trufflehog

mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-14 00:47:21 +00:00

Author	SHA1	Message	Date
Yassine Ilmi	d382d5cb1c	Add OpenAI API Tokens detector (#1142 ) * Add OpenAI Detector * Add OpenAI Detector tests * Add OpenAI Detector to defaults.go * Removing references to github detector in tests	2023-03-16 17:58:22 -07:00
ahrav	c617bd7a4e	Add resuming capability to GCS source (#1161 ) * Add resuming capability to GCS source. * Handle no auth scans. * complete resume logic * Use custom function type. * remove functions. * linter. * fix test. * fix test. * Handle concurrent map writes. * use string as CLI flag for include/exclude. * handle emtpy buckets. * Handle enumeration on initial job run. * Rename stats to attributes. * remove redundant return. * If test fails due to 400, that is fine, it's expected. * Add unauth GCS source type. * comments. * update proto. * Use short flag. * address comments.	2023-03-16 17:53:42 -07:00
ahrav	6193509098	add support for json service account and service account file. (#1185 )	2023-03-16 13:04:36 -07:00
raju-kamble	3c1bb45bfb	updating browserstack detector user and key PrefixRegex strings (#1176 ) Co-authored-by: raju-bs <raju@browserstack.com>	2023-03-16 08:41:29 -07:00
Miccah	0fe9bf0868	Ignore errors from CustomRegex so the channel doesn't leak (#1149 )	2023-03-15 17:26:03 -05:00
Zachary Rice	f0b6b5d0d9	add a break statement when iterating through keywords (#1184 )	2023-03-15 16:51:03 -05:00
Miccah	ef9488c77d	[chore] Log git output on error (#1180 )	2023-03-15 15:32:29 -05:00
dependabot[bot]	e105126227	Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#1182 ) Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.29.0 to 1.29.1. - [Release notes](https://github.com/protocolbuffers/protobuf-go/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash) - [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.29.0...v1.29.1) --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-15 12:56:22 -07:00
Tim Walter	a7abd6231d	Fix git commit date string formatting (#1181 )	2023-03-14 22:39:12 -05:00
ahrav	17e8d7030e	Add unauth GCS source type. (#1178 )	2023-03-13 16:54:45 -07:00
dependabot[bot]	af24d36ce8	Bump github.com/xanzy/go-gitlab from 0.80.2 to 0.81.0 (#1172 ) Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.80.2 to 0.81.0. - [Release notes](https://github.com/xanzy/go-gitlab/releases) - [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go) - [Commits](https://github.com/xanzy/go-gitlab/compare/v0.80.2...v0.81.0) --- updated-dependencies: - dependency-name: github.com/xanzy/go-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-13 10:59:49 -05:00
dependabot[bot]	597b618fd9	Bump github.com/fatih/color from 1.13.0 to 1.15.0 (#1174 ) Bumps [github.com/fatih/color](https://github.com/fatih/color) from 1.13.0 to 1.15.0. - [Release notes](https://github.com/fatih/color/releases) - [Commits](https://github.com/fatih/color/compare/v1.13.0...v1.15.0) --- updated-dependencies: - dependency-name: github.com/fatih/color dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-13 09:49:18 -05:00
dependabot[bot]	8076067b30	Bump github.com/googleapis/gax-go/v2 from 2.7.0 to 2.7.1 (#1171 ) Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go) from 2.7.0 to 2.7.1. - [Release notes](https://github.com/googleapis/gax-go/releases) - [Commits](https://github.com/googleapis/gax-go/compare/v2.7.0...v2.7.1) --- updated-dependencies: - dependency-name: github.com/googleapis/gax-go/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-13 09:47:50 -05:00
Dustin Decker	585bd82d47	update integration test excludes (#1169 )	2023-03-10 14:41:29 -08:00
trufflesteeeve	2b1c42ceb1	Make slack webhook detector regex more specific (#1168 ) * Make slack webhook detector regex more specific * fixup - add better body contains check	2023-03-10 14:01:10 -08:00
Dylan Ayrey	2f61e4f5aa	Update README.md	2023-03-09 08:18:49 -08:00
ahrav	cbf299aa77	Add gcs scanning integration (#1153 ) * Setup for GCS scanning. * Update GCS engine w/ projectID req. * Add concurrency field to gcsManager. * add errgroup to gcsManager. * Update gcs manager. * Use defautl ADC. * use ADC.' * Add TOOD. * add log to iterator completion. * use a BinaryReader instead of concrete object for channel type. * initial test for Chunks. * Add tests for chunking objects. * Add concurrency. * update metadata to include content type and acls. * Add object reading code. * Add integration test. * Add entrypoint. * Add removed wg.Wait(). * remove dead code. * remove build. * Remove period from file extension. * remove used. * Add comment. * Setup for GCS scanning. * Update GCS engine w/ projectID req. * Add concurrency field to gcsManager. * add errgroup to gcsManager. * Update gcs manager. * Use defautl ADC. * use ADC.' * Add TOOD. * add log to iterator completion. * use a BinaryReader instead of concrete object for channel type. * initial test for Chunks. * Add tests for chunking objects. * Add concurrency. * update metadata to include content type and acls. * Add object reading code. * Add integration test. * Add entrypoint. * Add removed wg.Wait(). * remove dead code. * remove build. * remove used. * Add file type for objects. * Add check for file type and size. * Add default file size. * Add additinoal auth options and remaining CLI flags. * Handle errors in go routines. * Handle resuming for buckets. * Remove redundant words in comment. * remove ok check on bool check. * remove extra blank line. * Add return if handler handles chunk. * Add comment. * remove extra blank line. * cleanup comment. * Add comment. * move up fxn. * go mod tidy. * Add exclusion to perf testing buckets. * Handle blocking the channel. * remove unused const. * fix tests. * fix tests. * Handle gcs manger options better. * update fxn name. * Remove arg name. * ignore buckets in gcsManager test. * fix test. * propulate gsManagerOpts. * inline err check. * Add readme. * update readme spelling. * fix test.	2023-03-07 17:32:04 -08:00
dependabot[bot]	3fdef756f2	Bump github.com/getsentry/sentry-go from 0.18.0 to 0.19.0 (#1157 ) Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.18.0 to 0.19.0. - [Release notes](https://github.com/getsentry/sentry-go/releases) - [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-go/compare/v0.18.0...v0.19.0) --- updated-dependencies: - dependency-name: github.com/getsentry/sentry-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-07 10:41:16 -08:00
dependabot[bot]	638ff804f1	Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.1.0 to 2.2.0 (#1148 ) Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases) - [Commits](https://github.com/bradleyfalzon/ghinstallation/compare/v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: github.com/bradleyfalzon/ghinstallation/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-06 17:07:44 -08:00
dependabot[bot]	d5cbd7b999	Bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.0 (#1147 ) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.5.2 to 5.6.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.5.2...v5.6.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-06 17:07:14 -08:00
dependabot[bot]	c8077145d5	Bump golang.org/x/crypto from 0.6.0 to 0.7.0 (#1158 ) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/golang/crypto/releases) - [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.7.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-06 16:11:59 -08:00
ahrav	5c99a1e754	Remove period from file extension (#1154 ) * Remove period from file extension. * Add comment.	2023-03-06 14:49:16 -08:00
Miccah	e6846ede54	Support filtering detectors by version (#1150 ) * Adjust types to use DetectorID struct * Parse versions with detector include and exclude input * Update detectors filter to use version Co-authored-by: steeeve <steve@trufflesec.com> * Implement Versioner for github, gitlab, and npm detectors Co-authored-by: steeeve <steve@trufflesec.com> --------- Co-authored-by: steeeve <steve@trufflesec.com>	2023-03-02 16:33:56 -06:00
Dustin Decker	4500ac3b10	Release should only run on tags (#1146 )	2023-03-02 09:57:38 -08:00
Zachary Rice	4777b77ec6	Keyword optimization (#1144 ) * init * ignore trufflehog binary and added comment * remove unused keywords in chunk, better comment * remove keywords from engine struct	2023-03-02 11:32:37 -06:00
zhuwenxing	c72840de67	Rename .pre-commit-hooks.yml to .pre-commit-hooks.yaml (#1141 ) Signed-off-by: zhuwenxing <wenxing.zhu@zilliz.com>	2023-03-01 09:00:12 -08:00
ahrav	aa47e5e248	Only scanned staged git changes. (#1143 )	2023-03-01 08:58:36 -08:00
Yassine Ilmi	0cf9139df6	Disable profiler in debug mode and add profile switch (#1136 )	2023-02-28 12:49:54 -08:00
ahrav	86370333ec	Add pre-commit yml config (#1138 ) * Add pre-commit yml config. * Add --fail flag.	2023-02-28 11:31:24 -08:00
dependabot[bot]	64c163cd90	Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#1130 ) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-28 08:46:04 -08:00
Miccah	3870be256c	Close response bodies (#1137 )	2023-02-28 10:43:00 -06:00
ah̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d	2315192fda	Custom regex parallel verify (#1127 ) * Refactor generating CustomRegex results into a helper function * Added errGroup for createResults, and ensure goroutines are non-blocking * clean return --------- Co-authored-by: Miccah Castorina <m.castorina93@gmail.com>	2023-02-28 11:12:24 -05:00
Miccah	6209a80ce1	[chore] Address more linter errors (#1134 ) * Address lint errors in detectors * Update deprecated ioutil call	2023-02-28 10:00:41 -06:00
Miccah	4efe5313f4	[chore] Address lint errors (#1133 ) * Update strings.Title to cases.Title * Migrate go-genproto to google-cloud-go See: https://github.com/googleapis/google-cloud-go/blob/main/migration.md * Check error in test * Check error from sem.Acquire * Remove unused code	2023-02-27 21:03:47 -06:00
Miccah	7373954ddf	[chore] Update docs for individual file scanning (#1132 )	2023-02-27 21:03:19 -06:00
Miccah	d2d03426ed	Implement String for ScanErrors (#1131 ) This will concatenate all errors together into a single string. When possible, it would be better to log the actual errors slice to take advantage of structured logging.	2023-02-27 21:02:59 -06:00
Miccah	dd39848709	Add ability to include and exclude detectors (#1106 ) * Add ability to include and exclude detectors * Trim space before checking for empty items * Explicitly check for integer overflow * Use strconv.ParseInt instead of strconv.Atoi * Address comments	2023-02-27 16:46:45 -06:00
Miccah	c5b4d6f28b	Support file scanning in filesystem source (#1030 ) * Rename directories to paths * Generate protos * Add file scanning support to filesystem source * Add directories back to filesystem proto * Generate protos * Combine paths and directories from in source * Add filesystem filter * Address comments	2023-02-27 12:15:05 -06:00
Bill Rich	ae2d510ced	Gitparse message fix (#1125 ) * Fix messages being reused * Add comment about change.	2023-02-23 15:20:54 -08:00
dependabot[bot]	05f6bd369f	Bump github.com/xanzy/go-gitlab from 0.78.0 to 0.80.2 (#1117 ) Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.78.0 to 0.80.2. - [Release notes](https://github.com/xanzy/go-gitlab/releases) - [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go) - [Commits](https://github.com/xanzy/go-gitlab/compare/v0.78.0...v0.80.2) --- updated-dependencies: - dependency-name: github.com/xanzy/go-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-22 09:33:16 -08:00
raju-kamble	d151c1363e	fixing browserstack regex username detection (#1123 )	2023-02-22 08:17:48 -08:00
ah̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d	ee5b028c67	Adding initial protos for Google Drive scanner (#1121 )	2023-02-22 10:04:46 -05:00
dependabot[bot]	38562df0f6	Bump github.com/rabbitmq/amqp091-go from 1.6.0 to 1.7.0 (#1103 ) Bumps [github.com/rabbitmq/amqp091-go](https://github.com/rabbitmq/amqp091-go) from 1.6.0 to 1.7.0. - [Release notes](https://github.com/rabbitmq/amqp091-go/releases) - [Changelog](https://github.com/rabbitmq/amqp091-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/rabbitmq/amqp091-go/compare/v1.6.0...v1.7.0) --- updated-dependencies: - dependency-name: github.com/rabbitmq/amqp091-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-21 15:36:46 -08:00
dependabot[bot]	4f0e66f064	Bump github.com/TheZeroSlave/zapsentry from 1.12.0 to 1.14.0 (#1118 ) Bumps [github.com/TheZeroSlave/zapsentry](https://github.com/TheZeroSlave/zapsentry) from 1.12.0 to 1.14.0. - [Release notes](https://github.com/TheZeroSlave/zapsentry/releases) - [Commits](https://github.com/TheZeroSlave/zapsentry/compare/v1.12.0...v1.14.0) --- updated-dependencies: - dependency-name: github.com/TheZeroSlave/zapsentry dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-21 15:36:16 -08:00
dependabot[bot]	0b4e3a66b1	Bump go.mongodb.org/mongo-driver from 1.11.1 to 1.11.2 (#1119 ) Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.11.1 to 1.11.2. - [Release notes](https://github.com/mongodb/mongo-go-driver/releases) - [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.11.1...v1.11.2) --- updated-dependencies: - dependency-name: go.mongodb.org/mongo-driver dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-21 15:35:53 -08:00
dependabot[bot]	a293033386	Bump golang.org/x/net from 0.6.0 to 0.7.0 (#1122 ) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/golang/net/releases) - [Commits](https://github.com/golang/net/compare/v0.6.0...v0.7.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-21 15:35:21 -08:00
raju-kamble	d20f43b5c6	fix browserstack detector (#1120 ) * fixing browserstack regex username detection * fixing browserstack regex username detection * fixing browserstack regex username detection * fix patterns * fix patterns --------- Co-authored-by: raju-bs <raju@browserstack.com> Co-authored-by: Dustin Decker <dustin@trufflesec.com>	2023-02-21 15:33:16 -08:00
dependabot[bot]	9ef9e9870d	Bump golang.org/x/oauth2 from 0.4.0 to 0.5.0 (#1116 ) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.4.0 to 0.5.0. - [Release notes](https://github.com/golang/oauth2/releases) - [Commits](https://github.com/golang/oauth2/compare/v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-21 13:42:36 -08:00
Bill Rich	f1582aafa9	Drop tabs for filenames with spaces (#1115 )	2023-02-16 17:15:32 -08:00
Bill Rich	9158dcaa80	Correctly parse most filenames with ' and ' (#1113 )	2023-02-16 14:11:35 -08:00

... 3 4 5 6 7 ...

2108 commits