Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 15:14:38 +00:00
Code Issues Projects Releases Packages Wiki Activity
1837 commits 139 branches 257 tags 147 MiB
Commit graph

1623 commits

Author SHA1 Message Date
ahrav
e47cc2451f
Dont pre-allocate errors slice. (#1083) 2023-02-08 17:33:30 -08:00
Miccah
1f0fd91205
Skip repo and continue scanning when encountering an error (#1080) 2023-02-08 11:33:01 -06:00
ahrav
0d73dbe638
[chore] - Add tests for errors (#1071) 2023-02-08 04:15:44 -08:00
Bill Rich
7dd2b74f1f
Make archive handler configurable (#1077) 
* Make archive handler configurable.

* Use common.IsDone()
 2023-02-07 15:25:14 -08:00
Bill Rich
b37080e6a5
Add max commit size (#1079) 
* Add max commit size

* Use common.IsDone

* Use breaks instead of return
 2023-02-07 15:25:00 -08:00
ahrav
3f30216356
Add incclude exclude spaces for confluence source. (#1073) 2023-02-06 08:49:45 -08:00
Bill Rich
af6e3f8fdf
Pull gitparse config options out of pkg consts (#1072) 
* Pull gitparse config options out of pkg consts.

* Adjust naming
 2023-02-04 13:19:23 -08:00
ahrav
8be89a593b
Handle errors in a thread safe manner (#1052) 
* Handle errors in a thread safe manner.

* fix test.

* fix linter.

* address comments.
 2023-02-02 11:05:33 -08:00
ahrav
80a68b84c2
update webex detector regex (#1062) 
* update webex detector regex.

* fix regex.
 2023-02-01 18:37:51 -08:00
ahrav
58b78b6a5a
Update float detector with correct User-Agent and regex (#1061) 
* Update float detector with correct User-Agent and regex.

* update import order.

* update emial.

* Delete http.go

* add http back.
 2023-02-01 09:48:13 -08:00
swdbo
a53758c4c4
braintree detector: use production API URL instead of the test sandbox version (#1054) 2023-02-01 08:41:52 -08:00
Miccah
8df9db6ecc
Remove false positive detection for CustomRegex (#1050) 
Checking for false positives can lead to results being removed before
ever getting the opportunity to verify them. Users are already
responsible for verification of custom detectors, so let's not interfere
with how they choose to use it.
 2023-01-27 11:57:10 -06:00
ahrav
e85411b59f
Add file to confluence proto. (#1049) 2023-01-26 17:34:01 -08:00
Alexandr Marchenko
b29b78c10d
filesystem support for exclude and include filters (2nd attemp) (#1033) 
* fix filter issue - empty lines should be ignored

* filesystem support for filter exclude

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2023-01-26 09:33:45 -08:00
Bill Rich
00ebb2ed64
Full git log when targeting base merge commit (#1044) 
* Full git log when targeting merge commits

* Full log is needed whenever base is specified.
 2023-01-26 09:17:54 -08:00
Dustin Decker
4ef546a06b
fix github integration tests (#1042) 2023-01-25 08:57:39 -08:00
Bill Rich
ac1dd23d37
Limit diff size to prevent out of control memory use. (#1035) 
* Limit diff size to prevent out of control memory use.

* Group consts
 2023-01-23 10:14:10 -08:00
ahrav
2088f030f9
Add location to Teams metadata. (#1034) 2023-01-23 08:12:05 -08:00
ahmed
2060ae1c47
Updated stdout to print results in alphabetical order for consistent output (#1032) 2023-01-19 12:58:50 -05:00
ahrav
1621403e11
Add concurrency to CircleCi source (#1029) 
* Small cleanup of CircleCi source.

* Add concurrency to circleci.

* merge w/ cleanup branch.

* Rdefine loop var.

* Delete github.go

* reverge file delete.

* Add debug log for scan errors.

* make collecting scanned errors thread safe.

* pre-allocate errors slice.
 2023-01-17 12:24:49 -08:00
ahrav
319ae64a02
[chore] - Small cleanup of CircleCi source (#1028) 
* Small cleanup of CircleCi source.

* address comments.

* Add context to methods as first param.
 2023-01-17 09:36:18 -08:00
Dustin Decker
bc27fef7bc
remove logger from retryable client, it is not respecting loglevels (#1020) 2023-01-13 15:28:00 -08:00
Miccah
45b02f46d9
Record timestamp when a context was cancelled (#1018) 2023-01-13 12:21:09 -06:00
Cameron Lonsdale
0aa8e1cd98
Use access-token endpoint for validity check (#991) 2023-01-11 19:19:51 -08:00
Bill Rich
430d5c764c
Rename and export isGitSource (#1016) 2023-01-10 12:51:58 -08:00
Bill Rich
8b2e1d36cf
Copy metadata for line number aware sources (#1011) 
* Copy metadata for line number aware sources

* Improve style
 2023-01-10 09:35:44 -08:00
Miccah
e5ede17c77
Validate custom regular expressions on detector initialization (#1010) 
* Validate custom regular expressions on detector initialization

* Add regex name to error message
 2023-01-09 17:30:47 -06:00
Miccah
74831f63d5
Capture callstack of canceled contexts (#979) 2023-01-09 17:27:06 -06:00
ahrav
09d4422cdb
Handle invalid regex for custom detector. (#1005) 
* Handle invalid regex for custom detector.

* Add comment highlighting invalid regex.
 2023-01-09 09:45:30 -08:00
Yassine Ilmi
d720c0c0f3
Switch to retryableHttpClient for GitHub AuthN API Client + More Logs (#995) 
* Adding missing flags to Readme

* Use retryableHttpClient by default for GitHub

* Adding repoUrl for scanning time log

* Use WithField instead of WithFields

* Updating README with lasted --help output
 2023-01-09 09:21:56 -08:00
Pulkit Aggarwal
fc6fd29f3f
Fix GitUrl Return (#987) 
Co-authored-by: ahrav <ahravdutta02@gmail.com>
 2023-01-09 09:17:30 -08:00
Dustin Decker
5f6143f09a
Add Circle CI source (#997) 
* Add Circle CI source

* remove SHA1 line

* remove trim
 2023-01-05 21:44:37 -08:00
ahrav
009756dce6
add proto that was missing. (#986) 2022-12-23 13:27:07 -08:00
Miccah
f5b83ee2a5
Add configuration parsing and custom detectors to engine (#968) 
* Add configuration parsing for custom detectors

* Error on empty filename
 2022-12-20 10:14:49 -06:00
ahrav
936a139596
Allow using a glob for include list. (#977) 
* Allow using a glob for include list.

* Update command flag.

* Make comment more clear.

* update comment.

* Allow scanning repo and org at the same time.
 2022-12-16 13:28:16 -08:00
Gonçalo Silva
e091fab94f
Use Todoist's REST API v2 (#978) 
v1 was deprecated on December 5, 2022.
 2022-12-14 16:52:19 -08:00
Miccah
861ad057c7
Implement CustomRegex detector (#950) 
* Remove verifying successRanges because it is unused in webhook

* Move custom_detectors validation code into its own file

* Initial implementation of custom regex detector

Secret verification is done via webhook.

* Add CustomRegex detector type

* Add upper bound to permutation

* Return early if the context is canceled

* Add headers from configuration

* Add detector name as a key in the JSON body

* Implement faster algorithm for productIndices
 2022-12-14 10:26:53 -06:00
Bill Rich
36ca2601e0
Add s3 object count to trace logs (#975) 
* Add s3 object count to trace logs

* fix debug level
 2022-12-13 16:46:09 -08:00
Miccah
7ac7fdae44
Add more logging for git sources (#974) 2022-12-13 17:51:57 -06:00
ahrav
26befdd1ec
[bug] - Handle error when scanning s3 bucket. (#969) 
* Handle error when scanning s# bucket.

* move wait outside loop.

* Add logging.

* revert changes.

* remove.

* revert.
 2022-12-12 10:10:06 -08:00
Dustin Decker
7de9bdd12d
Support globbing with ignore repos (#967) 2022-12-09 12:10:42 -08:00
ahrav
a72b9feb35
Only scan org with --org flag. (#931) 2022-12-06 16:18:48 -08:00
Bill Rich
335ce85ce4
Export line number code (#962) 2022-12-06 15:31:15 -08:00
Bill Rich
33d32d2de4
Don't scan the --since-commit target (#960) 2022-12-06 13:24:27 -08:00
Bill Rich
1a1c2e275e
Change chunker test source (#959) 
* Change chunker test source

* Emit chunk if the size isn't 0
 2022-12-06 12:45:08 -08:00
Bill Rich
9f99ee470d
Integration test fixes (#956) 
* Adjust repo count for new app

* Fix chunk test count
 2022-12-06 08:42:24 -08:00
Miccah
2a2bcd93ac
Add CustomRegex validation (#939) 
* Add validation skeleton

* Add custom detector validation with tests

* Validate and test regex vars

* Implement RegexVarString

* Use RegexVarString for validating regex variables

* Add numerics to the regex variable matching

Co-authored-by: hxnyk <8292703+hxnyk@users.noreply.github.com>
 2022-12-02 11:26:22 -06:00
Miccah
5a339b0ca1
Add test for configuring custom regex with webhook verification (#946) 2022-12-02 11:23:20 -06:00
Bill Rich
f1ec9e74eb
Close files to clean up tmp files (#940) 2022-11-22 13:13:34 -08:00
Bill Rich
79cae3b82b
Add newlines when file is split (#937) 2022-11-22 09:01:39 -08:00