Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-09-20 22:51:55 +00:00
Code Issues Projects Releases Packages Wiki Activity
1779 commits 123 branches 240 tags 83 MiB
Commit graph

1779 commits

This branch
This branch
All branches
Author SHA1 Message Date
ahrav
936a139596
Allow using a glob for include list. (#977) 
* Allow using a glob for include list.

* Update command flag.

* Make comment more clear.

* update comment.

* Allow scanning repo and org at the same time.
 2022-12-16 13:28:16 -08:00
Gonçalo Silva
e091fab94f
Use Todoist's REST API v2 (#978) 
v1 was deprecated on December 5, 2022.
 2022-12-14 16:52:19 -08:00
Miccah
861ad057c7
Implement CustomRegex detector (#950) 
* Remove verifying successRanges because it is unused in webhook

* Move custom_detectors validation code into its own file

* Initial implementation of custom regex detector

Secret verification is done via webhook.

* Add CustomRegex detector type

* Add upper bound to permutation

* Return early if the context is canceled

* Add headers from configuration

* Add detector name as a key in the JSON body

* Implement faster algorithm for productIndices
 2022-12-14 10:26:53 -06:00
Bill Rich
36ca2601e0
Add s3 object count to trace logs (#975) 
* Add s3 object count to trace logs

* fix debug level
 2022-12-13 16:46:09 -08:00
Miccah
7ac7fdae44
Add more logging for git sources (#974) 2022-12-13 17:51:57 -06:00
dependabot[bot]
6dd0441f6c
Bump github.com/envoyproxy/protoc-gen-validate from 0.6.13 to 0.9.1 (#963) 
Bumps [github.com/envoyproxy/protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate) from 0.6.13 to 0.9.1.
- [Release notes](https://github.com/envoyproxy/protoc-gen-validate/releases)
- [Changelog](https://github.com/bufbuild/protoc-gen-validate/blob/main/.goreleaser.yaml)
- [Commits](https://github.com/envoyproxy/protoc-gen-validate/compare/v0.6.13...v0.9.1)

---
updated-dependencies:
- dependency-name: github.com/envoyproxy/protoc-gen-validate
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-12 16:02:35 -08:00
dependabot[bot]
a0b8edd987
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.5.1 (#972) 
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.5.1.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.4.2...v5.5.1)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-12 15:56:26 -08:00
ahrav
26befdd1ec
[bug] - Handle error when scanning s3 bucket. (#969) 
* Handle error when scanning s# bucket.

* move wait outside loop.

* Add logging.

* revert changes.

* remove.

* revert.
 2022-12-12 10:10:06 -08:00
dependabot[bot]
4020c4002b
Bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0 (#973) 
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-12 10:09:44 -08:00
dependabot[bot]
aada296ddc
Bump go.mongodb.org/mongo-driver from 1.11.0 to 1.11.1 (#971) 
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.11.0...v1.11.1)

---
updated-dependencies:
- dependency-name: go.mongodb.org/mongo-driver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-12 10:08:52 -08:00
Bill Rich
f3249009f7
Bump github.com/bill-rich/disk-buffer-reader from v0.1.6 to v0.1.7 (#970) 2022-12-09 15:52:41 -08:00
dependabot[bot]
544359eee6
Bump github.com/xanzy/go-gitlab from 0.74.0 to 0.76.0 (#934) 
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.74.0 to 0.76.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases)
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.74.0...v0.76.0)

---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-09 17:01:27 -06:00
Dustin Decker
7de9bdd12d
Support globbing with ignore repos (#967) 2022-12-09 12:10:42 -08:00
ahrav
a72b9feb35
Only scan org with --org flag. (#931) 2022-12-06 16:18:48 -08:00
dependabot[bot]
f008d4bead
Bump go.uber.org/zap from 1.23.0 to 1.24.0 (#955) 
Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.23.0 to 1.24.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber-go/zap/compare/v1.23.0...v1.24.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-06 15:38:28 -08:00
dependabot[bot]
6ee3000e53
Bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 (#954) 
Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/go-sql-driver/mysql/releases)
- [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-sql-driver/mysql/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-sql-driver/mysql
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-06 15:37:32 -08:00
Pulkit Aggarwal
d96b7f8468
Update Adding_Detectors_external.md (#957) 2022-12-06 15:36:55 -08:00
Bill Rich
335ce85ce4
Export line number code (#962) 2022-12-06 15:31:15 -08:00
Bill Rich
4e2ce4f6fe
Pre-commit not GH action PR (#961) 2022-12-06 14:32:25 -08:00
Bill Rich
33d32d2de4
Don't scan the --since-commit target (#960) 2022-12-06 13:24:27 -08:00
Bill Rich
1a1c2e275e
Change chunker test source (#959) 
* Change chunker test source

* Emit chunk if the size isn't 0
 2022-12-06 12:45:08 -08:00
Bill Rich
9f99ee470d
Integration test fixes (#956) 
* Adjust repo count for new app

* Fix chunk test count
 2022-12-06 08:42:24 -08:00
Dylan Ayrey
c3e596e853
Update README.md (#952) 2022-12-02 12:09:25 -08:00
Miccah
2a2bcd93ac
Add CustomRegex validation (#939) 
* Add validation skeleton

* Add custom detector validation with tests

* Validate and test regex vars

* Implement RegexVarString

* Use RegexVarString for validating regex variables

* Add numerics to the regex variable matching

Co-authored-by: hxnyk <8292703+hxnyk@users.noreply.github.com>
 2022-12-02 11:26:22 -06:00
Miccah
5a339b0ca1
Add test for configuring custom regex with webhook verification (#946) 2022-12-02 11:23:20 -06:00
Bill Rich
3b055ce3f9
Add logger to context (#947) 
* Add logger to context

* Fatal on no org
 2022-11-30 11:10:05 -08:00
Bill Rich
c26142d898
Use new diskbufferreader version (#941) 2022-11-28 12:22:30 -08:00
Bill Rich
f1ec9e74eb
Close files to clean up tmp files (#940) 2022-11-22 13:13:34 -08:00
0xflotus
45ebafff61
fix: small errors (#917) 2022-11-22 09:01:52 -08:00
Bill Rich
79cae3b82b
Add newlines when file is split (#937) 2022-11-22 09:01:39 -08:00
Dustin Decker
28dd25beeb
S3 scanner improvements (#938) 2022-11-21 19:15:26 -08:00
Miccah
4409210b87
Add custom detectors configuration parsing (#927) 
* Add custom_detectors proto

* Generate proto code

* Create custom_detectors package

Also create protoyaml package to test YAML unmarshalling the
configuration.

* Simplify custom_detectors proto by removing connection

* Generate proto code

* Update custom_detectors parsing tests
 2022-11-21 15:10:38 -06:00
ahrav
054e98d108
Update slack webhook detector string check (#932) 
* Update slack webhook detector check to text.

* remove redunant slashes.
 2022-11-21 10:50:23 -08:00
Jessica
6e25664a52
add rambbitmq detector (#936) 
* add rambbitmq detector

* use fixed length redaction

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2022-11-21 10:47:41 -08:00
Dustin Decker
b45369cdbb
Skip some FTP FPs (#929) 2022-11-21 06:52:21 -08:00
Thiago Lages de Alencar
9757c339d9
Fix error message (#933) 2022-11-20 05:31:11 -08:00
Dustin Decker
ae4b387448
add LDAP detector (#896) 2022-11-18 19:45:11 -08:00
Dustin Decker
b18edef01a
Enable skipping of particular key IDs (#930) 
* Enable skipping of particular key IDs

* update test
 2022-11-18 09:09:40 -08:00
Miccah
87e7aa3970
Add warning about using trufflehog as a library (#928) 2022-11-18 09:30:51 -06:00
Miccah
b3d3f531a4
Return an error from ReadToMax when it panics (#925) 2022-11-16 14:24:05 -06:00
ahrav
eb4ff435a5
Use pointer to type. (#926) 2022-11-16 10:36:23 -08:00
ahrav
b8be0a64a8
Use pointer to type. (#926) 2022-11-16 10:35:48 -08:00
dependabot[bot]
d3b550a2e3
Bump cloud.google.com/go/secretmanager from 1.8.0 to 1.9.0 (#906) 
Bumps [cloud.google.com/go/secretmanager](https://github.com/googleapis/google-cloud-go) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.8.0...asset/v1.9.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/secretmanager
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-16 08:48:45 -08:00
dependabot[bot]
e5ba2c9a3c
Bump github.com/getsentry/sentry-go from 0.14.0 to 0.15.0 (#914) 
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-16 08:47:38 -08:00
dependabot[bot]
1228127d12
Bump google-github-actions/auth from 0 to 1 (#912) 
Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth) from 0 to 1.
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google-github-actions/auth/compare/v0...v1)

---
updated-dependencies:
- dependency-name: google-github-actions/auth
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-16 08:46:26 -08:00
Miccah
86f9e1288f
Initialize scan options if given a nil pointer (#924) 2022-11-15 17:01:59 -06:00
Miccah
696f5c68f4
Log the stack trace and recover object (#923) 
* Log the stack trace and recover object

* Remove stderr log
 2022-11-15 16:48:02 -06:00
Jessica
3d501975e4
Add filter as scan option to gitlab module's git scan (#919) 2022-11-15 13:02:37 -08:00
Ankush Goel
64cfe4d85e
Update github_old.go (#916) 2022-11-15 10:40:55 -08:00
jcastilloixl
741130fb8d
Update README.md (#920) 
Fixing help subcommand reference to be `--help`, not `-h`, which does not work:

```
$ trufflehog git -h
trufflehog: error: unknown short flag '-h', try --help
$ trufflehog --version
trufflehog 3.16.4
```
 2022-11-15 10:40:21 -08:00