Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: trufflesecurity/trufflehog
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v3.88.2
Choose a base ref
...
head repository: trufflesecurity/trufflehog
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v3.88.3
Choose a head ref
  • 20 commits
  • 795 files changed
  • 10 contributors

Commits on Jan 9, 2025

  1. [chore] Use static token in GitHub source (#3834)

    Also some minor formatting in sources.go
    mcastorina authored Jan 9, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    fbf835f View commit details

Commits on Jan 10, 2025

  1. Update log for large s3 file (#3835)

    * update log for large s3 file
    
    * key and size already in ctx
    0x1 authored Jan 10, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    81d5859 View commit details
  2. oss-87: added new sanity detector (#3836)

    kashifkhan0771 authored Jan 10, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    6d1c59f View commit details

Commits on Jan 13, 2025

  1. Support for Customize Endpoint in Gitlab Analyzer (#3832)

    * pass on host to gitlab analyzer from detector
    
    * remove version from metadata as that causes the test to fail
    
    * reverted the cli to old one.
    code refactoring
    abmussani authored Jan 13, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    e967efa View commit details
  2. fixed jirav1 detector email pattern (#3826)

    kashifkhan0771 authored Jan 13, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    71b341c View commit details
  3. chore: run unit tests (#3773)

    rgmz authored Jan 13, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    44fc4c8 View commit details

Commits on Jan 14, 2025

  1. Run detector tests from test workflow #3839

    #3773 missed one
    rgmz authored Jan 14, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    1571f92 View commit details
  2. issue:3838 - fixed common email pattern (#3840)

    * issue:3838 - fixed common email pattern
    
    * updated pattern as suggested by rgmz
    
    Co-authored-by: Richard Gomez <32133502+rgmz@users.noreply.github.com>
    
    ---------
    
    Co-authored-by: Richard Gomez <32133502+rgmz@users.noreply.github.com>
    kashifkhan0771 and rgmz authored Jan 14, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    ea62086 View commit details
  3. create new unrestricted analyzer client to not filter out unsafe succ…

    …ess requests (#3841)
    abmussani authored Jan 14, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    9e28c7a View commit details

Commits on Jan 15, 2025

  1. fix import issue (#3842)

    ahrav authored Jan 15, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    3370e4f View commit details
  2. feat(uri): update detector (#3656)

    The URI detector currently makes an indiscriminate number of HTTP requests to domains, regardless of whether they actually exist. This results in wasted network bandwidth and logs spammed with things like below:
    
    Found unverified result 🐷🔑❓
    Verification issue: lookup proxy.example.com: no such host
    Detector Type: URI
    Decoder Type: PLAIN
    Raw result: http://username:password@proxy.example.com
    Commit: 0dec3cdfe8cbd1c7fd6b5bdd3d8f108d4cc42311
    Email: Toan <toan@microsoft.com>
    File: reactjs.zip
    Line: 127
    Link: https://github.com/azureossd/Deployment-Oryx-Samples/blob/0dec3cdfe8cbd1c7fd6b5bdd3d8f108d4cc42311/reactjs.zip#L127
    Repository: https://github.com/azureossd/Deployment-Oryx-Samples.git
    Timestamp: 2020-04-23 01:20:33 +0000
    
    In addition to de-duplicating matches, this updates the URI detector to track hosts that are not found and skip verification.
    rgmz authored Jan 15, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    278251a View commit details
  3. chore(detectors): remove match len check (#2746)

    rgmz authored Jan 15, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    8723f85 View commit details
  4. fix(ngrok): panic from broken pattern (#3844)

    rgmz authored Jan 15, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    1a1fe7b View commit details
  5. raw (#3845)

    zricethezav authored Jan 15, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    eea7e06 View commit details

Commits on Jan 16, 2025

  1. Removed global variable scanning implementationfor Postman (#3843)

    casey-tran authored Jan 16, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    1fc8961 View commit details

Commits on Jan 20, 2025

  1. fixed sentry auth token detector (#3827)

    * fixed sentry auth token detector
    
    * not sure why this is failing
    
    * Updated http client logic
    
    Co-authored-by: Richard Gomez <32133502+rgmz@users.noreply.github.com>
    
    * resolved comments
    
    * improved decoding logic
    
    * removed response type
    
    * splitted to two versions
    
    * splitted to two versions
    
    * this is confusing error
    
    ---------
    
    Co-authored-by: Richard Gomez <32133502+rgmz@users.noreply.github.com>
    kashifkhan0771 and rgmz authored Jan 20, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    39d2453 View commit details

Commits on Jan 21, 2025

  1. fix typo (#3846)

    hxnyk authored Jan 21, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    20a3840 View commit details

Commits on Jan 24, 2025

  1. use first capture group in custom detector regex if available (#3853)

    zricethezav authored Jan 24, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    7550057 View commit details

Commits on Jan 27, 2025

  1. update jenkins err message (#3855)

    This PR updates an error message to be more helpful.
    rosecodym authored Jan 27, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    d509097 View commit details

Commits on Jan 28, 2025

  1. [Fix] use unrestricted http client only for non-safe requests (#3847)

    * exposed a MethodIsSafe() to reuse it in OpsGenie Analyzer.
    Use Restricted Client for non-safe APIs.
    
    * Renamed MethodIsSafe to IsMethodSafe for more clarity
    abmussani authored Jan 28, 2025

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    b6b00bb View commit details
Showing 795 changed files with 1,242 additions and 3,376 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -34,7 +34,7 @@ jobs:
mkdir -p tmp/test-results
- name: Test
run: |
CGO_ENABLED=1 gotestsum --junitfile tmp/test-results/test.xml --raw-command -- go test -json -tags=sources $(go list ./... | grep -v /vendor/ | grep -v pkg/detectors | grep -v pkg/analyzer/analyzers)
CGO_ENABLED=1 gotestsum --junitfile tmp/test-results/test.xml --raw-command -- go test -json -tags=sources $(go list ./... | grep -v /vendor/ | grep -v pkg/analyzer/analyzers)
if: ${{ success() || failure() }} # always run this step, even if there were previous errors
- name: Upload test results to BuildPulse for flaky test detection
if: ${{ !cancelled() }} # Run this step even when the tests fail. Skip if the workflow is cancelled.
8 changes: 4 additions & 4 deletions Makefile
Original file line number Diff line number Diff line change
@@ -28,19 +28,19 @@ test-failing:
CGO_ENABLED=0 go test -timeout=5m $(shell go list ./... | grep -v /vendor/) | grep FAIL

test:
CGO_ENABLED=0 go test -timeout=5m $(shell go list ./... | grep -v /vendor/ | grep -v pkg/detectors)
CGO_ENABLED=0 go test -timeout=5m $(shell go list ./... | grep -v /vendor/)

test-integration:
CGO_ENABLED=0 go test -timeout=5m -tags=integration $(shell go list ./... | grep -v /vendor/ | grep -v pkg/detectors)
CGO_ENABLED=0 go test -timeout=5m -tags=integration $(shell go list ./... | grep -v /vendor/)

test-race:
CGO_ENABLED=1 go test -timeout=5m -race $(shell go list ./... | grep -v /vendor/ | grep -v pkg/detectors)
CGO_ENABLED=1 go test -timeout=5m -race $(shell go list ./... | grep -v /vendor/)

test-detectors:
CGO_ENABLED=0 go test -tags=detectors -timeout=5m $(shell go list ./... | grep pkg/detectors)

test-community:
CGO_ENABLED=0 go test -timeout=5m $(shell go list ./... | grep -v /vendor/ | grep -v pkg/detectors | grep -v pkg/sources | grep -v pkg/analyzer/analyzers)
CGO_ENABLED=0 go test -timeout=5m $(shell go list ./... | grep -v /vendor/ | grep -v pkg/sources | grep -v pkg/analyzer/analyzers)

bench:
CGO_ENABLED=0 go test $(shell go list ./pkg/secrets/... | grep -v /vendor/) -benchmem -run=xxx -bench .
5 changes: 5 additions & 0 deletions go.mod
Original file line number Diff line number Diff line change
@@ -11,6 +11,11 @@ replace github.com/snowflakedb/gosnowflake => github.com/trufflesecurity/gosnowf
// Coinbase archived this library and it has some vulnerable dependencies so we've forked.
replace github.com/coinbase/waas-client-library-go => github.com/trufflesecurity/waas-client-library-go v1.0.9

// Replace directive needed due to ambiguous import of opentelemetry stats package
// which exists in both main gRPC module and standalone module during transition period.
// Can be removed once dependent packages consistently use the standalone module.
replace google.golang.org/grpc/stats/opentelemetry => google.golang.org/grpc/stats/opentelemetry v0.0.0-20240907200651-3ffb98b2c93a

require (
cloud.google.com/go/secretmanager v1.14.2
cloud.google.com/go/storage v1.48.0
Loading