4 лет назад · f88abe99d7
--- a/.github/ISSUE_TEMPLATE/maintenance.md
+++ b/.github/ISSUE_TEMPLATE/maintenance.md
@@ -0,0 +1,16 @@
 
				+---
			
 
				+name: Maintenance request
			
 
				+about: Suggest an idea for this project
			
 
				+title: ''
			
 
				+labels: enhancement
			
 
				+assignees: ''
			
 
				+
			
 
				+---
			
 
				+
			
 
				+**Describe the solution you'd like**
			
 
				+A clear and concise description of what you want to happen.
			
 
				+
			
 
				+**Additional context**
			
 
				+Add any other context or screenshots about the feature request here.
			
 
				+
			
 
				+cc @zricethezav
			
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -0,0 +1,40 @@
 
				+name: Test
			
 
				+
			
 
				+on:
			
 
				+  push:
			
 
				+    branches:
			
 
				+      - "*"
			
 
				+  pull_request:
			
 
				+    branches:
			
 
				+      - "*"
			
 
				+
			
 
				+jobs:
			
 
				+  build:
			
 
				+    runs-on: ubuntu-latest
			
 
				+    env:
			
 
				+      GO111MODULE: on
			
 
				+    steps:
			
 
				+    - uses: actions/checkout@v2
			
 
				+
			
 
				+    - name: Set up Go
			
 
				+      uses: actions/setup-go@v2
			
 
				+      with:
			
 
				+        go-version: 1.17
			
 
				+
			
 
				+    - name: Build
			
 
				+      run: go build -v ./...
			
 
				+
			
 
				+  test:
			
 
				+    runs-on: ubuntu-latest
			
 
				+    env:
			
 
				+      GO111MODULE: on
			
 
				+    steps:
			
 
				+    - uses: actions/checkout@v2
			
 
				+
			
 
				+    - name: Set up Go
			
 
				+      uses: actions/setup-go@v2
			
 
				+      with:
			
 
				+        go-version: 1.17
			
 
				+
			
 
				+    - name: Test
			
 
				+      run: make test
			
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,8 +0,0 @@
 
				-language: go
			
 
				-go:
			
 
				-  - 1.16.x
			
 
				-services:
			
 
				-  - docker
			
 
				-script:
			
 
				-  - make test
			
 
				-  - make security-scan
			
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,17 +1,12 @@
 
				-FROM golang:1.15.5 AS build
			
 
				+FROM golang:1.17 AS build
			
 
				 WORKDIR /go/src/github.com/zricethezav/gitleaks
			
 
				 ARG ldflags
			
 
				 COPY . .
			
 
				 RUN GO111MODULE=on CGO_ENABLED=0 go build -o bin/gitleaks -ldflags "-X="${ldflags} *.go 
			
 
				 
			
 
				-FROM alpine:3.11
			
 
				-RUN apk add --no-cache bash git openssh
			
 
				+FROM alpine:3.14.1
			
 
				+RUN adduser -D gitleaks && \
			
 
				+    apk add --no-cache bash git openssh-client
			
 
				 COPY --from=build /go/src/github.com/zricethezav/gitleaks/bin/* /usr/bin/
			
 
				+USER gitleaks
			
 
				 ENTRYPOINT ["gitleaks"]
			
 
				-
			
 
				-# How to use me :
			
 
				-
			
 
				-# docker build -t gitleaks .
			
 
				-# docker run --rm --name=gitleaks gitleaks --repo-url=https://github.com/zricethezav/gitleaks
			
 
				-
			
 
				-# This will check for secrets in https://github.com/zricethezav/gitleaks
			
--- a/Makefile
+++ b/Makefile
@@ -25,10 +25,6 @@ build: format
 
				 	go mod tidy
			
 
				 	go build $(LDFLAGS)
			
 
				 
			
 
				-security-scan:
			
 
				-	go get github.com/securego/gosec/cmd/gosec
			
 
				-	gosec -no-fail ./...
			
 
				-
			
 
				 release-builds:
			
 
				 	rm -rf build
			
 
				 	mkdir build
			
--- a/config/config.go
+++ b/config/config.go
@@ -1,6 +1,7 @@
 
				 package config
			
 
				 
			
 
				 import (
			
 
				+	_ "embed"
			
 
				 	"fmt"
			
 
				 	"io"
			
 
				 	"os"
			
@@ -16,6 +17,9 @@ import (
 
				 	log "github.com/sirupsen/logrus"
			
 
				 )
			
 
				 
			
 
				+//go:embed gitleaks.toml
			
 
				+var DefaultConfig string
			
 
				+
			
 
				 // Config is a composite struct of Rules and Allowlists
			
 
				 // Each Rule contains a description, regular expression, tags, and allowlists if available
			
 
				 type Config struct {
			
@@ -42,7 +46,7 @@ type TomlAllowList struct {
 
				 }
			
 
				 
			
 
				 // TomlLoader gets loaded with the values from a gitleaks toml config
			
 
				-// see the config in config/defaults.go for an example. TomlLoader is used
			
 
				+// see the config in config/gitleaks.toml for an example. TomlLoader is used
			
 
				 // to generate Config values (compiling regexes, etc).
			
 
				 type TomlLoader struct {
			
 
				 	AllowList TomlAllowList
			
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -1,9 +1,4 @@
 
				-package config
			
 
				 
			
 
				-// DefaultConfig is the default gitleaks configuration. If --config={path-to-config} is set than the config located
			
 
				-// at {path-to-config} will be used. Alternatively, if --repo-config is set then gitleaks will attempt to
			
 
				-// use the config set in a gitleaks.toml or .gitleaks.toml file in the repo that is run with --repo-config set.
			
 
				-const DefaultConfig = `
			
 
				 title = "gitleaks config"
			
 
				 
			
 
				 [[rules]]
			
@@ -33,12 +28,12 @@ title = "gitleaks config"
 
				 
			
 
				 [[rules]]
			
 
				     description = "Twitter Secret Key"
			
 
				-    regex = '''(?i)twitter(.{0,20})?[0-9a-z]{35,44}'''
			
 
				+    regex = '''(?i)twitter(.{0,20})?['\"][0-9a-z]{35,44}['\"]'''
			
 
				     tags = ["key", "Twitter"]
			
 
				 
			
 
				 [[rules]]
			
 
				     description = "Twitter Client ID"
			
 
				-    regex = '''(?i)twitter(.{0,20})?[0-9a-z]{18,25}'''
			
 
				+    regex = '''(?i)twitter(.{0,20})?['\"][0-9a-z]{18,25}['\"]'''
			
 
				     tags = ["client", "Twitter"]
			
 
				 
			
 
				 [[rules]]
			
@@ -178,4 +173,3 @@ title = "gitleaks config"
 
				     files = ['''^\.?gitleaks.toml$''',
			
 
				     '''(.*?)(png|jpg|gif|doc|docx|pdf|bin|xls|pyc|zip)$''',
			
 
				     '''(go.mod|go.sum)$''']
			
 
				-`
			
--- a/go.mod
+++ b/go.mod
@@ -2,16 +2,14 @@ module github.com/zricethezav/gitleaks/v7
 
				 
			
 
				 go 1.16
			
 
				 
			
 
				-replace github.com/go-git/go-git/v5 => github.com/zricethezav/go-git/v5 v5.2.2
			
 
				+replace github.com/go-git/go-git/v5 => github.com/zricethezav/go-git/v5 v5.3.0
			
 
				 
			
 
				 require (
			
 
				 	github.com/BurntSushi/toml v0.3.1
			
 
				-	github.com/go-git/go-git/v5 v5.2.0
			
 
				-	github.com/google/go-cmp v0.4.0 // indirect
			
 
				+	github.com/go-git/go-git/v5 v5.3.0
			
 
				 	github.com/hako/durafmt v0.0.0-20191009132224-3f39dc1ed9f4
			
 
				-	github.com/jessevdk/go-flags v1.4.0
			
 
				+	github.com/jessevdk/go-flags v1.5.0
			
 
				 	github.com/sergi/go-diff v1.1.0
			
 
				 	github.com/sirupsen/logrus v1.4.2
			
 
				 	golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9
			
 
				-	gopkg.in/yaml.v2 v2.2.8 // indirect
			
 
				 )
			
--- a/go.sum
+++ b/go.sum
@@ -1,7 +1,12 @@
 
				 github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
			
 
				 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
			
 
				-github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7 h1:uSoVVbwJiQipAclBbw+8quDsfcvFjOpI5iCf4p/cqCs=
			
 
				-github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/ghQa61ZWa/C2Aw3RkjiTBOix7dkqa1VLIs=
			
 
				+github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA=
			
 
				+github.com/Microsoft/go-winio v0.4.16 h1:FtSW/jqD+l4ba5iPBj9CODVtgfYAD8w2wS923g/cFDk=
			
 
				+github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0=
			
 
				+github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 h1:YoJbenK9C67SkzkDfmQuVln04ygHj3vjZfd9FL+GmQQ=
			
 
				+github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo=
			
 
				+github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk=
			
 
				+github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4=
			
 
				 github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA=
			
 
				 github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
			
 
				 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
			
@@ -12,85 +17,96 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 
				 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
			
 
				 github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg=
			
 
				 github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o=
			
 
				-github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 h1:BHsljHzVlRcyQhjrss6TZTdY2VfCqZPbv5k3iBFa2ZQ=
			
 
				 github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
			
 
				 github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0=
			
 
				 github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
			
 
				 github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4=
			
 
				 github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E=
			
 
				-github.com/go-git/go-billy/v5 v5.0.0 h1:7NQHvd9FVid8VL4qVUMm8XifBK+2xCoZ2lSk0agRrHM=
			
 
				-github.com/go-git/go-billy/v5 v5.0.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
			
 
				-github.com/go-git/go-git-fixtures/v4 v4.0.2-0.20200613231340-f56387b50c12 h1:PbKy9zOy4aAKrJ5pibIRpVO2BXnK1Tlcg+caKI7Ox5M=
			
 
				-github.com/go-git/go-git-fixtures/v4 v4.0.2-0.20200613231340-f56387b50c12/go.mod h1:m+ICp2rF3jDhFgEZ/8yziagdT1C+ZpZcrJjappBCDSw=
			
 
				+github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
			
 
				+github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34=
			
 
				+github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
			
 
				+github.com/go-git/go-git-fixtures/v4 v4.2.1 h1:n9gGL1Ct/yIw+nfsfr8s4+sbhT+Ncu2SubfXjIWgci8=
			
 
				+github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0=
			
 
				+github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY=
			
 
				 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
			
 
				-github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4=
			
 
				-github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
			
 
				 github.com/hako/durafmt v0.0.0-20191009132224-3f39dc1ed9f4 h1:60gBOooTSmNtrqNaRvrDbi8VAne0REaek2agjnITKSw=
			
 
				 github.com/hako/durafmt v0.0.0-20191009132224-3f39dc1ed9f4/go.mod h1:5Scbynm8dF1XAPwIwkGPqzkM/shndPm79Jd1003hTjE=
			
 
				-github.com/imdario/mergo v0.3.9 h1:UauaLniWCFHWd+Jp9oCEkTBj8VO/9DKg3PV3VCNMDIg=
			
 
				-github.com/imdario/mergo v0.3.9/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
			
 
				+github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
			
 
				+github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
			
 
				 github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
			
 
				 github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
			
 
				-github.com/jessevdk/go-flags v1.4.0 h1:4IU2WS7AumrZ/40jfhf4QVDMsQwqA7VEHozFRrGARJA=
			
 
				-github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
			
 
				-github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd h1:Coekwdh0v2wtGp9Gmz1Ze3eVRAWJMLokvN3QjdzCHLY=
			
 
				-github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
			
 
				+github.com/jessevdk/go-flags v1.5.0 h1:1jKYvbxEjfUl0fmqTCOfonvskHHXMjBySTLW4y9LFvc=
			
 
				+github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4=
			
 
				+github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck=
			
 
				+github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
			
 
				 github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
			
 
				 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
			
 
				 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
			
 
				+github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
			
 
				+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
			
 
				 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
			
 
				 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
			
 
				 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
			
 
				 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
			
 
				+github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A=
			
 
				+github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA=
			
 
				 github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
			
 
				 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
			
 
				-github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
			
 
				 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
			
 
				-github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
			
 
				 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
			
 
				+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
			
 
				+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
			
 
				 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
			
 
				 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
			
 
				 github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0=
			
 
				 github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
			
 
				+github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
			
 
				 github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=
			
 
				 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
			
 
				 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
			
 
				 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
			
 
				 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
			
 
				-github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
			
 
				 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
			
 
				-github.com/xanzy/ssh-agent v0.2.1 h1:TCbipTQL2JiiCprBWx9frJ2eJlCYT00NmctrHxVAr70=
			
 
				-github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4=
			
 
				-github.com/zricethezav/go-git/v5 v5.2.2 h1:VOVijF5OpIiHvFZXX94AJezdJ0b0kTyRyVNZ4yaqCRU=
			
 
				-github.com/zricethezav/go-git/v5 v5.2.2/go.mod h1:kh02eMX+wdqqxgNMEyq8YgwlIOsDOa9homkUq1PoTMs=
			
 
				+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
			
 
				+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
			
 
				+github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI=
			
 
				+github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0=
			
 
				+github.com/zricethezav/go-git/v5 v5.3.0 h1:sx02mqKAT6Doe4rLcquIJr1XjrV5QcX8KXk3wSCVic4=
			
 
				+github.com/zricethezav/go-git/v5 v5.3.0/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc=
			
 
				 golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
			
 
				-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
			
 
				-golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073 h1:xMPOj6Pz6UipU1wXLkrtqpHbR0AVFnyPEQq/wRWz9lM=
			
 
				-golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
			
 
				-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
			
 
				-golang.org/x/net v0.0.0-20200301022130-244492dfa37a h1:GuSPYbZzB5/dcLNCwLQLsg3obCJtX9IJhpXkvY7kzk0=
			
 
				-golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
			
 
				+golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
			
 
				+golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b h1:7mWr3k41Qtv8XlltBkDkl8LoP3mpSgBW8BUoxtEdbXg=
			
 
				+golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
			
 
				+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
			
 
				+golang.org/x/net v0.0.0-20210326060303-6b1517762897 h1:KrsHThm5nFk34YtATK1LsThyGhGbGe1olrte/HInHvs=
			
 
				+golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k=
			
 
				 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 h1:SQFwaSi55rU7vdNs9Yr0Z324VNlrF+0wMqRXT4St8ck=
			
 
				 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
			
 
				-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
			
 
				-golang.org/x/sys v0.0.0-20190221075227-b4e8571b14e0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
			
 
				-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
			
 
				+golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
			
 
				 golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
			
 
				-golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527 h1:uYVVQ9WP/Ds2ROhcaGPeIdVq0RIXVLwsHlnvJ+cT1So=
			
 
				+golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
			
 
				+golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
			
 
				 golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
			
 
				-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
			
 
				-golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
			
 
				-golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
			
 
				+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
			
 
				+golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
			
 
				+golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
			
 
				+golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79 h1:RX8C8PRZc2hTIod4ds8ij+/4RQX3AqhYj3uOHmyaz4E=
			
 
				+golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
			
 
				+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
			
 
				+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
			
 
				+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
			
 
				+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
			
 
				 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
			
 
				-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
			
 
				-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
			
 
				 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
			
 
				 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
			
 
				-gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
			
 
				 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
			
 
				+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
			
 
				+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
			
 
				 gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
			
 
				 gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
			
 
				 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
			
 
				 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
			
 
				-gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
			
 
				-gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
			
 
				+gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
			
 
				+gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
			
 
				+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
			
 
				+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
			
--- a/scan/nogit.go
+++ b/scan/nogit.go
@@ -6,6 +6,7 @@ import (
 
				 	"os"
			
 
				 	"path/filepath"
			
 
				 	"strings"
			
 
				+	"sync"
			
 
				 
			
 
				 	log "github.com/sirupsen/logrus"
			
 
				 
			
@@ -17,15 +18,19 @@ import (
 
				 
			
 
				 // NoGitScanner is a scanner that absolutely despises git
			
 
				 type NoGitScanner struct {
			
 
				-	opts options.Options
			
 
				-	cfg  config.Config
			
 
				+	opts     options.Options
			
 
				+	cfg      config.Config
			
 
				+	throttle *Throttle
			
 
				+	mtx      *sync.Mutex
			
 
				 }
			
 
				 
			
 
				 // NewNoGitScanner creates and returns a nogit scanner. This is used for scanning files and directories
			
 
				 func NewNoGitScanner(opts options.Options, cfg config.Config) *NoGitScanner {
			
 
				 	ngs := &NoGitScanner{
			
 
				-		opts: opts,
			
 
				-		cfg:  cfg,
			
 
				+		opts:     opts,
			
 
				+		cfg:      cfg,
			
 
				+		throttle: NewThrottle(opts),
			
 
				+		mtx:      &sync.Mutex{},
			
 
				 	}
			
 
				 
			
 
				 	// no-git scans should ignore .git folders by default
			
@@ -44,7 +49,8 @@ func (ngs *NoGitScanner) Scan() (Report, error) {
 
				 	var scannerReport Report
			
 
				 
			
 
				 	g, _ := errgroup.WithContext(context.Background())
			
 
				-	paths := make(chan string, 100)
			
 
				+
			
 
				+	paths := make(chan string)
			
 
				 
			
 
				 	g.Go(func() error {
			
 
				 		defer close(paths)
			
@@ -60,11 +66,11 @@ func (ngs *NoGitScanner) Scan() (Report, error) {
 
				 			})
			
 
				 	})
			
 
				 
			
 
				-	leaks := make(chan Leak, 100)
			
 
				-
			
 
				 	for path := range paths {
			
 
				 		p := path
			
 
				+		ngs.throttle.Limit()
			
 
				 		g.Go(func() error {
			
 
				+			defer ngs.throttle.Release()
			
 
				 			if ngs.cfg.Allowlist.FileAllowed(filepath.Base(p)) ||
			
 
				 				ngs.cfg.Allowlist.PathAllowed(p) {
			
 
				 				return nil
			
@@ -84,7 +90,9 @@ func (ngs *NoGitScanner) Scan() (Report, error) {
 
				 
			
 
				 					leak.Log(ngs.opts)
			
 
				 
			
 
				-					leaks <- leak
			
 
				+					ngs.mtx.Lock()
			
 
				+					scannerReport.Leaks = append(scannerReport.Leaks, leak)
			
 
				+					ngs.mtx.Unlock()
			
 
				 				}
			
 
				 			}
			
 
				 
			
@@ -129,26 +137,20 @@ func (ngs *NoGitScanner) Scan() (Report, error) {
 
				 					leak.LineNumber = lineNumber
			
 
				 					leak.Rule = rule.Description
			
 
				 					leak.Tags = strings.Join(rule.Tags, ", ")
			
 
				-
			
 
				 					leak.Log(ngs.opts)
			
 
				 
			
 
				-					leaks <- leak
			
 
				+					ngs.mtx.Lock()
			
 
				+					scannerReport.Leaks = append(scannerReport.Leaks, leak)
			
 
				+					ngs.mtx.Unlock()
			
 
				 				}
			
 
				 			}
			
 
				 			return f.Close()
			
 
				 		})
			
 
				 	}
			
 
				 
			
 
				-	go func() {
			
 
				-		if err := g.Wait(); err != nil {
			
 
				-			log.Error(err)
			
 
				-		}
			
 
				-		close(leaks)
			
 
				-	}()
			
 
				-
			
 
				-	for leak := range leaks {
			
 
				-		scannerReport.Leaks = append(scannerReport.Leaks, leak)
			
 
				+	if err := g.Wait(); err != nil {
			
 
				+		log.Error(err)
			
 
				 	}
			
 
				 
			
 
				-	return scannerReport, g.Wait()
			
 
				+	return scannerReport, nil
			
 
				 }
			
--- a/scan/repo.go
+++ b/scan/repo.go
@@ -2,6 +2,7 @@ package scan
 
				 
			
 
				 import (
			
 
				 	"context"
			
 
				+	"sync"
			
 
				 
			
 
				 	"golang.org/x/sync/errgroup"
			
 
				 
			
@@ -21,6 +22,7 @@ type RepoScanner struct {
 
				 	repo     *git.Repository
			
 
				 	throttle *Throttle
			
 
				 	repoName string
			
 
				+	mtx      *sync.Mutex
			
 
				 }
			
 
				 
			
 
				 // NewRepoScanner returns a new repo scanner (go figure). This function also
			
@@ -32,6 +34,7 @@ func NewRepoScanner(opts options.Options, cfg config.Config, repo *git.Repositor
 
				 		repo:     repo,
			
 
				 		throttle: NewThrottle(opts),
			
 
				 		repoName: getRepoName(opts),
			
 
				+		mtx:      &sync.Mutex{},
			
 
				 	}
			
 
				 
			
 
				 	return rs
			
@@ -54,7 +57,6 @@ func (rs *RepoScanner) Scan() (Report, error) {
 
				 
			
 
				 	g, _ := errgroup.WithContext(context.Background())
			
 
				 	commits = make(chan *object.Commit)
			
 
				-	leaks := make(chan Leak)
			
 
				 
			
 
				 	commitNum := 0
			
 
				 	g.Go(func() error {
			
@@ -91,25 +93,20 @@ func (rs *RepoScanner) Scan() (Report, error) {
 
				 				log.Error(err)
			
 
				 			}
			
 
				 			for _, leak := range report.Leaks {
			
 
				-				leaks <- leak
			
 
				+				rs.mtx.Lock()
			
 
				+				scannerReport.Leaks = append(scannerReport.Leaks, leak)
			
 
				+				rs.mtx.Unlock()
			
 
				 			}
			
 
				 			return nil
			
 
				 		})
			
 
				 	}
			
 
				 
			
 
				-	go func() {
			
 
				-		if err := g.Wait(); err != nil {
			
 
				-			log.Error(err)
			
 
				-		}
			
 
				-		close(leaks)
			
 
				-	}()
			
 
				-
			
 
				-	for leak := range leaks {
			
 
				-		scannerReport.Leaks = append(scannerReport.Leaks, leak)
			
 
				+	if err := g.Wait(); err != nil {
			
 
				+		log.Error(err)
			
 
				 	}
			
 
				 
			
 
				 	scannerReport.Commits = commitNum
			
 
				-	return scannerReport, g.Wait()
			
 
				+	return scannerReport, nil
			
 
				 }
			
 
				 
			
 
				 // SetRepoName sets the repo name
			
--- a/scan/sarif.go
+++ b/scan/sarif.go
@@ -77,6 +77,7 @@ type Locations struct {
 
				 //Results ...
			
 
				 type Results struct {
			
 
				 	Message    Message          `json:"message"`
			
 
				+	RuleId     string           `json:"ruleId"`
			
 
				 	Properties ResultProperties `json:"properties"`
			
 
				 	Locations  []Locations      `json:"locations"`
			
 
				 }
			
@@ -117,6 +118,7 @@ func leaksToResults(leaks []Leak) []Results {
 
				 			Message: Message{
			
 
				 				Text: fmt.Sprintf("%s secret detected", leak.Rule),
			
 
				 			},
			
 
				+			RuleId: leak.Rule,
			
 
				 			Properties: ResultProperties{
			
 
				 				Commit:        leak.Commit,
			
 
				 				Offender:      leak.Offender,