ahrav
936a139596
Allow using a glob for include list. ( #977 )
...
* Allow using a glob for include list.
* Update command flag.
* Make comment more clear.
* update comment.
* Allow scanning repo and org at the same time.
2022-12-16 13:28:16 -08:00
Gonçalo Silva
e091fab94f
Use Todoist's REST API v2 ( #978 )
...
v1 was deprecated on December 5, 2022.
2022-12-14 16:52:19 -08:00
Miccah
861ad057c7
Implement CustomRegex detector ( #950 )
...
* Remove verifying successRanges because it is unused in webhook
* Move custom_detectors validation code into its own file
* Initial implementation of custom regex detector
Secret verification is done via webhook.
* Add CustomRegex detector type
* Add upper bound to permutation
* Return early if the context is canceled
* Add headers from configuration
* Add detector name as a key in the JSON body
* Implement faster algorithm for productIndices
2022-12-14 10:26:53 -06:00
Bill Rich
36ca2601e0
Add s3 object count to trace logs ( #975 )
...
* Add s3 object count to trace logs
* fix debug level
2022-12-13 16:46:09 -08:00
Miccah
7ac7fdae44
Add more logging for git sources ( #974 )
2022-12-13 17:51:57 -06:00
dependabot[bot]
6dd0441f6c
Bump github.com/envoyproxy/protoc-gen-validate from 0.6.13 to 0.9.1 ( #963 )
...
Bumps [github.com/envoyproxy/protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate ) from 0.6.13 to 0.9.1.
- [Release notes](https://github.com/envoyproxy/protoc-gen-validate/releases )
- [Changelog](https://github.com/bufbuild/protoc-gen-validate/blob/main/.goreleaser.yaml )
- [Commits](https://github.com/envoyproxy/protoc-gen-validate/compare/v0.6.13...v0.9.1 )
---
updated-dependencies:
- dependency-name: github.com/envoyproxy/protoc-gen-validate
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-12 16:02:35 -08:00
dependabot[bot]
a0b8edd987
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.5.1 ( #972 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.4.2 to 5.5.1.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.4.2...v5.5.1 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-12 15:56:26 -08:00
ahrav
26befdd1ec
[bug] - Handle error when scanning s3 bucket. ( #969 )
...
* Handle error when scanning s# bucket.
* move wait outside loop.
* Add logging.
* revert changes.
* remove.
* revert.
2022-12-12 10:10:06 -08:00
dependabot[bot]
4020c4002b
Bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0 ( #973 )
...
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go ) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases )
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.15.0...v0.16.0 )
---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-12 10:09:44 -08:00
dependabot[bot]
aada296ddc
Bump go.mongodb.org/mongo-driver from 1.11.0 to 1.11.1 ( #971 )
...
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver ) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases )
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.11.0...v1.11.1 )
---
updated-dependencies:
- dependency-name: go.mongodb.org/mongo-driver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-12 10:08:52 -08:00
Bill Rich
f3249009f7
Bump github.com/bill-rich/disk-buffer-reader from v0.1.6 to v0.1.7 ( #970 )
2022-12-09 15:52:41 -08:00
dependabot[bot]
544359eee6
Bump github.com/xanzy/go-gitlab from 0.74.0 to 0.76.0 ( #934 )
...
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.74.0 to 0.76.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases )
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.74.0...v0.76.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-09 17:01:27 -06:00
Dustin Decker
7de9bdd12d
Support globbing with ignore repos ( #967 )
2022-12-09 12:10:42 -08:00
ahrav
a72b9feb35
Only scan org with --org flag. ( #931 )
2022-12-06 16:18:48 -08:00
dependabot[bot]
f008d4bead
Bump go.uber.org/zap from 1.23.0 to 1.24.0 ( #955 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.23.0 to 1.24.0.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.23.0...v1.24.0 )
---
updated-dependencies:
- dependency-name: go.uber.org/zap
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 15:38:28 -08:00
dependabot[bot]
6ee3000e53
Bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 ( #954 )
...
Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/go-sql-driver/mysql/releases )
- [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md )
- [Commits](https://github.com/go-sql-driver/mysql/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-sql-driver/mysql
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 15:37:32 -08:00
Pulkit Aggarwal
d96b7f8468
Update Adding_Detectors_external.md ( #957 )
2022-12-06 15:36:55 -08:00
Bill Rich
335ce85ce4
Export line number code ( #962 )
2022-12-06 15:31:15 -08:00
Bill Rich
4e2ce4f6fe
Pre-commit not GH action PR ( #961 )
2022-12-06 14:32:25 -08:00
Bill Rich
33d32d2de4
Don't scan the --since-commit target ( #960 )
2022-12-06 13:24:27 -08:00
Bill Rich
1a1c2e275e
Change chunker test source ( #959 )
...
* Change chunker test source
* Emit chunk if the size isn't 0
2022-12-06 12:45:08 -08:00
Bill Rich
9f99ee470d
Integration test fixes ( #956 )
...
* Adjust repo count for new app
* Fix chunk test count
2022-12-06 08:42:24 -08:00
Dylan Ayrey
c3e596e853
Update README.md ( #952 )
2022-12-02 12:09:25 -08:00
Miccah
2a2bcd93ac
Add CustomRegex validation ( #939 )
...
* Add validation skeleton
* Add custom detector validation with tests
* Validate and test regex vars
* Implement RegexVarString
* Use RegexVarString for validating regex variables
* Add numerics to the regex variable matching
Co-authored-by: hxnyk <8292703+hxnyk@users.noreply.github.com>
2022-12-02 11:26:22 -06:00
Miccah
5a339b0ca1
Add test for configuring custom regex with webhook verification ( #946 )
2022-12-02 11:23:20 -06:00
Bill Rich
3b055ce3f9
Add logger to context ( #947 )
...
* Add logger to context
* Fatal on no org
2022-11-30 11:10:05 -08:00
Bill Rich
c26142d898
Use new diskbufferreader version ( #941 )
2022-11-28 12:22:30 -08:00
Bill Rich
f1ec9e74eb
Close files to clean up tmp files ( #940 )
2022-11-22 13:13:34 -08:00
0xflotus
45ebafff61
fix: small errors ( #917 )
2022-11-22 09:01:52 -08:00
Bill Rich
79cae3b82b
Add newlines when file is split ( #937 )
2022-11-22 09:01:39 -08:00
Dustin Decker
28dd25beeb
S3 scanner improvements ( #938 )
2022-11-21 19:15:26 -08:00
Miccah
4409210b87
Add custom detectors configuration parsing ( #927 )
...
* Add custom_detectors proto
* Generate proto code
* Create custom_detectors package
Also create protoyaml package to test YAML unmarshalling the
configuration.
* Simplify custom_detectors proto by removing connection
* Generate proto code
* Update custom_detectors parsing tests
2022-11-21 15:10:38 -06:00
ahrav
054e98d108
Update slack webhook detector string check ( #932 )
...
* Update slack webhook detector check to text.
* remove redunant slashes.
2022-11-21 10:50:23 -08:00
Jessica
6e25664a52
add rambbitmq detector ( #936 )
...
* add rambbitmq detector
* use fixed length redaction
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2022-11-21 10:47:41 -08:00
Dustin Decker
b45369cdbb
Skip some FTP FPs ( #929 )
2022-11-21 06:52:21 -08:00
Thiago Lages de Alencar
9757c339d9
Fix error message ( #933 )
2022-11-20 05:31:11 -08:00
Dustin Decker
ae4b387448
add LDAP detector ( #896 )
2022-11-18 19:45:11 -08:00
Dustin Decker
b18edef01a
Enable skipping of particular key IDs ( #930 )
...
* Enable skipping of particular key IDs
* update test
2022-11-18 09:09:40 -08:00
Miccah
87e7aa3970
Add warning about using trufflehog as a library ( #928 )
2022-11-18 09:30:51 -06:00
Miccah
b3d3f531a4
Return an error from ReadToMax when it panics ( #925 )
2022-11-16 14:24:05 -06:00
ahrav
eb4ff435a5
Use pointer to type. ( #926 )
2022-11-16 10:36:23 -08:00
ahrav
b8be0a64a8
Use pointer to type. ( #926 )
2022-11-16 10:35:48 -08:00
dependabot[bot]
d3b550a2e3
Bump cloud.google.com/go/secretmanager from 1.8.0 to 1.9.0 ( #906 )
...
Bumps [cloud.google.com/go/secretmanager](https://github.com/googleapis/google-cloud-go ) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.8.0...asset/v1.9.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/secretmanager
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-16 08:48:45 -08:00
dependabot[bot]
e5ba2c9a3c
Bump github.com/getsentry/sentry-go from 0.14.0 to 0.15.0 ( #914 )
...
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go ) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases )
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.14.0...v0.15.0 )
---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-16 08:47:38 -08:00
dependabot[bot]
1228127d12
Bump google-github-actions/auth from 0 to 1 ( #912 )
...
Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth ) from 0 to 1.
- [Release notes](https://github.com/google-github-actions/auth/releases )
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google-github-actions/auth/compare/v0...v1 )
---
updated-dependencies:
- dependency-name: google-github-actions/auth
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-16 08:46:26 -08:00
Miccah
86f9e1288f
Initialize scan options if given a nil pointer ( #924 )
2022-11-15 17:01:59 -06:00
Miccah
696f5c68f4
Log the stack trace and recover object ( #923 )
...
* Log the stack trace and recover object
* Remove stderr log
2022-11-15 16:48:02 -06:00
Jessica
3d501975e4
Add filter as scan option to gitlab module's git scan ( #919 )
2022-11-15 13:02:37 -08:00
Ankush Goel
64cfe4d85e
Update github_old.go ( #916 )
2022-11-15 10:40:55 -08:00
jcastilloixl
741130fb8d
Update README.md ( #920 )
...
Fixing help subcommand reference to be `--help`, not `-h`, which does not work:
```
$ trufflehog git -h
trufflehog: error: unknown short flag '-h', try --help
$ trufflehog --version
trufflehog 3.16.4
```
2022-11-15 10:40:21 -08:00