more info on output and in jsonish format

checks.go

@@ -5,22 +5,32 @@ import (
 	"strings"
 )
 
-func doChecks(diff string) []string {
+// checks Regex and if enabled, entropy and stopwords
+func doChecks(diff string, commit string) []LeakElem {
 	var match string
-	var results []string
+	var leaks []LeakElem
+	var leak LeakElem
 	lines := strings.Split(diff, "\n")
 	for _, line := range lines {
-		for _, re := range regexes {
+		for leakType, re := range regexes {
 			match = re.FindString(line)
 			if len(match) == 0 ||
 				(opts.Strict && containsStopWords(line)) ||
 				(opts.Entropy && !checkShannonEntropy(line)) {
 				continue
 			}
-			results = append(results, line)
+
+			leak = LeakElem{
+				Line:     line,
+				Commit:   commit,
+				Offender: match,
+				Reason:   leakType,
+			}
+
+			leaks = append(leaks, leak)
 		}
 	}
-	return results
+	return leaks
 
 }
 

checks_test.go

@@ -4,24 +4,24 @@ import (
 	"testing"
 )
 
-func init(){
+func init() {
 	opts = &Options{
 		Concurrency:      10,
 		B64EntropyCutoff: 70,
 		HexEntropyCutoff: 40,
-		Entropy: false,
+		Entropy:          false,
 	}
 }
 
 func TestCheckRegex(t *testing.T) {
-	var results []string
+	var results []LeakElem
 	checks := map[string]int{
 		"aws=\"AKIALALEMEL33243OLIAE": 1,
-		"aws\"afewafewafewafewaf\"": 0,
+		"aws\"afewafewafewafewaf\"":   0,
 	}
 
 	for k, v := range checks {
-		results = doChecks(k)
+		results = doChecks(k, "commit")
 		if v != len(results) {
 			t.Errorf("regexCheck failed on string %s", k)
 		}

leaks.go

@@ -16,8 +16,10 @@ import (
 
 // LeakElem contains the line and commit of a leak
 type LeakElem struct {
-	Content string `json:"content"`
-	Commit  string `json:"commit"`
+	Line     string `json:"line"`
+	Commit   string `json:"commit"`
+	Offender string `json:"string"`
+	Reason   string `json:"reason"`
 }
 
 // start clones and determines if there are any leaks
@@ -90,7 +92,11 @@ func getLeaks(repoName string, opts *Options) []LeakElem {
 
 	go func(commitWG *sync.WaitGroup, gitLeakReceiverWG *sync.WaitGroup) {
 		for gitLeak := range gitLeaks {
-			fmt.Printf("commit: %s\ncontent: %s\n\n", gitLeak.Commit, gitLeak.Content)
+			b, err := json.MarshalIndent(gitLeak, "", "   ")
+			if err != nil {
+				fmt.Println("failed to output leak:", err)
+			}
+			fmt.Println(string(b))
 			report = append(report, gitLeak)
 			gitLeakReceiverWG.Done()
 		}
@@ -130,13 +136,13 @@ func getLeaks(repoName string, opts *Options) []LeakElem {
 				return
 			}
 
-			lines := doChecks(string(out))
-			if len(lines) == 0 {
+			leaks := doChecks(string(out), currCommit)
+			if len(leaks) == 0 {
 				return
 			}
-			for _, line := range lines {
+			for _, leak := range leaks {
 				gitLeakReceiverWG.Add(1)
-				gitLeaks <- LeakElem{line, currCommit}
+				gitLeaks <- leak
 			}
 
 		}(currCommit, repoName, &commitWG, &gitLeakReceiverWG)

main.go

@@ -12,7 +12,7 @@ import (
 
 var (
 	appRoot     string
-	regexes     []*regexp.Regexp
+	regexes     map[string]*regexp.Regexp
 	stopWords   []string
 	base64Chars string
 	hexChars    string
@@ -40,15 +40,16 @@ func init() {
 	stopWords = []string{"setting", "Setting", "SETTING", "info",
 		"Info", "INFO", "env", "Env", "ENV", "environment", "Environment", "ENVIRONMENT"}
 
-	regexes = []*regexp.Regexp{
-		regexp.MustCompile("-----BEGIN RSA PRIVATE KEY-----"),
-		regexp.MustCompile("-----BEGIN OPENSSH PRIVATE KEY-----"),
-		regexp.MustCompile("[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]"),
-		regexp.MustCompile("[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*['|\"][0-9a-zA-Z]{35,44}['|\"]"),
-		regexp.MustCompile("[g|G][i|I][t|T][h|H][u|U][b|B].*[['|\"]0-9a-zA-Z]{35,40}['|\"]"),
-		regexp.MustCompile("AKIA[0-9A-Z]{16}"),
-		regexp.MustCompile("[r|R][e|E][d|D][d|D][i|I][t|T].*['|\"][0-9a-zA-Z]{14}['|\"]"),
-		regexp.MustCompile("[h|H][e|E][r|R][o|O][k|K][u|U].*[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}"),
+	regexes = map[string]*regexp.Regexp{
+		"RSA":      regexp.MustCompile("-----BEGIN RSA PRIVATE KEY-----"),
+		"SSH":      regexp.MustCompile("-----BEGIN OPENSSH PRIVATE KEY-----"),
+		"Facebook": regexp.MustCompile("[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]"),
+		"Twitter":  regexp.MustCompile("[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*['|\"][0-9a-zA-Z]{35,44}['|\"]"),
+		"Github":   regexp.MustCompile("[g|G][i|I][t|T][h|H][u|U][b|B].*[['|\"]0-9a-zA-Z]{35,40}['|\"]"),
+		"AWS":      regexp.MustCompile("AKIA[0-9A-Z]{16}"),
+		"Reddit":   regexp.MustCompile("[r|R][e|E][d|D][d|D][i|I][t|T].*['|\"][0-9a-zA-Z]{14}['|\"]"),
+		"Heroku":   regexp.MustCompile("[h|H][e|E][r|R][o|O][k|K][u|U].*[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}"),
+		// "Custom": regexp.MustCompile(".*")
 	}
 	assignRegex = regexp.MustCompile(`(=|:|:=|<-)`)
 }

options.go

@@ -29,7 +29,7 @@ type Options struct {
 	OrgURL           string
 	RepoURL          string
 	Strict           bool
-	Entropy bool
+	Entropy          bool
 }
 
 // help prints the usage string and exits
@@ -70,7 +70,7 @@ func parseOptions(args []string) *Options {
 		Concurrency:      10,
 		B64EntropyCutoff: 70,
 		HexEntropyCutoff: 40,
-		Entropy: false,
+		Entropy:          false,
 	}
 
 	for i := 0; i < len(args); i++ {