Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add npm detector #347

Merged
merged 2 commits into from
Nov 12, 2020
Merged

Add npm detector #347

merged 2 commits into from
Nov 12, 2020

Conversation

ninoseki
Copy link
Contributor

Add a new detector which searches for NPM auth tokens.

It detects NPM auth tokens which are probably written in .npmrc.

//registry.npmjs.org/:_authToken=foobar

@ninoseki
Add npm detector
b041151 
Add a new detector which searches for NPM auth tokens
domanchi
domanchi reviewed Nov 11, 2020
View reviewed changes
tests/plugins/npm_test.py Outdated
)
def test_analyze(self, payload, should_flag):
logic = NpmDetector()
output = logic.analyze_line(payload, 1, 'mock_filename')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @ninoseki,

Thanks so much for your PR! Sorry it has been a while since one of our team members has looked into this -- but I'm back now, and will be paying closer attention to this project. We appreciate your contribution to helping make this tool better!

Would you mind merging this into the pre-v1-launch branch instead? All you'd have to do is change this line as such:

Suggested change
output = logic.analyze_line(payload, 1, 'mock_filename')
output = logic.analyze_line(filename='mock_filename', line=payload)

and it will greatly assist our process in revamping the underlying architecture of this tool (by reducing merge conflicts).

@ninoseki ninoseki changed the base branch from master to pre-v1-launch November 12, 2020 05:42
@ninoseki
Copy link
Contributor Author

@domanchi Hi, thank you for kindly reviewing my PR.
I made changes according to your review. Let me know if I miss something.

@domanchi
Copy link
Contributor

Tests pass -- only py35 fails (to be expected).

@domanchi domanchi merged commit 9b4ec6d into Yelp:pre-v1-launch Nov 12, 2020
@ninoseki ninoseki deleted the add-npm-detector branch November 13, 2020 00:39
KevinHock added a commit that referenced this pull request Aug 1, 2021
@KevinHock
🐍 Capitalize GitHub and SendGrid Secret Types
e5a497d 
I am not editing the plugins merged in PRs #347 and #359 because of how disruptive that would be to users that already made baselines.
@KevinHock KevinHock mentioned this pull request Aug 1, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@domanchi domanchi domanchi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ninoseki @domanchi