Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Slack token detector #122

Merged
merged 2 commits into from
Feb 1, 2019
Merged

Add Slack token detector #122

merged 2 commits into from
Feb 1, 2019

Conversation

killuazhu
Copy link
Contributor

@killuazhu killuazhu commented Feb 1, 2019
edited
Loading

Add Slack token detector.

CC @jribm

Slack token detector
967e9fc 
Add Slack token detector
KevinHock
KevinHock approved these changes Feb 1, 2019
View reviewed changes
Copy link
Collaborator

@KevinHock KevinHock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome stuff! 🚢

detect_secrets/plugins/slack.py
class SlackDetector(RegexBasedDetector):
secret_type = 'Slack Token'
blacklist = (
re.compile(r'xox(?:a|b|p|o|s|r)-(?:\d+-)+[a-z0-9]+', flags=re.IGNORECASE),
Copy link
Collaborator

@KevinHock KevinHock Feb 1, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Super nit: We could add length ranges but I couldn't find out how much they vary, e.g. the last field might not be more than 32 chars. I rather we lean towards false-positives and iterate though, i.e. ship as-is 👍 (not that I think there will be any false-positives, since xox is sort of rare)

cc @dxa4481, in case you want to compare with your truffleHogRegex

detect_secrets/core/usage.py Outdated
PluginDescriptor(
classname='SlackDetector',
disable_flag_text='--no-slack-scan',
disable_help_text='Disables scanning for secret slack.',
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Maybe Disables scanning for Slack tokens.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated in the latest commit 2dd3ef8

@KevinHock KevinHock merged commit 4a05700 into Yelp:master Feb 1, 2019
KevinHock added a commit that referenced this pull request Feb 1, 2019
@KevinHock
↪️ Merge pull request #122 from killuazhu/slack
24d29d4 
Add Slack token detector
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KevinHock KevinHock KevinHock approved these changes

@domanchi domanchi domanchi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@killuazhu @KevinHock @domanchi