Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-09-20 22:51:55 +00:00
Code Issues Projects Releases Packages Wiki Activity
2708 commits 123 branches 240 tags 83 MiB
Commit graph

2708 commits

This branch
This branch
All branches
Author SHA1 Message Date
Damanpreet Singh
8184a62e24
fix: NewRelic Detector: fallback to EU Api for verification (#1932) 2023-10-24 11:02:39 -05:00
Corben Leo
7bc0b77374
Detector-Competition-Fix: Fix CloudSmith detection (#1944) 2023-10-24 11:01:27 -05:00
Brendan Shaklovitz
d934535177
Upgrade gocb and gocbcore (#1952) 
* gocb has been updated to use newer version of gocbcore, so the replace
  directive to use an older gocbcore is no longer needed.
 2023-10-24 08:57:36 -07:00
Cody Rose
e556bdd7b2
Revert "Fix off by one (#1891)" (#1963) 
This reverts commit 7f534d0bb7.
 2023-10-24 08:40:44 -07:00
Bill Rich
c5efa870ff
Use latest dbr (#1955) 2023-10-24 07:52:49 -07:00
ahrav
0f845c8eee
export ShouldVerify (#1962) 2023-10-24 07:27:01 -07:00
ahrav
9ae114f92f
export struct (#1954) 2023-10-24 06:29:26 -07:00
Corben Leo
f3479194d2
Detector-Competition-Fix: Fix CodeClimate verification (#1945) 2023-10-23 20:19:02 -05:00
Damanpreet Singh
855aba2407
Detector-Competition-Feat: Add InstaMojo Payment Detector (#1905) 2023-10-23 16:58:25 -05:00
Corben Leo
893bb3548d
Detector-Competition-Fix: Fix SuperNotes API verification (#1947) 2023-10-23 16:29:55 -05:00
Miccah
0b16142d4f
Add UnitHook and NoopHook implementations (#1930) 
* Add UnitHook and NoopHook implementations

The UnitHook tracks metrics per unit of a job, and emits them on a
channel once finished. It should work even if the Source does not
support source units.

* Refactor channel to use an LRU cache instead

An LRU cache has a more favorable failure mode than the channel. With
the channel, if the consumer stopped consuming metrics, scanning would
block. With the LRU cache, metrics will be dropped when space runs out
and a log message emitted.
 2023-10-23 14:27:01 -07:00
Damanpreet Singh
b4753a60be
Detector-Competition-New: add IP2Location api key detector (#1915) 2023-10-23 13:51:14 -05:00
Miccah
136d8b9428
[chore] Fix glob package name (#1931) 2023-10-23 08:50:16 -07:00
ahrav
68f28a0e34
Filter unique detectors by keywords in chunk (#1711) 
* pre filter detectors that include the keywords in the chunk.

* Optimize the engine to prevent iterating overing all detectors.

* use sync.Map for concurrent access.

* lint.

* use correct verify.

* allow versioned detectors.

* Break apart Start.

* cleanup.

* Update benchmark.

* add comment.

* remove Engine prefix.

* update comments.

* use regular map.

* delete the pool.

* remove old code.

* refactor ahocorasickcore into own file.

* update comments

* move structs to ahocorasickcore

* update comments

* fix

* address comments

* exported some methods and constructor since it will need to be be used by the enterprise pipeline as well

* remove extra log
 2023-10-23 08:02:01 -07:00
Corben Leo
6c75e45958
Detector-Competition-Feat: Add ipinfo.io API key detector (#1889) 
* Detector-Competition-Feat: Add ipinfo.io API key detector

* fix prefix
 2023-10-23 09:00:35 -05:00
Gabriel Donadel Dall'Agnol
efa1b84478
Fix README.md typo (#1942) 2023-10-22 13:32:35 -07:00
Miccah
b8724e87e6
Use the configured include repositories in the GitHub filter (#1926) 2023-10-20 19:03:28 -07:00
Richard Gomez
3acc65b2fb
chore(github): reduce comment log verbosity (#1922) 2023-10-20 16:16:38 -07:00
Corben Leo
4cb67a571d
Detector-Competition-Feat: Add Privacy.com API key detector (#1888) 
* Detector-Competition-Feat: Add Privacy.com API key detector

* Detector-Competition-Feat: Add Privacy.com API key detector

* cleanup: fix prefix
 2023-10-20 08:45:16 -05:00
Cody Rose
7ac7fa8728
Move Github comments check to fix a test #1927 2023-10-19 19:23:55 -04:00
Richard Gomez
4b821e9732
Handle secondary GitHub ratelimits (#1912) 
* fix(github): reduce visibility-related api calls

* fix(github): handle secondary ratelimits
 2023-10-19 14:54:45 -04:00
Miccah
758344711a
Export ChunkError fields and add ErrorsFor convenience method (#1920) 2023-10-19 08:46:49 -07:00
Corben Leo
8058006a92
Detector-Competition-Fix: Fix plaid.com API key detection (#1916) 
* Detector-Competition-Fix: Fix plaid.com API key detection

* Detector-Competition-Fix: Fix plaid.com API key detection

* Update plaidkey_test.go

hardcode dev

---------

Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
 2023-10-19 10:46:04 -05:00
ahrav
3d7207ddd5
update regex (#1919) 2023-10-19 07:20:35 -07:00
Richard Gomez
b57b1c1aa7
feat(voiceflow): basic detector (#1900) 2023-10-18 16:17:11 -05:00
Damanpreet Singh
a354cbd796
Fix for #1526: Update Posthog detector (#1910) 2023-10-18 15:21:59 -05:00
Miccah
23ae970bb0
Add generic glob filter (#1858) 
* Add generic glob filter

* Make nil filters safe

* Include glob in error

* Use better example for exclude and include test

* Allow user to configure the ambiguous case

* Rename Pass to ShouldInclude and invert logic

* Test default *Filter and Filter have the same behavior of allow

* Add property based tests

* Remove configuration for the not found ambiguous case
 2023-10-18 11:48:31 -07:00
Dustin Decker
93cf523760
Tighten up regex for twist detector (#1908) 2023-10-18 09:17:31 -07:00
Damanpreet Singh
b9f49933b8
Added Support for '-h' Option for Help Documentation (#1901) 2023-10-18 06:57:05 -07:00
Richard Gomez
b46fb75c73
feat(git): only generate line numbers > 0 (#1898) 2023-10-18 06:53:58 -07:00
Richard Gomez
6ea3a7da4a
fix(github): normalize repo cache (#1897) 2023-10-17 15:07:47 -07:00
Shreyas Sriram
7f534d0bb7
Fix off by one (#1891) 2023-10-17 07:02:27 -07:00
Miccah
d4d4d0ec9a
Add ShannonEntropy test for an empty string (#1893) 2023-10-16 13:50:28 -07:00
Miccah
03dc7cb68d
[chore] Add SourceUnitEnumChunker filesystem tests (#1873) 
* [chore] Add SourceUnitEnumChunker filesystem tests

* Ensure reported units are exactly what is expected
 2023-10-16 10:42:18 -07:00
Corben Leo
072e1f9dcf
Detector-Competition-Fix: Add Personal Access Tokens (API Tokens Depr… (#1871) 
* Detector-Competition-Fix: Add Personal Access Tokens (API Tokens Depreciation)

* fix(test): fix test debug msg

* remove print
 2023-10-16 08:17:12 -05:00
ahrav
5c721d1a73
[bug] - Don't modify global client var (#1890) 
* Create a new client within the verify block

* remove unused var
 2023-10-13 12:32:21 -07:00
s.shivasurya
040167178c
added cody gateway token detection code (#1883) 
* added cody gateway token detection code

* resolved conflict
 2023-10-13 09:09:04 -06:00
dependabot[bot]
6f00541205
Bump golang.org/x/net from 0.15.0 to 0.17.0 (#1886) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.15.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-11 17:26:00 -06:00
Corben Leo
ae3a5d1202
Detector-Competition-Feat: Add Klaviyo API Secret Detector (#1870) 
* Detector-Competition-Feat: Add Klaviyo API Secret Detector

* fix(error): add s1.VerificationError and remove specific code check.

* fix(error): add s1.VerificationError and remove specific code check.
 2023-10-11 08:35:04 -06:00
Dustin Decker
52ed87edb7
Add an option to filter unverified results using shannon entropy (#1875) 
* Add an option to filter unverified results using shannon entropy

* lint

* add test, update test, and optimize
 2023-10-08 19:52:28 -07:00
Miccah
f09bce3f75
[chore] Fix flaky TestJobProgressElapsedTime (#1872) 2023-10-06 17:05:05 -07:00
Dustin Decker
22ee2c5b07
Tighten up keywords (#1874) 2023-10-06 16:28:51 -07:00
Corben Leo
77a82847af
Detector-Competition-Fix: fix notion.so false negative verification (#1866) 
* Detector-Competition-Fix: fix notion.so false negative verification

* Detector-Competition-Fix: fix notion.so verification
 2023-10-05 12:27:06 -05:00
Corben Leo
179a7e4cbc
Detector-Competition-New: add anthropic api key detector (#1861) 
* feat(anthropic): add anthropic api key detector

* Detector-Competition-Fix: fix remove debug println
 2023-10-05 11:34:40 -05:00
Corben Leo
bf1cce43e5
Detector-Competition-New: add ramp.com client id & secret detector (#1862) 2023-10-05 09:40:30 -05:00
ahrav
3d2490ca80
use Repositories field from conn. (#1860) 2023-10-04 13:56:02 -07:00
Miccah
273f1077af
Add include and ignore list to Artifactory (#1857) 
* Add include and ignore list to Artifactory proto

* Generate protos
 2023-10-03 16:48:30 -07:00
ahrav
cee456f484
support insecure TLS for Jira and Jenkins (#1856) 
* support insecure TLS for Jira and Jenkins

* lint
 2023-10-03 09:55:38 -07:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
8d2d8c8395
add tristate verification to postman (#1837) 2023-10-03 12:38:43 -04:00
Hon Kwok
4598244167
Use placeholder as default if field left empty and is required (#1642) 
* Use placeholder as default if field left empty and is required

Co-authored-by: mcastorina <m.castorina93@gmail.com>

* Drop unused func

* uncomment azure source

* update wording

---------

Co-authored-by: mcastorina <m.castorina93@gmail.com>
 2023-10-02 17:21:40 -07:00