YAML and JSON are scanned like structures

[babenek]

Description

• Added StructContentProvider to separate structure storage
• YAML and JSON might be scanned like structures
• The case in yaml with multiline credential is found:

key: |
  5UpEr5eCrEt

How has this been tested?

• UnitTests
• do benchmark with --dept 33

[csh519]

I think this category(using extension to analyze) of features should to have abstract class and each specific classes.
I suggest to create new directory like extension_analyzer on credsweeper/file_handler/ as a child and create classes for that. Including xml parsing function.

How do you think?

[babenek]

Agree, there is some refactoring required. But it is not analysis by extension. It is a 'bruteforce' data analysis.
I hope, we implement file type recognition with signature sometime like 'is_zip', 'is_gzip'.
Moreover, there is applied recursive scan. So, credential might be hidden ZIP -> YAML -> BASE64 -> someAPI...
The feature is experimental yet and not optimized: CredSweeper has to read a file twice. First - to scan as is. Second - to recognize data type.
So, the refactoring will be big and the architecture will be changed.
I try to add new feature with the PR and #237 without extra changes.

I could separate struct_scan but it might invoke data_scan and this required self.config
There should be the config propagate in the classes. Probably we have to discuss more with xDizzix

[csh519]

@babenek

Okay I understood what you mean except about whatthepatch case(xDizzix)..
Is it related with recursive scan with proper file type(extension)?
And regarding propagation of config, we can make a config as a classmethod and make it access from all over source code.

But I love singleton style more as we using.

[csh519]

Could you please unify the logging style with YAML code block(L75-L76)?
And please remove annotated codes.

[csh519]

Thank you for adding structure scan.

LGTM 👍

[babenek]

Rebased after the last release

[csh519]

Approve again.

[iuriimet]

LGTM