Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-09-21 07:01:56 +00:00
Code Issues Projects Releases Packages Wiki Activity
2590 commits 123 branches 240 tags 83 MiB
Commit graph

2590 commits

This branch
This branch
All branches
Author SHA1 Message Date
Corben Leo
4cb67a571d
Detector-Competition-Feat: Add Privacy.com API key detector (#1888) 
* Detector-Competition-Feat: Add Privacy.com API key detector

* Detector-Competition-Feat: Add Privacy.com API key detector

* cleanup: fix prefix
 2023-10-20 08:45:16 -05:00
Cody Rose
7ac7fa8728
Move Github comments check to fix a test #1927 2023-10-19 19:23:55 -04:00
Richard Gomez
4b821e9732
Handle secondary GitHub ratelimits (#1912) 
* fix(github): reduce visibility-related api calls

* fix(github): handle secondary ratelimits
 2023-10-19 14:54:45 -04:00
Miccah
758344711a
Export ChunkError fields and add ErrorsFor convenience method (#1920) 2023-10-19 08:46:49 -07:00
Corben Leo
8058006a92
Detector-Competition-Fix: Fix plaid.com API key detection (#1916) 
* Detector-Competition-Fix: Fix plaid.com API key detection

* Detector-Competition-Fix: Fix plaid.com API key detection

* Update plaidkey_test.go

hardcode dev

---------

Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
 2023-10-19 10:46:04 -05:00
ahrav
3d7207ddd5
update regex (#1919) 2023-10-19 07:20:35 -07:00
Richard Gomez
b57b1c1aa7
feat(voiceflow): basic detector (#1900) 2023-10-18 16:17:11 -05:00
Damanpreet Singh
a354cbd796
Fix for #1526: Update Posthog detector (#1910) 2023-10-18 15:21:59 -05:00
Miccah
23ae970bb0
Add generic glob filter (#1858) 
* Add generic glob filter

* Make nil filters safe

* Include glob in error

* Use better example for exclude and include test

* Allow user to configure the ambiguous case

* Rename Pass to ShouldInclude and invert logic

* Test default *Filter and Filter have the same behavior of allow

* Add property based tests

* Remove configuration for the not found ambiguous case
 2023-10-18 11:48:31 -07:00
Dustin Decker
93cf523760
Tighten up regex for twist detector (#1908) 2023-10-18 09:17:31 -07:00
Damanpreet Singh
b9f49933b8
Added Support for '-h' Option for Help Documentation (#1901) 2023-10-18 06:57:05 -07:00
Richard Gomez
b46fb75c73
feat(git): only generate line numbers > 0 (#1898) 2023-10-18 06:53:58 -07:00
Richard Gomez
6ea3a7da4a
fix(github): normalize repo cache (#1897) 2023-10-17 15:07:47 -07:00
Shreyas Sriram
7f534d0bb7
Fix off by one (#1891) 2023-10-17 07:02:27 -07:00
Miccah
d4d4d0ec9a
Add ShannonEntropy test for an empty string (#1893) 2023-10-16 13:50:28 -07:00
Miccah
03dc7cb68d
[chore] Add SourceUnitEnumChunker filesystem tests (#1873) 
* [chore] Add SourceUnitEnumChunker filesystem tests

* Ensure reported units are exactly what is expected
 2023-10-16 10:42:18 -07:00
Corben Leo
072e1f9dcf
Detector-Competition-Fix: Add Personal Access Tokens (API Tokens Depr… (#1871) 
* Detector-Competition-Fix: Add Personal Access Tokens (API Tokens Depreciation)

* fix(test): fix test debug msg

* remove print
 2023-10-16 08:17:12 -05:00
ahrav
5c721d1a73
[bug] - Don't modify global client var (#1890) 
* Create a new client within the verify block

* remove unused var
 2023-10-13 12:32:21 -07:00
s.shivasurya
040167178c
added cody gateway token detection code (#1883) 
* added cody gateway token detection code

* resolved conflict
 2023-10-13 09:09:04 -06:00
dependabot[bot]
6f00541205
Bump golang.org/x/net from 0.15.0 to 0.17.0 (#1886) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.15.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-11 17:26:00 -06:00
Corben Leo
ae3a5d1202
Detector-Competition-Feat: Add Klaviyo API Secret Detector (#1870) 
* Detector-Competition-Feat: Add Klaviyo API Secret Detector

* fix(error): add s1.VerificationError and remove specific code check.

* fix(error): add s1.VerificationError and remove specific code check.
 2023-10-11 08:35:04 -06:00
Dustin Decker
52ed87edb7
Add an option to filter unverified results using shannon entropy (#1875) 
* Add an option to filter unverified results using shannon entropy

* lint

* add test, update test, and optimize
 2023-10-08 19:52:28 -07:00
Miccah
f09bce3f75
[chore] Fix flaky TestJobProgressElapsedTime (#1872) 2023-10-06 17:05:05 -07:00
Dustin Decker
22ee2c5b07
Tighten up keywords (#1874) 2023-10-06 16:28:51 -07:00
Corben Leo
77a82847af
Detector-Competition-Fix: fix notion.so false negative verification (#1866) 
* Detector-Competition-Fix: fix notion.so false negative verification

* Detector-Competition-Fix: fix notion.so verification
 2023-10-05 12:27:06 -05:00
Corben Leo
179a7e4cbc
Detector-Competition-New: add anthropic api key detector (#1861) 
* feat(anthropic): add anthropic api key detector

* Detector-Competition-Fix: fix remove debug println
 2023-10-05 11:34:40 -05:00
Corben Leo
bf1cce43e5
Detector-Competition-New: add ramp.com client id & secret detector (#1862) 2023-10-05 09:40:30 -05:00
ahrav
3d2490ca80
use Repositories field from conn. (#1860) 2023-10-04 13:56:02 -07:00
Miccah
273f1077af
Add include and ignore list to Artifactory (#1857) 
* Add include and ignore list to Artifactory proto

* Generate protos
 2023-10-03 16:48:30 -07:00
ahrav
cee456f484
support insecure TLS for Jira and Jenkins (#1856) 
* support insecure TLS for Jira and Jenkins

* lint
 2023-10-03 09:55:38 -07:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
8d2d8c8395
add tristate verification to postman (#1837) 2023-10-03 12:38:43 -04:00
Hon Kwok
4598244167
Use placeholder as default if field left empty and is required (#1642) 
* Use placeholder as default if field left empty and is required

Co-authored-by: mcastorina <m.castorina93@gmail.com>

* Drop unused func

* uncomment azure source

* update wording

---------

Co-authored-by: mcastorina <m.castorina93@gmail.com>
 2023-10-02 17:21:40 -07:00
Dylan Ayrey
de535071e1
implemented planet scale creds (passwords and API keys) (#1841) 
* implemented planet scale creds (passwords and API keys)

* Add timeout, fix tests, fix indeterminate

---------

Co-authored-by: counter <counter@counters-MacBook-Air.local>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2023-10-02 14:00:36 -07:00
Dylan Ayrey
f13fe36ae2
adding azure storage detector (#1840) 
* adding azure storage detector

* Fix variable name

* Escape regex

* fix test fields and update expected status code

---------

Co-authored-by: counter <counter@counters-MacBook-Air.local>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2023-10-02 13:45:45 -07:00
Dylan Ayrey
b3555f5419
Adding Howtorotate Guides to TruffleHog (#1839) 
* adding how to rotate guides

* Adding project ID to metadata

* update key name, remove comments, and ensure always present

---------

Co-authored-by: counter <counter@counters-MacBook-Air.local>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2023-10-02 13:45:17 -07:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
f8f0c984fb
update pagerdutyapikey detector to tri-state verification (#1836) 2023-10-02 16:33:18 -04:00
Miccah
0d451aa806
Fix bug in chunker that surfaces with a flaky passed in io.Reader (#1838) 
* Fix bug in chunker that surfaces with a flaky passed in io.Reader

The chunker was previously expecting the passed in io.Reader to always
successfully read a full buffer of data, however it's valid for a Reader
to return less data than requested. When this happens, the chunker would
peek the same data that it then reads in the next iteration of the loop,
causing the same data to be scanned twice.

Co-authored-by: ahrav <ahravdutta02@gmail.com>

* Fix EOF error check

* Use io.ReadFull in Chunker

---------

Co-authored-by: ahrav <ahravdutta02@gmail.com>
 2023-10-02 09:38:23 -07:00
dependabot[bot]
a750b8ef2b
Bump github.com/AzureAD/microsoft-authentication-library-for-go (#1850) 
Bumps [github.com/AzureAD/microsoft-authentication-library-for-go](https://github.com/AzureAD/microsoft-authentication-library-for-go) from 0.5.1 to 1.2.0.
- [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-go/releases)
- [Changelog](https://github.com/AzureAD/microsoft-authentication-library-for-go/blob/main/RELEASES.md)
- [Commits](https://github.com/AzureAD/microsoft-authentication-library-for-go/compare/v0.5.1...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/AzureAD/microsoft-authentication-library-for-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-02 09:31:58 -07:00
dependabot[bot]
67fc50a4fb
Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.6.0 to 2.7.0 (#1851) 
Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases)
- [Commits](https://github.com/bradleyfalzon/ghinstallation/compare/v2.6.0...v2.7.0)

---
updated-dependencies:
- dependency-name: github.com/bradleyfalzon/ghinstallation/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-02 08:55:03 -07:00
dependabot[bot]
401f7f3fa9
Bump go.mongodb.org/mongo-driver from 1.12.0 to 1.12.1 (#1848) 
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.12.0...v1.12.1)

---
updated-dependencies:
- dependency-name: go.mongodb.org/mongo-driver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-02 07:46:36 -07:00
dependabot[bot]
9f2b874fb1
Bump github.com/aws/aws-sdk-go from 1.44.83 to 1.45.19 (#1847) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.83 to 1.45.19.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.83...v1.45.19)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-02 07:46:14 -07:00
dependabot[bot]
83391d31da
Bump docker/setup-qemu-action from 2 to 3 (#1845) 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-02 07:45:47 -07:00
dependabot[bot]
df5fa56429
Bump goreleaser/goreleaser-action from 4 to 5 (#1844) 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4 to 5.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-02 07:40:28 -07:00
dependabot[bot]
222a47d9f3
Bump mikepenz/action-junit-report from 3 to 4 (#1843) 
Bumps [mikepenz/action-junit-report](https://github.com/mikepenz/action-junit-report) from 3 to 4.
- [Release notes](https://github.com/mikepenz/action-junit-report/releases)
- [Commits](https://github.com/mikepenz/action-junit-report/compare/v3...v4)

---
updated-dependencies:
- dependency-name: mikepenz/action-junit-report
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-02 07:40:00 -07:00
dependabot[bot]
dd183fab83
Bump docker/login-action from 2 to 3 (#1846) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-02 07:39:13 -07:00
dependabot[bot]
0fc79c5124
Bump github.com/xanzy/go-gitlab from 0.88.0 to 0.92.3 (#1849) 
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.88.0 to 0.92.3.
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.88.0...v0.92.3)

---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-02 07:38:44 -07:00
dependabot[bot]
c7965b2df6
Bump actions/checkout from 3 to 4 (#1842) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-02 07:37:57 -07:00
Dylan Ayrey
b232ec8b4e
fixing razorpay (#1852) 
Co-authored-by: counter <counter@counters-MacBook-Air.local>
 2023-10-02 08:49:40 -05:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
24748b3de6
add tristate verification to twitch (#1830) 
* add tristate verification to twitch

* return early

* small nits
 2023-09-29 16:17:30 -04:00
Karthik Sundari
b9a582ba51
chore(ReadMe): Update installation Doc (#1818) 2023-09-28 12:38:27 -05:00