-
-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: generic support special character #1371
base: master
Are you sure you want to change the base?
Commits on Mar 13, 2024
-
Baruch Odem committed
Mar 13, 2024 Configuration menu - View commit details
-
Copy full SHA for 1f3cbbc - Browse repository at this point
Copy the full SHA 1f3cbbcView commit details -
Baruch Odem committed
Mar 13, 2024 Configuration menu - View commit details
-
Copy full SHA for 46ac992 - Browse repository at this point
Copy the full SHA 46ac992View commit details -
Baruch Odem committed
Mar 13, 2024 Configuration menu - View commit details
-
Copy full SHA for fa549fc - Browse repository at this point
Copy the full SHA fa549fcView commit details
Commits on Mar 14, 2024
-
you know what, include any non-space char
Baruch Odem committedMar 14, 2024 Configuration menu - View commit details
-
Copy full SHA for e528deb - Browse repository at this point
Copy the full SHA e528debView commit details -
Baruch Odem committed
Mar 14, 2024 Configuration menu - View commit details
-
Copy full SHA for c8d4720 - Browse repository at this point
Copy the full SHA c8d4720View commit details
Commits on Mar 28, 2024
-
Remove funding and release workflows
Baruch Odem committedMar 28, 2024 Configuration menu - View commit details
-
Copy full SHA for 51a8409 - Browse repository at this point
Copy the full SHA 51a8409View commit details -
Baruch Odem committed
Mar 28, 2024 Configuration menu - View commit details
-
Copy full SHA for 70f6bf3 - Browse repository at this point
Copy the full SHA 70f6bf3View commit details -
Baruch Odem committed
Mar 28, 2024 Configuration menu - View commit details
-
Copy full SHA for f604e9a - Browse repository at this point
Copy the full SHA f604e9aView commit details -
Merge branch 'master' of github.com:Checkmarx/gitleaks
Baruch Odem committedMar 28, 2024 Configuration menu - View commit details
-
Copy full SHA for 4f6df59 - Browse repository at this point
Copy the full SHA 4f6df59View commit details -
gitleaks require a token for running from organization
Baruch Odem committedMar 28, 2024 Configuration menu - View commit details
-
Copy full SHA for 304b4a8 - Browse repository at this point
Copy the full SHA 304b4a8View commit details -
Merge remote-tracking branch 'origin/master' into generic
Baruch Odem committedMar 28, 2024 Configuration menu - View commit details
-
Copy full SHA for 94ebd30 - Browse repository at this point
Copy the full SHA 94ebd30View commit details -
feat: catch secret in XML child (#1)
### Description: - Added generic API key inside an XML element: `<password>edf8f16608465858a6c9e3cccb97d3c2</password>` - Added True-Positives and False-Positives to the Generic API Key rule ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1265
Configuration menu - View commit details
-
Copy full SHA for 93df1a4 - Browse repository at this point
Copy the full SHA 93df1a4View commit details -
chore: refactor regex for redundant pipe (#2)
### Description: > since this part is enclosed in `[]`, the pipes aren't necessary. _Originally posted by @rgmz in gitleaks#1265 (comment) ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1266
Configuration menu - View commit details
-
Copy full SHA for 170b7c8 - Browse repository at this point
Copy the full SHA 170b7c8View commit details -
feat: catch JSON stringified (#3)
### Description: I have a code sample when someone writting a hard-coded JSON as string, and it looks like this: ```java var json = "{ \"access-key\": \"access key here\" }" ``` ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1267
Configuration menu - View commit details
-
Copy full SHA for 5a9153a - Browse repository at this point
Copy the full SHA 5a9153aView commit details -
fix: secrets found with quotas (#4)
I found some rules that returns the value ended with `"`. This happened because missing `secretGroup` value. It is an _hot fix_. For the future, I think we need: 1. Refactor the `validate` function or create another suite of tests with declaration of the expected found secret. 1. Fix the suffix regex to not include the `"`, because even with my change, it only fixes the `Secret` but not the `Match` Original: gitleaks#1350
Configuration menu - View commit details
-
Copy full SHA for 4a80c88 - Browse repository at this point
Copy the full SHA 4a80c88View commit details -
tests: scalingo validation consistent test (#7)
### Description: Sometimes the tp of Scalingo is failing during the Github Actions workflow and after re-triggering it passed. I think the problem was when the generated example secret was ended with `-`, and combined with the `Regex` that expect for a word boundary `\b`, it was failed. I think in any way it is better to use the common `generateUniqueTokenRegex` instead of wrapping the regex with `\b`. ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1359
Configuration menu - View commit details
-
Copy full SHA for ca72e87 - Browse repository at this point
Copy the full SHA ca72e87View commit details -
feat: add aws-secret-key rule (#5)
### Description: I fixes few issues (gitleaks#1049, gitleaks#1324, gitleaks#1337) and added a rule for AWS Secret Key. I renamed the `AWS()` function name to `AWSAccessKey()`, and changed the `RuleID` too, which may lead to breaking changes
⚠️ . ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1356Configuration menu - View commit details
-
Copy full SHA for bfa12e0 - Browse repository at this point
Copy the full SHA bfa12e0View commit details -
Merge remote-tracking branch 'origin/master' into generic
Baruch Odem committedMar 28, 2024 Configuration menu - View commit details
-
Copy full SHA for d5664d6 - Browse repository at this point
Copy the full SHA d5664d6View commit details -
feat: Add PuttyPrivateKey rule and allowlist for raw content (#9)
### Description: [PuTTY](https://www.putty.org/) is a common SSH and telnet client for Windows. It installed with a "PuTTY Key Generator, which is generating a regular private/public keys, but saves them in a different format. To support this, I added support for apply the `AllowList.Regexes` on the `fragment.Raw` content. I also added a `validateFragment` to validate a rule that accept the `Path` field. ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1373
Configuration menu - View commit details
-
Copy full SHA for 33e0634 - Browse repository at this point
Copy the full SHA 33e0634View commit details -
add real (test) standard and restricted keys (#11)
### Description: I just generated keys from Stripe and adjusted the rule. ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1375
Configuration menu - View commit details
-
Copy full SHA for b30d2e6 - Browse repository at this point
Copy the full SHA b30d2e6View commit details -
feat: Add Cloudflare API and Origin CA keys (#10)
### Description: Added rules for real (revoked) cloudflare secrets ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1374
Configuration menu - View commit details
-
Copy full SHA for b4c1a00 - Browse repository at this point
Copy the full SHA b4c1a00View commit details -
fix: reduce false positives by hashicorp (#6)
### Description: To add this rule I took examples from the official Hashicorp documentation, but now I used this rule and it find too generic cases such as `const TagPassword = "password"`. Using the `Entropy` field is a balance between true/false positives, since with `3.5` it will ignore almost all passwords less then 10 characters length. ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1358
Configuration menu - View commit details
-
Copy full SHA for aea43c0 - Browse repository at this point
Copy the full SHA aea43c0View commit details -
Configuration menu - View commit details
-
Copy full SHA for aaa90c3 - Browse repository at this point
Copy the full SHA aaa90c3View commit details -
Update generic API key regex pattern
Baruch Odem committedMar 28, 2024 Configuration menu - View commit details
-
Copy full SHA for 04f605d - Browse repository at this point
Copy the full SHA 04f605dView commit details