Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Defined Networking API Tokens Detector #1096

Merged
merged 1 commit into from
Mar 14, 2023
Merged

Add Defined Networking API Tokens Detector #1096

merged 1 commit into from
Mar 14, 2023

Conversation

jasikpark
Copy link
Contributor

Description:

Adds detection support for Defined Networking tokens (https://docs.defined.net/guides/automating-host-creation/)

I added a fixture in addition to the generator, I think I may be able to use the generateUniqueToken instead of the semi-generic option? Let me know if I should update accordingly.

Checklist:

  • Does your PR pass tests?
  • Have you written new tests for your changes?
  • Have you lint your code locally prior to submission?

@jit-ci
Copy link

jit-ci bot commented Feb 9, 2023

Hi, I’m Jit, a friendly security platform designed to help developers build secure applications from day zero with an MVS (Minimal viable security) mindset.

In case there are security findings, they will be communicated to you as a comment inside the PR.

Hope you’ll enjoy using Jit.

Questions? Comments? Want to learn more? Get in touch with us.

jit-ci[bot]
jit-ci bot reviewed Feb 9, 2023
View reviewed changes
Copy link

@jit-ci jit-ci bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❌ Jit has detected 1 important finding in this PR that you should review.
The finding is detailed below as a comment.
It’s highly recommended that you fix this security issue before merge.

cmd/generate/config/rules/definednetworking.go Outdated Show resolved Hide resolved
@jasikpark
Copy link
Contributor Author

Rebased w/o the fixture to avoid setting off the detector xD

jasikpark
jasikpark commented Feb 9, 2023
View reviewed changes
config/gitleaks.toml Outdated Show resolved Hide resolved
@jasikpark
Copy link
Contributor Author

Anything I can do to push this PR forwards? Sorry to ping, just wanted to know if this is the right place to contribute.

@zricethezav
Copy link
Collaborator

@jasikpark would you mind rebasing? Global allowlists have been updated

@jasikpark
Add Defined Networking API Tokens
e201e87 
Adds detection support for Defined Networking tokens (https://docs.defined.net/guides/automating-host-creation/)

I added a fixture in addition to the generator, I think I may be able to use the `generateUniqueToken` instead of the semi-generic option? Let me know if I should update accordingly.

Remove testing fixture
@jasikpark
Copy link
Contributor Author

@zricethezav done!

@zricethezav zricethezav merged commit 6b0c303 into gitleaks:master Mar 14, 2023
@jasikpark
Copy link
Contributor Author

woot 🥳

@jasikpark jasikpark deleted the add-defined-networking branch March 14, 2023 22:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jit-ci jit-ci[bot] jit-ci left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jasikpark @zricethezav