Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security check for json files #33

Open
bartoszWesolowski opened this issue Jul 17, 2019 · 3 comments
Open

Security check for json files #33

bartoszWesolowski opened this issue Jul 17, 2019 · 3 comments
Labels
enhancement New feature or request

Comments

@bartoszWesolowski
Copy link

Hello,
This is rather a question, not an issue.

I am currently working on detecting sensitive data in properties files kept in source control repositories (passwords, api credentials - secrets in general). I was thinking about writing a plugin that will check all property files like xml/json/yaml/.properties for any entry that possibly contains sensitive data.

Do you think rule like that could be added here ?

I am attaching related sonar forum question: Sonar forum

@sbaudoin
Copy link
Owner

Hi,

You mean add the gitleaks patterns in a new rule? There are tens of patterns: what would be the approach to enable or disable the patterns depending on needs? Should all the patterns be checked every time or should we be able to select the patterns we want to check?

@sbaudoin sbaudoin assigned sbaudoin and unassigned sbaudoin Jul 18, 2019
@sbaudoin sbaudoin added the enhancement New feature or request label Jul 18, 2019
@sbaudoin sbaudoin added this to the 1.5.0 milestone Jul 21, 2019
@bartoszWesolowski
Copy link
Author

Hello,

I was thinking about providing all patterns as a config entry with default set of patterns provided OOTB by the rule.

I actually meant adding rule that will go through all properties and check whether their names matches patterns implying that property might contain secret but implementing another rule for checking attributes values with gitleaks approach also might be worth doing.

@sbaudoin
Copy link
Owner

sbaudoin commented Aug 18, 2019

Hello,

This does not seem to be easily feasible: so far I have not found a way to create a generic rule with predefined expressions that you would select. So the options I've identified are: whether I create a rule per expression (which is a bit tedious), or I had the expressions as examples on the documentation on a first, simple and very straightforward approach. Any thought on that?

@sbaudoin sbaudoin removed this from the 1.5.0 milestone Dec 19, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants