahrav Dutta
edd9cd523c
updates
2024-11-05 14:06:05 -08:00
Ahrav Dutta
cd3d9d4264
add config option for s3 resumption
2024-11-05 14:03:25 -08:00
renovate[bot]
944d5dcdc2
fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.3.0 ( #3561 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-11-05 11:30:54 -08:00
ahrav
bf89c89e09
[bug] - Correct Line Number Calculation ( #3550 )
...
* correclty report line number
* add addiitonal test cases
2024-11-05 08:53:18 -08:00
Kashif Khan
3f8ddd39a2
set verification error if failed to decode body ( #3560 )
2024-11-05 08:00:54 -08:00
Dustin Decker
5ca4a17a4c
Add owner to github tokens ( #3558 )
2024-11-04 14:43:30 -08:00
ahrav
fa871b0c1e
[feat] - Add Weights and Biases detector ( #3551 )
...
* add Weights and biases detector
* add to default detector list
2024-11-04 10:27:46 -08:00
ahrav
6923843bc4
[chore] - minor cleanup S3 source ( #3554 )
...
* cleanup s3 source
* revert
2024-11-04 08:54:30 -08:00
renovate[bot]
741146f17e
fix(deps): update module github.com/golang-jwt/jwt/v4 to v4.5.1 ( #3555 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-11-03 14:57:15 -08:00
Cody Rose
e6d786a7d9
stop logging all GitLab projects ( #3541 )
...
#3532 stopped logging one huge GItLab slice, but there's a second one! We should stop logging it for the same reason.
2024-11-01 12:27:44 -04:00
renovate[bot]
a63bf95412
fix(deps): update module cloud.google.com/go/storage to v1.46.0 ( #3544 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 18:33:02 -07:00
renovate[bot]
e3c5e2f32f
fix(deps): update module github.com/snowflakedb/gosnowflake to v1.12.0 ( #3531 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 18:24:30 -07:00
renovate[bot]
0f48b680df
fix(deps): update module google.golang.org/api to v0.204.0 ( #3543 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 18:23:40 -07:00
renovate[bot]
2efb9c19db
fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.3 ( #3540 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 09:59:38 -07:00
Kashif Khan
bd5e287425
fixed gitlab extradata overwriting ( #3537 )
2024-10-31 07:14:39 -05:00
renovate[bot]
257413cc86
fix(deps): update module github.com/brianvoe/gofakeit/v7 to v7.1.2 ( #3536 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-30 18:34:56 -07:00
Zachary Rice
4d355d414e
gcp cred not set ( #3535 )
...
* stopgap i guess
* slightly smarter
2024-10-30 16:39:31 -05:00
Zachary Rice
b6ace9d91a
strip symbol and DWARF tables ( #3534 )
2024-10-30 12:51:30 -05:00
Kashif Khan
84ec670228
standardize email pattern ( #3524 )
...
* standardize email pattern
* added email pattern test cases
* added negative test cases for email pattern
2024-10-30 11:39:07 -05:00
Cody Rose
d6ce0f82c3
Add Scanning team to CODEOWNERS ( #3533 )
2024-10-30 10:05:53 -04:00
Cody Rose
65e913e2c8
stop logging detailed group info ( #3532 )
...
Co-authored-by: Abdul Basit <basit.mussani@gmail.com>
2024-10-30 10:04:33 -04:00
Abdul Basit
9b2cef55c0
[analyze] Add Analyzer interface for Gitlab ( #3232 )
...
* implement analyzer interface for gitlab
* generated permissions, added unit test for gitlab analyzer
* revert deletion of scopes.go
* appending domain in resource names
* [chore]
moved expected output of test in json file to neat the code.
* updated the test for gitlab analyzer
to make more unique FullyQualifiedName, Ids are added for resources.
* remove unnecessary metadata field and fix github -> gitlab
* extract user id from access token json, make user as resource
* link analyzer with gitlab v2 detector
* fixed code breaking changes due to analyzer protobuf removal.
---------
Co-authored-by: Abdul Basit <abasit@folio3.com>
2024-10-30 18:46:50 +05:00
Abdul Basit
f4670aaab1
[feat] Gitlab inclusion globbing ( #3500 )
...
* Implemented gitlab inclusion globbing.
Included test.
* implemented two new flags for gitlab scan, includeRepo and excludeRepo to support globbing.
Apply globbing filter when repos is not provided.
* implemented integration test for inclusion globbing
remove test to check errors if globs are invalid.
* made changes to support glob compile errors.
modified changes to support glob compilation errors.
* removed unused context from few functions.
2024-10-30 18:23:34 +05:00
Sahil Silare
e81ff7630c
feat: added v3
API version for the detector captaindatago
( #3484 )
...
* feat: added `v3` API version for the detector `captaindatago`
* chore: renamed captaindata to captaindatav2
* fix: fixed v3 detector to follow new pattern
* feat: added versioner impl
Signed-off-by: Sahil Silare <sahilsilare@gmail.com>
* feat: changed the name from v2 -> v1 and v3 -> v2
Signed-off-by: Sahil Silare <sahilsilare@gmail.com>
---------
Signed-off-by: Sahil Silare <sahilsilare@gmail.com>
Co-authored-by: Kashif Khan <70996046+kashifkhan0771@users.noreply.github.com>
2024-10-30 10:40:49 +05:00
Dustin Decker
0e7bce28e6
update aws descriptions ( #3529 )
2024-10-29 21:10:52 -07:00
Zachary Rice
b44dc24494
enforce timeout on circleci test ( #3528 )
...
* enforce timeout
* bump to 10s, 3s seemed too aggro
2024-10-29 15:59:02 -05:00
Zachary Rice
3e12bcb15c
rm snifftest ( #3527 )
2024-10-29 13:00:00 -05:00
Cody Rose
a136e31d83
Redact more source credentials ( #3526 )
...
This PR implements global log redaction for the credentials of most other source types. It doesn't redact for sources that don't load their credentials with Init as a way to keep the PR simple - we can do those separately.
2024-10-29 12:42:20 -04:00
Cody Rose
f42f63271b
Create global log redaction capability ( #3522 )
...
Some source use client libraries that can emit errors that contain sensitive information - in particular, git-facing libraries that embed tokens into repository URLs. This PR introduces a way of redacting them - starting with GitLab (where we've seen this most recently), but in theory extensible to other sources as needed.
This implementation uses a custom zap core; this might also be possible with a custom zap encoder, but I didn't test it out.
(The deleted core.go file was entirely unused.)
2024-10-29 09:44:07 -04:00
dylanTruffle
fe9cd2675c
Adding basic "what is trufflehog" to the readme ( #3514 )
...
* Update README.md
* Update README.md
* Update README.md
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-10-28 11:26:44 -07:00
Kashif Khan
f164ebcd88
Handle custom detector response and include in extra data ( #3411 )
...
* Handle custom detector response and include in extra data
* Added todo
* fixed panic
* simplicity is always good
* limit the response to 200 chars
* results should print now in output
2024-10-28 13:09:14 -05:00
Sahil Silare
c6aa491201
fix: fixed validation logic for calendarific
( #3480 )
2024-10-28 11:26:14 -05:00
renovate[bot]
fa9c4421dc
fix(deps): update github.com/tailscale/depaware digest to 3d7f3b3 ( #3518 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-28 09:23:23 -07:00
Cody Rose
ad15888a33
Move DecoderType into ResultWithMetadata #3502
...
Result.DecoderType is only ever used by ResultWithMetadata (via its embedded Result). This unnecessarily complicates the relationship between the types and adds some warts to #3457 , so this PR moves DecoderType directly into the only struct which actually uses it.
2024-10-28 12:20:42 -04:00
Kashif Khan
97fac39885
Addeded 403 account block status code handling for gitlab ( #3471 )
...
* Addeded 403 account block status code handling for gitlab
* resolved comments
* removed unmarshalling logic
2024-10-28 11:12:30 -05:00
Kashif Khan
6a367ab763
updated gcpapplicationdefaultcredentials detector results with RawV2 ( #3499 )
...
* updated results with RawV2
* censored the refresh token in result
2024-10-28 08:35:04 -05:00
renovate[bot]
03d999caf5
fix(deps): update module github.com/brianvoe/gofakeit/v7 to v7.1.1 ( #3512 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-26 07:49:46 -07:00
renovate[bot]
ceb6e8f400
fix(deps): update module github.com/schollz/progressbar/v3 to v3.17.0 ( #3510 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-26 07:49:12 -07:00
renovate[bot]
0e03eca376
fix(deps): update module cloud.google.com/go/secretmanager to v1.14.2 ( #3498 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-26 07:48:33 -07:00
Zachary Rice
e5d138d824
Adds a logging section in the contributing guidelines ( #3509 )
...
* adding logging section in contrib doc
* sample line
* Space
2024-10-25 12:11:14 -05:00
Sahil Silare
b48f748be0
fix: fixed verifcation pattern logic for bulksms
( #3478 )
...
* fix: fixed verifcation pattern logic for `bulksms`
* fix: addressed review comments
* fix: added check to break the loop if a combination matches
* fix: fixed key verification logic
Signed-off-by: Sahil Silare <sahilsilare@gmail.com>
---------
Signed-off-by: Sahil Silare <sahilsilare@gmail.com>
2024-10-25 10:47:06 +05:00
Helio Machado
9cf0a4cb28
Extend algoliaadminkey
with additional checks ( #3459 )
2024-10-24 14:16:43 -05:00
renovate[bot]
0199e25a60
fix(deps): update module google.golang.org/api to v0.203.0 ( #3497 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-24 10:44:43 -07:00
Sahil Silare
1aa1871f9a
fix: added correct api endpoint for verification & logic for Aeroworkflow ( #3435 )
...
* fix: added correct api endpoint for verification
* fix: fixed pattern detection logic in aeroworkflow
2024-10-24 12:16:39 -05:00
ahrav
01a2a4a3cc
remove debug log ( #3505 )
2024-10-24 09:40:23 -07:00
Cody Rose
4cc10d3da1
delete unused code ( #3504 )
2024-10-24 10:59:30 -05:00
Sahil Silare
c37edcd72e
fix: added correct verification endpoint & validation logic for alegra ( #3437 )
...
* fix: added correct verification endpoint for alegra
* fix: fixed email regex
* fix: added correct tests and validation
* fix: fixed alegra tests
2024-10-24 17:13:14 +05:00