Главная Обзор Помощь
Вход
LBP
/
gitleaks
зеркало из https://github.com/gitleaks/gitleaks.git
4
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: 4e8d7d3790
Ветки Метки
gitleaks
/
cmd
/
generate
/
config
/
utils
/
validate.go

validate.go 2.3 KB
История Исходник

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. // == WARNING ==
    2. 

  2. // These functions are used to generate GitLeak's default config.
    3. 

  3. // You are free to use these in your own project, HOWEVER, no API stability is guaranteed.
    4. 

  4. 

  5. package utils
    6. 

  6. 

  7. import (
    8. 

  8. 	"github.com/rs/zerolog/log"
    9. 

  9. 	"github.com/zricethezav/gitleaks/v8/config"
    10. 

  10. 	"github.com/zricethezav/gitleaks/v8/detect"
    11. 

  11. 	"strings"
    12. 

  12. )
    13. 

  13. 

  14. func Validate(r config.Rule, truePositives []string, falsePositives []string) *config.Rule {
    15. 

  15. 	// normalize keywords like in the config package
    16. 

  16. 	var keywords []string
    17. 

  17. 	for _, k := range r.Keywords {
    18. 

  18. 		keywords = append(keywords, strings.ToLower(k))
    19. 

  19. 	}
    20. 

  20. 	r.Keywords = keywords
    21. 

  21. 

  22. 	rules := make(map[string]config.Rule)
    23. 

  23. 	rules[r.RuleID] = r
    24. 

  24. 	d := detect.NewDetector(config.Config{
    25. 

  25. 		Rules:    rules,
    26. 

  26. 		Keywords: keywords,
    27. 

  27. 	})
    28. 

  28. 	for _, tp := range truePositives {
    29. 

  29. 		if len(d.DetectString(tp)) != 1 {
    30. 

  30. 			log.Fatal().
    31. 

  31. 				Str("rule", r.RuleID).
    32. 

  32. 				Str("value", tp).
    33. 

  33. 				Str("regex", r.Regex.String()).
    34. 

  34. 				Msg("Failed to Validate. True positive was not detected by regex.")
    35. 

  35. 		}
    36. 

  36. 	}
    37. 

  37. 	for _, fp := range falsePositives {
    38. 

  38. 		if len(d.DetectString(fp)) != 0 {
    39. 

  39. 			log.Fatal().
    40. 

  40. 				Str("rule", r.RuleID).
    41. 

  41. 				Str("value", fp).
    42. 

  42. 				Str("regex", r.Regex.String()).
    43. 

  43. 				Msg("Failed to Validate. False positive was detected by regex.")
    44. 

  44. 		}
    45. 

  45. 	}
    46. 

  46. 	return &r
    47. 

  47. }
    48. 

  48. 

  49. func ValidateWithPaths(r config.Rule, truePositives map[string]string, falsePositives map[string]string) *config.Rule {
    50. 

  50. 	var keywords []string
    51. 

  51. 	for _, k := range r.Keywords {
    52. 

  52. 		keywords = append(keywords, strings.ToLower(k))
    53. 

  53. 	}
    54. 

  54. 	r.Keywords = keywords
    55. 

  55. 

  56. 	rules := make(map[string]config.Rule)
    57. 

  57. 	rules[r.RuleID] = r
    58. 

  58. 	d := detect.NewDetector(config.Config{
    59. 

  59. 		Rules:    rules,
    60. 

  60. 		Keywords: keywords,
    61. 

  61. 	})
    62. 

  62. 	for path, tp := range truePositives {
    63. 

  63. 		f := detect.Fragment{Raw: tp, FilePath: path}
    64. 

  64. 		if len(d.Detect(f)) != 1 {
    65. 

  65. 			log.Fatal().
    66. 

  66. 				Str("rule", r.RuleID).
    67. 

  67. 				Str("value", tp).
    68. 

  68. 				Str("regex", r.Regex.String()).
    69. 

  69. 				Str("path", r.Path.String()).
    70. 

  70. 				Msg("Failed to Validate. True positive was not detected by regex and/or path.")
    71. 

  71. 		}
    72. 

  72. 	}
    73. 

  73. 	for path, fp := range falsePositives {
    74. 

  74. 		f := detect.Fragment{Raw: fp, FilePath: path}
    75. 

  75. 		if len(d.Detect(f)) != 0 {
    76. 

  76. 			log.Fatal().
    77. 

  77. 				Str("rule", r.RuleID).
    78. 

  78. 				Str("value", fp).
    79. 

  79. 				Str("regex", r.Regex.String()).
    80. 

  80. 				Str("path", r.Path.String()).
    81. 

  81. 				Msg("Failed to Validate. False positive was detected by regex and/or path.")
    82. 

  82. 		}
    83. 

  83. 	}
    84. 

  84. 	return &r
    85. 

  85. }
    86.