صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
LBP
/
gitleaks
mirrorاز https://github.com/gitleaks/gitleaks.git
4
0
انشعاب 0
پرونده‌ها مشکلات 0 ویکی
فهرست منبع

Feat/add fingerprint no git (#952)

* no-git support fingerprint support

* updating gitleaksignore w/ no-git false positives

* fix test
Zachary Rice 3 سال پیش
والد
6748a89bf4
کامیت
1b3f10cb79
4فایلهای تغییر یافته به همراه69 افزوده شده و 1 حذف شده
مشاهده تقسیم شده نمایش آمار تفاوت ها
  1. 62 0
      .gitleaksignore
  2. 5 0
      detect/detect.go
  3. 2 0
      detect/detect_test.go
  4. 0 1
      detect/utils.go

+ 62 - 0
.gitleaksignore
مشاهده فایل 

@@ -651,3 +651,65 @@ bc26e979c5911cf647c1bede0b3700ebaaa454c8:checks_test.go:aws-access-token:36
 
 8f352bd840f028b481dc725b77d2f4904b77913b:checks_test.go:aws-access-token:34
 
 ec2fc9d6cb0954fb3b57201cf6133c48d8ca0d29:checks_test.go:aws-access-token:37
 
 06c9e824d5985c8e8789321ae70de7ace3b093dc:main.go:aws-access-token:15
 
+
 
+README.md:aws-access-token:204
 
+README.md:aws-access-token:205
 
+README.md:aws-access-token:244
 
+cmd/generate/config/rules/privatekey.go:private-key:19
 
+cmd/generate/config/rules/generic.go:clojars-api-token:43
 
+cmd/generate/config/rules/generic.go:generic-api-key:45
 
+cmd/generate/config/rules/generic.go:generic-api-key:46
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-secret:22
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-secret:23
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-secret:24
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-secret:28
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-secret:29
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-sensitive-url:46
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-sensitive-url:48
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-sensitive-url:50
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-sensitive-url:52
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-sensitive-url:54
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-sensitive-url:55
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-sensitive-url:56
 
+cmd/generate/config/rules/sidekiq.go:sidekiq-sensitive-url:57
 
+config/config_test.go:aws-access-token:31
 
+detect/detect_test.go:sidekiq-secret:120
 
+detect/detect_test.go:sidekiq-secret:126
 
+detect/detect_test.go:sidekiq-secret:142
 
+detect/detect_test.go:aws-access-token:50
 
+detect/detect_test.go:aws-access-token:60
 
+detect/detect_test.go:aws-access-token:61
 
+detect/detect_test.go:aws-access-token:98
 
+detect/detect_test.go:aws-access-token:104
 
+detect/detect_test.go:aws-access-token:105
 
+detect/detect_test.go:aws-access-token:186
 
+detect/detect_test.go:aws-access-token:194
 
+detect/detect_test.go:aws-access-token:202
 
+detect/detect_test.go:aws-access-token:288
 
+detect/detect_test.go:aws-access-token:296
 
+detect/detect_test.go:aws-access-token:359
 
+detect/detect_test.go:aws-access-token:360
 
+detect/detect_test.go:aws-access-token:378
 
+detect/detect_test.go:aws-access-token:379
 
+detect/detect_test.go:aws-access-token:404
 
+detect/detect_test.go:aws-access-token:405
 
+detect/detect_test.go:aws-access-token:480
 
+detect/detect_test.go:aws-access-token:481
 
+detect/detect_test.go:aws-access-token:499
 
+detect/detect_test.go:aws-access-token:500
 
+detect/detect_test.go:sidekiq-sensitive-url:164
 
+detect/detect_test.go:sidekiq-sensitive-url:170
 
+detect/detect_test.go:pypi-upload-token:76
 
+detect/detect_test.go:pypi-upload-token:82
 
+detect/detect_test.go:pypi-upload-token:83
 
+detect/detect_test.go:discord-api-token:211
 
+detect/detect_test.go:discord-api-token:233
 
+detect/detect_test.go:discord-api-token:241
 
+detect/detect_test.go:discord-api-token:263
 
+detect/detect_test.go:discord-api-token:279
 
+testdata/config/allow_aws_re.toml:aws-access-token:9
 
+testdata/config/allow_global_aws_re.toml:aws-access-token:8
 
+testdata/expected/git/small-branch-foo.txt:aws-access-token:15
 
+testdata/expected/git/small.txt:aws-access-token:15
 
+testdata/expected/git/small.txt:aws-access-token:44
 
+testdata/repos/nogit/main.go:aws-access-token:20

+ 5 - 0
detect/detect.go
مشاهده فایل 

@@ -450,6 +450,11 @@ func (d *Detector) Detect(fragment Fragment) []report.Finding {
 
 
 // addFinding synchronously adds a finding to the findings slice
 
 func (d *Detector) addFinding(finding report.Finding) {
 
+	if finding.Commit == "" {
 
+		finding.Fingerprint = fmt.Sprintf("%s:%s:%d", finding.File, finding.RuleID, finding.StartLine)
 
+	} else {
 
+		finding.Fingerprint = fmt.Sprintf("%s:%s:%s:%d", finding.Commit, finding.File, finding.RuleID, finding.StartLine)
 
+	}
 
 	// check if we should ignore this finding
 
 	if _, ok := d.gitleaksIgnore[finding.Fingerprint]; ok {
 
 		log.Debug().Msgf("ignoring finding with Fingerprint %s",

+ 2 - 0
detect/detect_test.go
مشاهده فایل 

@@ -483,6 +483,7 @@ func TestFromFiles(t *testing.T) {
 
 					RuleID:      "aws-access-key",
 
 					Tags:        []string{"key", "AWS"},
 
 					Entropy:     3.0841837,
 
+					Fingerprint: "../testdata/repos/nogit/main.go:aws-access-key:20",
 
 				},
 
 			},
 
 		},
 
@@ -502,6 +503,7 @@ func TestFromFiles(t *testing.T) {
 
 					RuleID:      "aws-access-key",
 
 					Tags:        []string{"key", "AWS"},
 
 					Entropy:     3.0841837,
 
+					Fingerprint: "../testdata/repos/nogit/main.go:aws-access-key:20",
 
 				},
 
 			},
 
 		},

+ 0 - 1
detect/utils.go
مشاهده فایل 

@@ -30,7 +30,6 @@ func augmentGitFinding(finding report.Finding, textFragment *gitdiff.TextFragmen
 
 		}
 
 		finding.Date = f.PatchHeader.AuthorDate.UTC().Format(time.RFC3339)
 
 	}
 
-	finding.Fingerprint = fmt.Sprintf("%s:%s:%s:%d", finding.Commit, finding.File, finding.RuleID, finding.StartLine)
 
 	return finding
 
 }