| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273 |
- {
- "$schema": "https://json.schemastore.org/sarif-2.1.0.json",
- "version": "2.1.0",
- "runs": [
- {
- "tool": {
- "driver": {
- "name": "gitleaks",
- "semanticVersion": "v8.0.0",
- "informationUri": "https://github.com/gitleaks/gitleaks",
- "rules": [
- {
- "id": "aws-access-key",
- "shortDescription": {
- "text": "AWS Access Key"
- }
- },
- {
- "id": "aws-secret-key",
- "shortDescription": {
- "text": "AWS Secret Key"
- }
- },
- {
- "id": "aws-mws-key",
- "shortDescription": {
- "text": "AWS MWS key"
- }
- },
- {
- "id": "facebook-secret-key",
- "shortDescription": {
- "text": "Facebook Secret Key"
- }
- },
- {
- "id": "facebook-client-id",
- "shortDescription": {
- "text": "Facebook Client ID"
- }
- },
- {
- "id": "twitter-secret-key",
- "shortDescription": {
- "text": "Twitter Secret Key"
- }
- },
- {
- "id": "twitter-client-id",
- "shortDescription": {
- "text": "Twitter Client ID"
- }
- },
- {
- "id": "github-pat",
- "shortDescription": {
- "text": "Github Personal Access Token"
- }
- },
- {
- "id": "github-oauth",
- "shortDescription": {
- "text": "Github OAuth Access Token"
- }
- },
- {
- "id": "github-app",
- "shortDescription": {
- "text": "Github App Token"
- }
- },
- {
- "id": "github-refresh",
- "shortDescription": {
- "text": "Github Refresh Token"
- }
- },
- {
- "id": "linkedin-client",
- "shortDescription": {
- "text": "LinkedIn Client ID"
- }
- },
- {
- "id": "linkedin-secret",
- "shortDescription": {
- "text": "LinkedIn Secret Key"
- }
- },
- {
- "id": "slack",
- "shortDescription": {
- "text": "Slack"
- }
- },
- {
- "id": "apkey",
- "shortDescription": {
- "text": "Asymmetric Private Key"
- }
- },
- {
- "id": "google",
- "shortDescription": {
- "text": "Google (GCP) Service Account"
- }
- },
- {
- "id": "google",
- "shortDescription": {
- "text": "Google (GCP) Service Account"
- }
- },
- {
- "id": "heroku",
- "shortDescription": {
- "text": "Heroku API key"
- }
- },
- {
- "id": "mailchimp",
- "shortDescription": {
- "text": "MailChimp API key"
- }
- },
- {
- "id": "mailgun",
- "shortDescription": {
- "text": "Mailgun API key"
- }
- },
- {
- "id": "paypal",
- "shortDescription": {
- "text": "PayPal Braintree access token"
- }
- },
- {
- "id": "piacatic",
- "shortDescription": {
- "text": "Picatic API key"
- }
- },
- {
- "id": "sendgrid",
- "shortDescription": {
- "text": "SendGrid API Key"
- }
- },
- {
- "id": "sidekiq-secret",
- "shortDescription": {
- "text": "Sidekiq Secret"
- }
- },
- {
- "id": "sidekiq-sensitive-url",
- "shortDescription": {
- "text": "Sidekiq Sensitive URL"
- }
- },
- {
- "id": "slack-webhook",
- "shortDescription": {
- "text": "Slack Webhook"
- }
- },
- {
- "id": "stripe",
- "shortDescription": {
- "text": "Stripe API key"
- }
- },
- {
- "id": "square",
- "shortDescription": {
- "text": "Square access token"
- }
- },
- {
- "id": "square-oauth",
- "shortDescription": {
- "text": "Square OAuth secret"
- }
- },
- {
- "id": "twilio",
- "shortDescription": {
- "text": "Twilio API key"
- }
- },
- {
- "id": "dynatrace",
- "shortDescription": {
- "text": "Dynatrace ttoken"
- }
- },
- {
- "id": "shopify",
- "shortDescription": {
- "text": "Shopify shared secret"
- }
- },
- {
- "id": "shopify-access",
- "shortDescription": {
- "text": "Shopify access token"
- }
- },
- {
- "id": "shopify-custom",
- "shortDescription": {
- "text": "Shopify custom app access token"
- }
- },
- {
- "id": "shopify-private",
- "shortDescription": {
- "text": "Shopify private app access token"
- }
- },
- {
- "id": "pypi",
- "shortDescription": {
- "text": "PyPI upload token"
- }
- }
- ]
- }
- },
- "results": [
- {
- "message": {
- "text": "test-rule has detected secret for file auth.py at commit 0000000000000000."
- },
- "ruleId": "test-rule",
- "locations": [
- {
- "physicalLocation": {
- "artifactLocation": {
- "uri": "auth.py"
- },
- "region": {
- "startLine": 1,
- "startColumn": 1,
- "endLine": 2,
- "endColumn": 2,
- "snippet": {
- "text": "a secret"
- }
- }
- }
- }
- ],
- "partialFingerprints": {
- "commitSha": "0000000000000000",
- "email": "johndoe@gmail.com",
- "author": "John Doe",
- "date": "10-19-2003",
- "commitMessage": "opps"
- },
- "properties": {
- "tags": [
- "tag1",
- "tag2",
- "tag3"
- ]
- }
- }
- ]
- }
- ]
- }
|