Commit graph

3145 commits

Author SHA1 Message Date
renovate[bot]
eb41756eb6
fix(deps): update module github.com/aws/aws-sdk-go to v1.53.14 (#2900)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-01 09:55:39 -07:00
Richard Gomez
9053d8f4de
refactor(github): enumerateWithToken flow & tests (#2880) 2024-05-31 15:53:44 -05:00
Abdul Basit
2b3284e650
Redis integration test (#2901)
* implemented redis integration test using docker container

* rename the function and use the redis:7.0 image
2024-05-31 11:59:06 -05:00
Richard Gomez
5575514174
fix(falsepositives): remove 'www' (#2896) 2024-05-31 11:37:27 -04:00
renovate[bot]
155c83c433
fix(deps): update module github.com/charmbracelet/bubbletea to v0.26.4 (#2885)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-31 10:56:33 -04:00
Abdul Basit
ddd861d4c7
consistent image of MSSQL for integration testing. (#2898) 2024-05-31 10:56:02 -04:00
Abdul Basit
d93c428b54
Update metadata for DataDog for API + APPKey (#2879)
* put emails from response in metadata for datadog.

* removed unused type in user structure.

* filter user information based on verified, is service account and disabled boolean
also include organization detail if it is available in response.
2024-05-31 10:50:23 -04:00
renovate[bot]
568fea8110
fix(deps): update golang.org/x/exp digest to fd00a4e (#2899)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-31 07:42:08 -07:00
renovate[bot]
20014e4339
chore(deps): update alpine docker tag to v3.20 (#2874)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-31 10:21:01 -04:00
Hon
793231370e
Add postman to tui (#2895) 2024-05-29 16:07:23 -07:00
James Telfer
0024b6ce77
feat: support docker image history scanning (#2882)
* feat: support docker image history scanning

* refactor: collapse error handling into return

Style suggestion from review feedback.

* fix: associate layers with history entries

Where possible, add the associated layer to the history entry record. This may help tracing any issues discovered.

This also changes the entry reference format to `image-metadata:history:%d:created-by` which _may_ be more self-explanatory.
2024-05-28 14:07:43 -07:00
Abdul Basit
18b81013b8
Added extra data for LaunchDarkly (#2836)
* added extra data for LaunchDarkly
- Token type like api or sdk
- name and role of First token in response of api-tokens
- total token counts associated with api-token

* renamed total_count to total_token_count

* updated & renamed fields of metadata for launchdarkly, specifically for API based tokens
2024-05-28 14:08:53 -04:00
renovate[bot]
48b570d909
fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.4 (#2890)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-28 07:59:18 -07:00
renovate[bot]
5f96f3c5c5
fix(deps): update module github.com/elastic/go-elasticsearch/v8 to v8.13.1 (#2886)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-28 07:49:00 -07:00
renovate[bot]
a591f3986c
fix(deps): update golang.org/x/exp digest to 4c93da0 (#2883)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-27 05:44:30 -07:00
renovate[bot]
3460629c3f
fix(deps): update module cloud.google.com/go/secretmanager to v1.13.1 (#2884)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-27 05:44:04 -07:00
renovate[bot]
45246c3fea
fix(deps): update module github.com/go-logr/logr to v1.4.2 (#2869)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-26 08:23:01 -07:00
renovate[bot]
3632349bb3
fix(deps): update module github.com/aws/aws-sdk-go to v1.53.10 (#2871)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-25 07:57:35 -07:00
Richard Gomez
5102e3ae11
test(github): fix some errors (#2774) 2024-05-24 13:03:41 -07:00
Richard Gomez
e53f5bd5c5
Improve handling of Gist URLs (#2653)
* feat(github): handle ghes gists

* fix(github): handle all gist URLs

* refactor(github): helper func to check gist urls
2024-05-24 08:36:30 -07:00
Charlie Gunyon
311494e86e
Elastic adapter (#2727)
* Add stub source and elastic API funcs

* Spawn workers and ship chunks

* Now successfully detects a credential

- Added tests
- Added some documentation comments
- Threaded the passed context through to all the API requests

* Linting fixes

* Add integration tests and resolve some bugs they uncovered

* Logstash -> Elasticsearch

* Add support for --index-pattern

* Add support for --query-json

* Use structs instead of string building to construct a search body

* Support --since-timestamp

* Implement additional authentication methods

* Fix some small bugs

* Refactoring to support --best-effort-scan

* Finish implementation of --best-effort-scan

* Implement scan catch-up

* Finish connecting support for nodes CLI arg

* Add some integration tests around the catchup mechanism

* go mod tidy

* Fix some linting issues

* Remove some debugging Prints

* Move off of _doc

* Remove informational Printf and add informational logging

* Remove debugging logging

* Copy the index from the outer loop as well

* Don't burn up the ES API with rapid requests if there's no work to do in subsequent scans

* No need to export UnitOfWork.AddSearch

* Use a better name for the range query variable when building the timestamp range clause in searches

* Replace some unlocking defers with explicit unlocks to make the synchronized part of the code clearer

* found -> ok

* Remove superfluous buildElasticClient method

---------

Co-authored-by: Charlie Gunyon <charlie@spectral.energy>
2024-05-24 09:38:20 -05:00
Richard Gomez
1441289d41
fix(github): scan user repos (#2814) 2024-05-23 09:40:40 -05:00
Cody Rose
f7214cfee3
Log reasons for GitLab repo exclusion (#2875)
We have some evidence that some GitLab repos are getting incorrectly ignored, but it's not clear why this is happening, so this PR adds some more logging to the relevant code.
2024-05-23 09:08:36 -04:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
b9ea2f5d4e
adding Groq detector (#2873)
* adding Groq detector

* using prefix as keyword
2024-05-22 15:46:14 -04:00
ahrav
fccf7c9a41
[chore] - Use http.NewRequestWithContext (#2870) 2024-05-22 06:58:12 -07:00
renovate[bot]
0a3a62be0e
fix(deps): update module github.com/aws/aws-sdk-go to v1.53.6 (#2867)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-21 10:15:28 -07:00
Abdul Basit
4b10b8a009
made changes in organization regex for azure devops. (#2866) 2024-05-20 15:02:12 -05:00
Abdul Basit
5dff334ffa
Update azure storage extra data (#2808)
Blob service of Azure storage returns containers name in response. From that, containers name is added in extra data.
2024-05-20 13:42:54 -04:00
renovate[bot]
4f833cbfa0
fix(deps): update module github.com/aws/aws-sdk-go to v1.53.5 (#2859)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-18 08:01:50 -07:00
renovate[bot]
760da097ad
fix(deps): update module google.golang.org/api to v0.181.0 (#2857)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-18 08:01:29 -07:00
renovate[bot]
970cd12e70
fix(deps): update module github.com/wasilibs/go-re2 to v1.5.3 (#2861)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-17 07:52:16 -07:00
Richard Gomez
d71a8056c0
chore(engine): remove verbose log line (#2860) 2024-05-16 22:25:16 -07:00
ahrav
da25ac2e7f
remove redundant chunking (#2855) 2024-05-16 14:38:50 -07:00
ahrav
5257069748
[chore] - move buffers pkg out of writers pkg (#2826)
* Remove specialized handler and archive struct and restructure handlers pkg.

* Refactor RPM archive handlers to use a library instead of shelling out

* make rpm handling context aware

* update test

* Refactor AR/deb archive handler to use an existing library instead of shelling out

* Update tests

* Handle non-archive data within the DefaultHandler

* make structs and methods private

* Remove non-archive data handling within sources

* add max size check

* add filename and size to context kvp

* move skip file check and is binary check before opening file

* fix test

* preserve existing funcitonality of not handling non-archive files in HandleFile

* Handle non-archive data within the DefaultHandler

* rebase

* Remove non-archive data handling within sources

* Adjust check for rpm/deb archive type

* add additional deb mime type

* add gzip

* move diskbuffered rereader setup into handler pkg

* remove DiskBuffereReader creation logic within sources

* update comment

* move rewind closer

* reduce log verbosity

* add metrics for file handling

* add metrics for errors

* make defaultBufferSize a const

* add metrics for file handling

* add metrics for errors

* fix tests

* add metrics for max archive depth and skipped files

* update error

* skip symlinks and dirs

* update err

* Address incompatible reader to openArchive

* remove nil check

* fix err assignment

* Allow git cat-file blob to complete before trying to handle the file

* wrap compReader with DiskbufferReader

* Allow git cat-file blob to complete before trying to handle the file

* updates

* use buffer writer

* update

* refactor

* update context pkg

* revert stuff

* update test

* fix test

* remove

* use correct reader

* add metrics for file handling

* add metrics for errors

* fix tests

* rebase

* add metrics for errors

* add metrics for max archive depth and skipped files

* update error

* skip symlinks and dirs

* update err

* fix err assignment

* rebase

* remove

* Update write method in contentWriter interface

* Add bufferReadSeekCloser

* update name

* update comment

* fix lint

* Remove specialized handler and archive struct and restructure handlers pkg.

* Refactor RPM archive handlers to use a library instead of shelling out

* make rpm handling context aware

* update test

* Refactor AR/deb archive handler to use an existing library instead of shelling out

* Update tests

* add max size check

* add filename and size to context kvp

* move skip file check and is binary check before opening file

* fix test

* preserve existing funcitonality of not handling non-archive files in HandleFile

* Handle non-archive data within the DefaultHandler

* rebase

* Remove non-archive data handling within sources

* Handle non-archive data within the DefaultHandler

* add gzip

* move diskbuffered rereader setup into handler pkg

* remove DiskBuffereReader creation logic within sources

* update comment

* move rewind closer

* reduce log verbosity

* make defaultBufferSize a const

* add metrics for file handling

* add metrics for errors

* fix tests

* add metrics for max archive depth and skipped files

* update error

* skip symlinks and dirs

* update err

* Address incompatible reader to openArchive

* remove nil check

* fix err assignment

* wrap compReader with DiskbufferReader

* Allow git cat-file blob to complete before trying to handle the file

* updates

* use buffer writer

* update

* refactor

* update context pkg

* revert stuff

* update test

* remove

* rebase

* go mod tidy

* lint check

* update metric to ms

* update metric

* update comments

* dont use ptr

* update

* fix

* Remove specialized handler and archive struct and restructure handlers pkg.

* Refactor RPM archive handlers to use a library instead of shelling out

* make rpm handling context aware

* update test

* Refactor AR/deb archive handler to use an existing library instead of shelling out

* Update tests

* add max size check

* add filename and size to context kvp

* move skip file check and is binary check before opening file

* fix test

* preserve existing funcitonality of not handling non-archive files in HandleFile

* Adjust check for rpm/deb archive type

* add additional deb mime type

* update comment

* go mod tidy

* update go mod

* Add a buffered file reader

* update comments

* use Buffered File Readder

* return buffer

* update

* fix

* return

* go mod tidy

* merge

* use a shared pool

* use sync.Once

* reorganzie

* remove unused code

* fix double init

* fix stuff

* nil check

* reduce allocations

* updates

* update metrics

* updates

* reset buffer instead of putting it back

* skip binaries

* skip

* concurrently process diffs

* close chan

* concurrently enumerate orgs

* increase workers

* ignore pbix and vsdx files

* add metrics for gitparse's Diffchan

* fix metric

* update metrics

* update

* fix checks

* fix

* inc

* update

* reduce

* Create workers to handle binary files

* modify workers

* updates

* add check

* delete code

* use custom reader

* rename struct

* add nonarchive handler

* fix break

* add comments

* add tests

* refactor

* remove log

* do not scan rpm links

* simplify

* rename var

* rename

* fix benchmark

* add buffer

* buffer

* buffer

* handle panic

* merge main

* merge main

* add recover

* revert stuff

* revert

* revert to using reader

* fixes

* remove

* update

* fixes

* linter

* fix test

* move buffers pkg out of writers pkg

* rename

* [refactor] - move buffer pool logic into own pkg (#2828)

* move buffer pool logic into own pkg

* fix test

* fix test

* whoops

* [feat] - additional buffer pool (#2829)

* move buffer pool logic into own pkg

* move

* fix test

* fix test

* fix test

* remove

* fix test

* whoops

* revert

* fix
2024-05-16 14:38:36 -07:00
ahrav
896e6e7c66
upgrade github dep (#2858) 2024-05-16 14:35:08 -07:00
Carles Llobet
1ac558ae90
Adding postman to sub-commands list (#2813)
* Adding postman to sub-commands list

postman was made public so it can now be added to the sub-command list for completeness.

* Update README.md

---------

Co-authored-by: Dustin Decker <humanatcomputer@gmail.com>
2024-05-16 14:24:03 -07:00
Zachary Rice
e0351c215a
add tolower to all keywords, and remove return on error for global vars (#2852) 2024-05-16 14:03:03 -05:00
Abdul Basit
15c6333987
deprecated Integromat detector becuase they are gone. (#2856)
remove the package as well.
2024-05-16 08:29:36 -07:00
renovate[bot]
bcbc9c5ff7
fix(deps): update module github.com/aws/aws-sdk-go to v1.53.3 (#2849)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-15 18:32:06 -07:00
ahrav
2db06f0576
[bug] - Handle empty reader case in newFileReader (#2854)
* Correclty handle empty files

* fix

* fix test
2024-05-15 18:25:36 -07:00
ahrav
ead9dd5748
[refactor] - Create separate handler for non-archive data (#2825)
* Remove specialized handler and archive struct and restructure handlers pkg.

* Refactor RPM archive handlers to use a library instead of shelling out

* make rpm handling context aware

* update test

* Refactor AR/deb archive handler to use an existing library instead of shelling out

* Update tests

* Handle non-archive data within the DefaultHandler

* make structs and methods private

* Remove non-archive data handling within sources

* add max size check

* add filename and size to context kvp

* move skip file check and is binary check before opening file

* fix test

* preserve existing funcitonality of not handling non-archive files in HandleFile

* Handle non-archive data within the DefaultHandler

* rebase

* Remove non-archive data handling within sources

* Adjust check for rpm/deb archive type

* add additional deb mime type

* add gzip

* move diskbuffered rereader setup into handler pkg

* remove DiskBuffereReader creation logic within sources

* update comment

* move rewind closer

* reduce log verbosity

* add metrics for file handling

* add metrics for errors

* make defaultBufferSize a const

* add metrics for file handling

* add metrics for errors

* fix tests

* add metrics for max archive depth and skipped files

* update error

* skip symlinks and dirs

* update err

* Address incompatible reader to openArchive

* remove nil check

* fix err assignment

* Allow git cat-file blob to complete before trying to handle the file

* wrap compReader with DiskbufferReader

* Allow git cat-file blob to complete before trying to handle the file

* updates

* use buffer writer

* update

* refactor

* update context pkg

* revert stuff

* update test

* fix test

* remove

* use correct reader

* add metrics for file handling

* add metrics for errors

* fix tests

* rebase

* add metrics for errors

* add metrics for max archive depth and skipped files

* update error

* skip symlinks and dirs

* update err

* fix err assignment

* rebase

* remove

* Update write method in contentWriter interface

* Add bufferReadSeekCloser

* update name

* update comment

* fix lint

* Remove specialized handler and archive struct and restructure handlers pkg.

* Refactor RPM archive handlers to use a library instead of shelling out

* make rpm handling context aware

* update test

* Refactor AR/deb archive handler to use an existing library instead of shelling out

* Update tests

* add max size check

* add filename and size to context kvp

* move skip file check and is binary check before opening file

* fix test

* preserve existing funcitonality of not handling non-archive files in HandleFile

* Handle non-archive data within the DefaultHandler

* rebase

* Remove non-archive data handling within sources

* Handle non-archive data within the DefaultHandler

* add gzip

* move diskbuffered rereader setup into handler pkg

* remove DiskBuffereReader creation logic within sources

* update comment

* move rewind closer

* reduce log verbosity

* make defaultBufferSize a const

* add metrics for file handling

* add metrics for errors

* fix tests

* add metrics for max archive depth and skipped files

* update error

* skip symlinks and dirs

* update err

* Address incompatible reader to openArchive

* remove nil check

* fix err assignment

* wrap compReader with DiskbufferReader

* Allow git cat-file blob to complete before trying to handle the file

* updates

* use buffer writer

* update

* refactor

* update context pkg

* revert stuff

* update test

* remove

* rebase

* go mod tidy

* lint check

* update metric to ms

* update metric

* update comments

* dont use ptr

* update

* fix

* Remove specialized handler and archive struct and restructure handlers pkg.

* Refactor RPM archive handlers to use a library instead of shelling out

* make rpm handling context aware

* update test

* Refactor AR/deb archive handler to use an existing library instead of shelling out

* Update tests

* add max size check

* add filename and size to context kvp

* move skip file check and is binary check before opening file

* fix test

* preserve existing funcitonality of not handling non-archive files in HandleFile

* Adjust check for rpm/deb archive type

* add additional deb mime type

* update comment

* go mod tidy

* update go mod

* Add a buffered file reader

* update comments

* use Buffered File Readder

* return buffer

* update

* fix

* return

* go mod tidy

* merge

* use a shared pool

* use sync.Once

* reorganzie

* remove unused code

* fix double init

* fix stuff

* nil check

* reduce allocations

* updates

* update metrics

* updates

* reset buffer instead of putting it back

* skip binaries

* skip

* concurrently process diffs

* close chan

* concurrently enumerate orgs

* increase workers

* ignore pbix and vsdx files

* add metrics for gitparse's Diffchan

* fix metric

* update metrics

* update

* fix checks

* fix

* inc

* update

* reduce

* Create workers to handle binary files

* modify workers

* updates

* add check

* delete code

* use custom reader

* rename struct

* add nonarchive handler

* fix break

* add comments

* add tests

* refactor

* remove log

* do not scan rpm links

* simplify

* rename var

* rename

* fix benchmark

* add buffer

* buffer

* buffer

* handle panic

* merge main

* merge main

* add recover

* revert stuff

* revert

* revert to using reader

* fixes

* remove

* update

* fixes

* linter

* fix test

* fix comment

* update field name

* fix
2024-05-15 13:40:16 -07:00
Abdul Basit
7025b0aa35
added email and location in metadata. (#2850) 2024-05-15 12:36:22 -05:00
cuiyourong
ead4e8fa2d
chore: fix some typos in comments (#2851)
Signed-off-by: cuiyourong <cuiyourong@gmail.com>
2024-05-15 07:36:21 -07:00
Alexandre GUIOT--VALENTIN
0d8c3335ed
Add "Intra42" detector (#2835)
* Add basic intra42 detector (lacks verification)

* Improve keywords/prefixes for intra42 detector

* Un-lint pkg/pb/detectorspb/detectors.pb.go to avoid bloating PR

* Add client_id match and secret verification

* Improve PrefixRegex

* Add missing entry in DetectorType_name in detectors.pb.go

* Add Intra42 to proto/detectors.proto

* Remove PrefixRegex

* Keep only identifiers as keywords

* Factorize regex (a-f0-9)
2024-05-14 11:33:54 -07:00
ahrav
6df147de58
[feat] - Support bearer auth for docker scans (#2848)
* Support bearer auth for docker scans

* updates

* use no auth by default if no other auth method is provided
2024-05-14 11:30:11 -07:00
Cody Rose
4882d230e0
Use fake detectors in versioned detectors test (#2847)
This automated test used to run with the real GitLab detectors because they were versioned. However, the test doesn't need real detectors to actually validate the functionality in question, and relying on real detectors means that we're susceptible to token expiration, which we recently discovered when it happened. The test has been updated to use fake detectors (which means it can run correctly in the community suite as well now.)
2024-05-14 13:15:06 -04:00
Zachary Rice
8d1fa42360
switch to filesystem and specific tag when performance testing (#2846)
* switch to filesystem and specific tag when performance testing

* good ol gha debugging

* Update performance.yml
2024-05-14 11:57:01 -05:00
ahrav
f82cf8d76d
[bug] - Fix case-sensitivity issue in PrefixRegex function (#2811)
* correctly remove case insensitivity for the capture group

* update
2024-05-14 08:55:36 -05:00
renovate[bot]
f1e419f8fe
fix(deps): update module cloud.google.com/go/storage to v1.41.0 (#2843)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-13 18:45:01 -07:00
Richard Gomez
a00587673a
feat(sendgrid): update detector (#2833) 2024-05-13 18:44:37 -07:00