Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-09-20 14:42:03 +00:00
Code Issues Projects Releases Packages Wiki Activity
2271 commits 123 branches 240 tags 83 MiB
Commit graph

2271 commits

This branch
This branch
All branches
Author SHA1 Message Date
dependabot[bot]
93969f967d
Bump github.com/googleapis/gax-go/v2 from 2.10.0 to 2.11.0 (#1406) 
Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go) from 2.10.0 to 2.11.0.
- [Release notes](https://github.com/googleapis/gax-go/releases)
- [Commits](https://github.com/googleapis/gax-go/compare/v2.10.0...v2.11.0)

---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-20 13:21:19 -07:00
Zachary Rice
4938d67e66
Custom detector name (#1400) 
* hacky way to add detector name to output

* set name in custom detectors
 2023-06-20 13:55:31 -05:00
Zachary Rice
e9cce62faf
update discord invite link to one that doesn't expire (#1410) 2023-06-20 12:29:40 -05:00
dependabot[bot]
12cb4224ca
Bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 (#1407) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-20 10:28:00 -07:00
dependabot[bot]
84f2e72d0a
Bump github.com/getsentry/sentry-go from 0.21.0 to 0.22.0 (#1404) 
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.21.0 to 0.22.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.21.0...v0.22.0)

---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-20 10:27:14 -07:00
Miccah
e12f0f84a1
Setup SourceUnit interface (#1393) 
* Test: Asymmetrical unmarshal API

* Test: Symmetric marshal API

* Revert "Test: Symmetric marshal API"

This reverts commit f51c64a797.

* Cleanup test example and add SourceUnitUnmarshaller interface

* Add CommonSourceUnit implementation

* Update comments

* Remove UnmarshalJSON
 2023-06-16 10:38:28 -05:00
Bill Rich
401688d0a8
Add Validator interface and example (#1397) 
* Add Validator interface and example

* Close sockets and improve error messages

* Remove duplicate error

* Use var declaration so err slice can be nil
 2023-06-15 08:24:32 -07:00
Bill Rich
6d9ae7acbb
Make trace error message so newlines aren't escaped (#1396) 2023-06-14 17:24:31 -07:00
Miccah
fb76eaf17b
Use heuristic to choose the most likely UTF-16 decoded string (#1381) 
* Use heuristic to choose the most likely UTF-16 decoded string

* Assume ASCII and include valid BE and LE bytes

* Remove unused code

* Assume ASCII and return nil when not utf16

---------

Co-authored-by: bill-rich <bill.rich@gmail.com>
 2023-06-13 17:00:40 -07:00
dependabot[bot]
3d395497cf
Bump cloud.google.com/go/secretmanager from 1.10.1 to 1.11.0 (#1378) 
Bumps [cloud.google.com/go/secretmanager](https://github.com/googleapis/google-cloud-go) from 1.10.1 to 1.11.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/kms/v1.10.1...kms/v1.11.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/secretmanager
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-13 12:55:03 -07:00
dependabot[bot]
8d41986487
Bump github.com/xanzy/go-gitlab from 0.83.0 to 0.85.0 (#1391) 
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.83.0 to 0.85.0.
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.83.0...v0.85.0)

---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-13 12:54:14 -07:00
dependabot[bot]
97bd11f8d6
Bump github.com/hashicorp/go-retryablehttp from 0.7.2 to 0.7.4 (#1388) 
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.2 to 0.7.4.
- [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.2...v0.7.4)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-retryablehttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-13 12:53:41 -07:00
dependabot[bot]
4fbd4e3a9f
Bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#1389) 
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-13 12:51:48 -07:00
Zachary Rice
74ffbd2878
add a custom detector check for logging duplicate detector (#1394) 
* add a custom detector check for logging duplicate detector

* use pb type
 2023-06-13 14:49:21 -05:00
Bill Rich
c2e3e7d53a
Split files instead of using ReadAll (#1387) 
* Split files instead of using ReadAll

* Remove dup chunk

* Actually break out of loop
 2023-06-12 14:09:05 -07:00
Dustin Decker
ca1947291b
Update sqlserver redaction, deduplication, and URI redaction (#1369) 
* Update sqlserver redaction, deduplication, and URI redaction

* don't use pointer
 2023-06-09 11:06:54 -07:00
Zachary Rice
c28c70b399
fix new git file plus plus plus bug (#1386) 2023-06-08 18:29:11 -05:00
Zubair Khan
dfb1a0cd38
Add DocuSign detector (#1382) 
* init

* look for client id and client secret, encode them for basis auth

* add tests

* test without checking the contents of response

* confirm access_token exists

* cleanup test

* explain in code that an undocumented grant_type is used

* remove use of deprecated ioutil, remove dead code, return errors instead of just logging

* directly pull access token

* update error text, remove redundant body close()

* import new detector into defaults
 2023-06-08 13:34:50 -04:00
ahrav
ce4a1fd7e6
[chore] - fix test (#1383) 
* fix test.

* fix import order.

* fix twilio test.
 2023-06-06 18:58:00 -07:00
dependabot[bot]
c8b9735834
Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#1377) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.3...v1.8.4)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-06 10:41:01 -07:00
dependabot[bot]
769d708b84
Bump github.com/mattn/go-sqlite3 from 1.14.16 to 1.14.17 (#1380) 
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.16 to 1.14.17.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.16...v1.14.17)

---
updated-dependencies:
- dependency-name: github.com/mattn/go-sqlite3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-06 10:40:34 -07:00
Dustin Decker
572cb0e5dc Loosen up version check for git 2023-06-01 12:17:48 -07:00
Dustin Decker
183037ab34
Check that git meets version requirements (#1373) 2023-06-01 09:41:06 -07:00
ahrav
8b7c50825e
update detector regex. (#1368) 2023-06-01 08:16:18 -07:00
dependabot[bot]
589a794e7f
Bump github.com/googleapis/gax-go/v2 from 2.8.0 to 2.9.1 (#1363) 
Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go) from 2.8.0 to 2.9.1.
- [Release notes](https://github.com/googleapis/gax-go/releases)
- [Commits](https://github.com/googleapis/gax-go/compare/v2.8.0...v2.9.1)

---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-30 21:00:23 -07:00
Dustin Decker
5358ed776b
fix mockaroo fps (#1370) 
* fix mockaroo fps

* fix test
 2023-05-30 20:58:41 -07:00
dependabot[bot]
9637f5e813
Bump cloud.google.com/go/secretmanager from 1.10.0 to 1.10.1 (#1365) 
Bumps [cloud.google.com/go/secretmanager](https://github.com/googleapis/google-cloud-go) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/kms/v1.10.0...kms/v1.10.1)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/secretmanager
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-30 10:04:09 -07:00
dependabot[bot]
8be6ed0abb
Bump github.com/envoyproxy/protoc-gen-validate from 1.0.0 to 1.0.1 (#1366) 
Bumps [github.com/envoyproxy/protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/envoyproxy/protoc-gen-validate/releases)
- [Changelog](https://github.com/bufbuild/protoc-gen-validate/blob/main/.goreleaser.yaml)
- [Commits](https://github.com/envoyproxy/protoc-gen-validate/compare/v1.0.0...v1.0.1)

---
updated-dependencies:
- dependency-name: github.com/envoyproxy/protoc-gen-validate
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-30 09:00:09 -07:00
dependabot[bot]
d433bf03e3
Bump go.mongodb.org/mongo-driver from 1.11.4 to 1.11.6 (#1367) 
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.11.4 to 1.11.6.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.11.4...v1.11.6)

---
updated-dependencies:
- dependency-name: go.mongodb.org/mongo-driver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-30 08:59:55 -07:00
Dustin Decker
c8944825de
Surface missing git as an error during initialization (#1362) 2023-05-26 15:23:08 -07:00
Tim Strazzere
cbfbf5335e
Add Data member to ResultsMetadata struct. (#1358) 
When a Result is emitted, it should include
the `chunk.Data []byte` so that we can utilize
the blob of data which caused the result.

This makes it so something catching the results
does not have to maintain a collection of chunks
to correlate the two together.
 2023-05-24 09:21:41 -07:00
Mike Vanbuskirk
32a351fa02
adds linting for workflow and actions (#1356) 2023-05-22 21:43:25 -04:00
dependabot[bot]
d11f06989d
Bump golang.org/x/crypto from 0.8.0 to 0.9.0 (#1354) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/crypto/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-22 10:08:58 -05:00
dependabot[bot]
a9d2464301
Bump github.com/getsentry/sentry-go from 0.20.0 to 0.21.0 (#1351) 
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-22 10:08:17 -05:00
Brendan Shaklovitz
3ab864aca9
Make OpenAI regex more specific (#1345) 2023-05-22 07:39:18 -07:00
dependabot[bot]
9cc3d05c31
Bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 (#1352) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.7.0 to 0.8.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-22 09:31:51 -05:00
dependabot[bot]
596639bb6f
Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#1353) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-22 09:30:56 -05:00
dependabot[bot]
ecffe724a5
Bump github.com/go-logr/zapr from 1.2.3 to 1.2.4 (#1355) 
Bumps [github.com/go-logr/zapr](https://github.com/go-logr/zapr) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/go-logr/zapr/releases)
- [Commits](https://github.com/go-logr/zapr/compare/v1.2.3...v1.2.4)

---
updated-dependencies:
- dependency-name: github.com/go-logr/zapr
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-22 09:30:29 -05:00
Mike Vanbuskirk
1d9d6b6039
needed perms for running workflows against forks (#1348) 
Co-authored-by: ahrav <ahravdutta02@gmail.com>
 2023-05-19 15:31:20 -04:00
ahrav
1da7720912
Replace context.TODO. (#1349) 2023-05-19 11:09:51 -07:00
Zachary Rice
4ba0ad480f
Add message for discord server in readme (#1344) 
* discord server

* Update README.md
 2023-05-19 11:14:50 -05:00
ahrav
0c386220dd
[chore] - Use correct detector proto (#1347) 
* Use correct detector proto.

* sort imports.
 2023-05-18 15:12:38 -07:00
trufflesteeeve
1a81709726
Check to see if StructuredData exists before attempting to print it (#1346) 2023-05-18 17:42:19 -04:00
Brendan Shaklovitz
195f9f0798
Add Base64URLSafe decoder (#1292) 
* Add Base64URLSafe decoder

* Add decoder that can decode base64 strings with '_' and '-' instead of
  of '+' and '/'.

* Combine url-safe b64 decoder into b64 decoder
 2023-05-18 08:30:47 -07:00
RuchitaKshirsagarTR
f831b62a3f
Update generic.go (#1343) 
Generic API keys like shown in the example below is getting excluded:
api_key=9e107d9d372bb6826bd81d3542a419d6 because of following regex patterns:

\b[A-Fa-f0-9]{32}\b
\b[A-Fa-f0-9x]{6,99}\b

The base64 decoding logic is getting hit and NOT returning an error, and thus it continues thinking it is base64 decoded.
 2023-05-17 13:30:40 -07:00
ahrav
31844b12e3
[oc-313] - Add GitHub metrics (#1324) 
* Normalize repos during enumeration.

* fix test.

* Add benchmark.

* Add benchmark.

* Add more realistic benchmark values.

* add gist mocks.

* Remove old normalize fxn.

* abstract away the repo cache.

* update test.

* increase repo count.

* increase page limnit to 100.

* move callee fxns below caller for Chunks.

* Add context to normalize.

* remove extra logic in normalize repo.

* Delete new.txt

* Delete old.txt

* Handle errors in a thread safe manner.

* fix test.'

* fix test.

* handle repos that are included by users.

* Abstract include ignore logic within repoCache.

* Add better comment around repoCache.

* Rename params.

* remove commented out code.

* use repos instead of items.

* remove commented out code.

* Use ++ instead of atomic increment.

* update to use logger var.

* use cache pkg.

* Use separate file for repo logic.

* Address comments.

* fix test.

* make less sucky test.

* Update test.

* Add logs for duration and repo size.

* fix integration test.

* address comment.
 2023-05-16 08:45:28 -07:00
Brendan Shaklovitz
88b4a283c4
Add extra data and structured data to plain output (#1316) 
* Add extra data and structured data to plain output

* Remove duplicate ExtraData output
 2023-05-16 08:14:42 -07:00
Dustin Decker
4250773e92
GitHub basic auth (#1337) 2023-05-15 22:04:42 -07:00
ahrav
e81b908e07
Add buildkitev2 detector for newer tokens. (#1341) 2023-05-15 12:58:36 -07:00
ahrav
6db770fbe5
use md5 hash for checking if key exists. (#1257) 2023-05-15 10:04:14 -07:00