mirror of
https://github.com/trufflesecurity/trufflehog.git
synced 2024-11-15 01:17:34 +00:00
f42f63271b
Some source use client libraries that can emit errors that contain sensitive information - in particular, git-facing libraries that embed tokens into repository URLs. This PR introduces a way of redacting them - starting with GitLab (where we've seen this most recently), but in theory extensible to other sources as needed. This implementation uses a custom zap core; this might also be possible with a custom zap encoder, but I didn't test it out. (The deleted core.go file was entirely unused.) |
||
|---|---|---|
| .. | ||
| dynamic_redactor.go | ||
| level.go | ||
| log.go | ||
| log_test.go | ||
| redaction_core.go | ||