Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 15:14:38 +00:00
Code Issues Projects Releases Packages Wiki Activity
1842 commits 139 branches 257 tags 147 MiB
Commit graph

1842 commits

This branch
This branch
All branches
Author SHA1 Message Date
Miccah
d317ddb51a
[chore] Remove logrus from circleci, filesystem, gitlab, and s3 sources (#1089) 
* [chore] Remove logrus from circleci, filesystem, gitlab, and s3 sources

* Address comments
 2023-02-10 11:02:55 -06:00
dependabot[bot]
29be679370
Bump github.com/joho/godotenv from 1.4.0 to 1.5.1 (#1075) 
Bumps [github.com/joho/godotenv](https://github.com/joho/godotenv) from 1.4.0 to 1.5.1.
- [Release notes](https://github.com/joho/godotenv/releases)
- [Commits](https://github.com/joho/godotenv/compare/v1.4.0...v1.5.1)

---
updated-dependencies:
- dependency-name: github.com/joho/godotenv
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-09 20:02:06 -08:00
Miccah
0ce72ccda3
[chore] Remove logrus from github source (#1086) 
* [chore] Remove logrus from github source

* Fix handleRateLimit test

* Fix tests
 2023-02-09 18:02:04 -06:00
Miccah
58e8c1e4ac
[chore] Remove logrus from engine package (#1085) 2023-02-09 16:55:19 -06:00
trufflesteeeve
114f4b6989
Add Type() to detector interface (#1088) 
* Add Type() to detector interface

The goal here is to allow the detector type information to be used
without the need for reflection. This could possibly allow us to more
easily inject information into detectors or filter them out if
necessary.

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>

* remove test detector

---------

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
 2023-02-09 14:46:03 -08:00
ahrav
e47cc2451f
Dont pre-allocate errors slice. (#1083) 2023-02-08 17:33:30 -08:00
Miccah
1f0fd91205
Skip repo and continue scanning when encountering an error (#1080) 2023-02-08 11:33:01 -06:00
ahrav
0d73dbe638
[chore] - Add tests for errors (#1071) 2023-02-08 04:15:44 -08:00
Bill Rich
7dd2b74f1f
Make archive handler configurable (#1077) 
* Make archive handler configurable.

* Use common.IsDone()
 2023-02-07 15:25:14 -08:00
Bill Rich
b37080e6a5
Add max commit size (#1079) 
* Add max commit size

* Use common.IsDone

* Use breaks instead of return
 2023-02-07 15:25:00 -08:00
ahrav
3f30216356
Add incclude exclude spaces for confluence source. (#1073) 2023-02-06 08:49:45 -08:00
Bill Rich
af6e3f8fdf
Pull gitparse config options out of pkg consts (#1072) 
* Pull gitparse config options out of pkg consts.

* Adjust naming
 2023-02-04 13:19:23 -08:00
Miccah
2d35edfb23
Revert "Add TruffleHog version input for GitHub action (#1064)" (#1068) 
This reverts commit 8dedd08d89.
 2023-02-03 10:05:21 -06:00
Miccah
8dedd08d89
Add TruffleHog version input for GitHub action (#1064) 2023-02-02 14:18:46 -06:00
ahrav
8be89a593b
Handle errors in a thread safe manner (#1052) 
* Handle errors in a thread safe manner.

* fix test.

* fix linter.

* address comments.
 2023-02-02 11:05:33 -08:00
ahrav
80a68b84c2
update webex detector regex (#1062) 
* update webex detector regex.

* fix regex.
 2023-02-01 18:37:51 -08:00
ahrav
58b78b6a5a
Update float detector with correct User-Agent and regex (#1061) 
* Update float detector with correct User-Agent and regex.

* update import order.

* update emial.

* Delete http.go

* add http back.
 2023-02-01 09:48:13 -08:00
swdbo
a53758c4c4
braintree detector: use production API URL instead of the test sandbox version (#1054) 2023-02-01 08:41:52 -08:00
Dustin Decker
1d3206ed36
add bodyclose linter to help prevent file handle leaks (#1048) 2023-01-31 09:04:37 -08:00
dependabot[bot]
26afa76e7c
Bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 (#1039) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/golang/oauth2/releases)
- [Commits](https://github.com/golang/oauth2/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-27 17:47:18 -08:00
Miccah
8df9db6ecc
Remove false positive detection for CustomRegex (#1050) 
Checking for false positives can lead to results being removed before
ever getting the opportunity to verify them. Users are already
responsible for verification of custom detectors, so let's not interfere
with how they choose to use it.
 2023-01-27 11:57:10 -06:00
ahrav
e85411b59f
Add file to confluence proto. (#1049) 2023-01-26 17:34:01 -08:00
Alex Shylo
6e58eb4bbb
fix-the-typo (#1046) 
change programatic -> programmatic
Ref: https://www.dictionary.com/browse/programmatic
 2023-01-26 12:53:46 -08:00
Alexandr Marchenko
b29b78c10d
filesystem support for exclude and include filters (2nd attemp) (#1033) 
* fix filter issue - empty lines should be ignored

* filesystem support for filter exclude

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2023-01-26 09:33:45 -08:00
dependabot[bot]
d4f4b1c73e
Bump github.com/rabbitmq/amqp091-go from 1.5.0 to 1.6.0 (#1036) 
Bumps [github.com/rabbitmq/amqp091-go](https://github.com/rabbitmq/amqp091-go) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/rabbitmq/amqp091-go/releases)
- [Changelog](https://github.com/rabbitmq/amqp091-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rabbitmq/amqp091-go/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/rabbitmq/amqp091-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-26 09:27:32 -08:00
Miccah
539be34752
Add openssh-client to trufflehog container (#1045) 
* Add openssh-client to docker container

* Add ssh auth example and --rm to all docker run commands
 2023-01-26 11:26:03 -06:00
Bill Rich
00ebb2ed64
Full git log when targeting base merge commit (#1044) 
* Full git log when targeting merge commits

* Full log is needed whenever base is specified.
 2023-01-26 09:17:54 -08:00
Dustin Decker
4ef546a06b
fix github integration tests (#1042) 2023-01-25 08:57:39 -08:00
Bill Rich
ac1dd23d37
Limit diff size to prevent out of control memory use. (#1035) 
* Limit diff size to prevent out of control memory use.

* Group consts
 2023-01-23 10:14:10 -08:00
ahrav
2088f030f9
Add location to Teams metadata. (#1034) 2023-01-23 08:12:05 -08:00
ahmed
2060ae1c47
Updated stdout to print results in alphabetical order for consistent output (#1032) 2023-01-19 12:58:50 -05:00
dependabot[bot]
86f80fc5a8
Bump github.com/sergi/go-diff from 1.2.0 to 1.3.1 (#1023) 
Bumps [github.com/sergi/go-diff](https://github.com/sergi/go-diff) from 1.2.0 to 1.3.1.
- [Release notes](https://github.com/sergi/go-diff/releases)
- [Commits](https://github.com/sergi/go-diff/compare/v1.2.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/sergi/go-diff
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-17 15:26:29 -06:00
dependabot[bot]
c62eb18e6d
Bump github.com/xanzy/go-gitlab from 0.77.0 to 0.78.0 (#1024) 
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.77.0 to 0.78.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases)
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.77.0...v0.78.0)

---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-17 15:25:04 -06:00
dependabot[bot]
8acd9fdd3b
Bump github.com/getsentry/sentry-go from 0.16.0 to 0.17.0 (#1022) 
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-17 15:20:01 -06:00
ahrav
1621403e11
Add concurrency to CircleCi source (#1029) 
* Small cleanup of CircleCi source.

* Add concurrency to circleci.

* merge w/ cleanup branch.

* Rdefine loop var.

* Delete github.go

* reverge file delete.

* Add debug log for scan errors.

* make collecting scanned errors thread safe.

* pre-allocate errors slice.
 2023-01-17 12:24:49 -08:00
ahrav
319ae64a02
[chore] - Small cleanup of CircleCi source (#1028) 
* Small cleanup of CircleCi source.

* address comments.

* Add context to methods as first param.
 2023-01-17 09:36:18 -08:00
Dustin Decker
bc27fef7bc
remove logger from retryable client, it is not respecting loglevels (#1020) 2023-01-13 15:28:00 -08:00
Miccah
45b02f46d9
Record timestamp when a context was cancelled (#1018) 2023-01-13 12:21:09 -06:00
Cameron Lonsdale
0aa8e1cd98
Use access-token endpoint for validity check (#991) 2023-01-11 19:19:51 -08:00
ahrav
477e2a1332
Update entrypoint (#1013) 
* Update entrypoint.

* update comment.

* Call each extra arg on its own.

* Update loop.

* Update extra args.

* Use miccah's magic script.

* Fix path to bash.

* update entrypoint.

* Add bash to Dockerfile.

* update goreleaser dockerfile.
 2023-01-11 18:58:05 -08:00
Bill Rich
430d5c764c
Rename and export isGitSource (#1016) 2023-01-10 12:51:58 -08:00
Bill Rich
8b2e1d36cf
Copy metadata for line number aware sources (#1011) 
* Copy metadata for line number aware sources

* Improve style
 2023-01-10 09:35:44 -08:00
Clark Brown
864cf00337
Revert "Allow for default value to be used. (#999)" (#1004) 
This reverts commit ee6817ad85.
 2023-01-09 18:09:58 -06:00
Miccah
e5ede17c77
Validate custom regular expressions on detector initialization (#1010) 
* Validate custom regular expressions on detector initialization

* Add regex name to error message
 2023-01-09 17:30:47 -06:00
Miccah
74831f63d5
Capture callstack of canceled contexts (#979) 2023-01-09 17:27:06 -06:00
ahrav
09d4422cdb
Handle invalid regex for custom detector. (#1005) 
* Handle invalid regex for custom detector.

* Add comment highlighting invalid regex.
 2023-01-09 09:45:30 -08:00
dependabot[bot]
7de0178842
Bump golang.org/x/crypto from 0.4.0 to 0.5.0 (#1009) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-09 09:32:29 -08:00
dependabot[bot]
6d384ce3e8
Bump github.com/hashicorp/go-retryablehttp from 0.7.1 to 0.7.2 (#1008) 
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/hashicorp/go-retryablehttp/releases)
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.1...v0.7.2)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-retryablehttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-09 09:31:23 -08:00
dependabot[bot]
0e24d406d5
Bump github.com/go-git/go-git/v5 from 5.5.1 to 5.5.2 (#1007) 
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.5.1 to 5.5.2.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.5.1...v5.5.2)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-09 09:30:56 -08:00
dependabot[bot]
d72c31b8b6
Bump cloud.google.com/go/secretmanager from 1.9.0 to 1.10.0 (#1006) 
Bumps [cloud.google.com/go/secretmanager](https://github.com/googleapis/google-cloud-go) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/dlp/v1.9.0...asset/v1.10.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/secretmanager
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-09 09:29:26 -08:00