Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include VerificationError details in log output #1924

Open
rgmz opened this issue Oct 19, 2023 · 1 comment
Open

Include VerificationError details in log output #1924

rgmz opened this issue Oct 19, 2023 · 1 comment
Labels
enhancement

Comments

@rgmz
Copy link
Contributor

rgmz commented Oct 19, 2023

Please review the Community Note before submitting

Description

When a verification test fails, the log output should include this information so that potentially valid secrets aren't discounted.

For instance, if a slow remote server can cause the request to timeout:

Get "https://app.scrapingbee.com/api/v1/?api_key=TQ9CCAZSORUPU1NMZXZEM11VY7K3NC6HJPBNYP2V4CZZXUY9SWEULNDHOZ77XGWO9FASA12XWFVWUBZJ&url=https://httpbin.org/anything?json&render_js=false": context deadline exceeded

Which in turn will cause the secret to be reported as "unverified" without information about the failure, or excluded altogether if using --only-verified.

Found unverified result 🐷🔑❓
Detector Type: ScrapingBee
Decoder Type: PLAIN
Raw result: TQ9CCAZSORUPU1NMZXZEM11VY7K3NC6HJPBNYP2V4CZZXUY9SWEULNDHOZ77XGWO9FASA12XWFVWUBZJ
File: pkg/detectors/scrapingbee/scrapingbee_test.go
Line: 147

Preferred Solution

Two potential solutions come to mind.

  1. Add "VeriticationError" to outputs such as PlainPrinter.
Found unverified result 🐷🔑❓
Detector Type: ScrapingBee
Decoder Type: PLAIN
Raw result: TQ9CCAZSORUPU1NMZXZEM11VY7K3NC6HJPBNYP2V4CZZXUY9SWEULNDHOZ77XGWO9FASA12XWFVWUBZJ
File: pkg/detectors/scrapingbee/scrapingbee_test.go
Line: 147
VerificationError: Get "https://app.scrapingbee.com/api/v1/?api_key=TQ9CCAZSORUPU1NMZXZEM11VY7K3NC6HJPBNYP2V4CZZXUY9SWEULNDHOZ77XGWO9FASA12XWFVWUBZJ&url=https://httpbin.org/anything?json&render_js=false": context deadline exceeded
  1. Add a third case for results that include VerificationError that perhaps can still show up with --only-verified.
Failed to verify result 🐷🔑❌
Detector Type: ScrapingBee
Decoder Type: PLAIN
Raw result: TQ9CCAZSORUPU1NMZXZEM11VY7K3NC6HJPBNYP2V4CZZXUY9SWEULNDHOZ77XGWO9FASA12XWFVWUBZJ
File: pkg/detectors/scrapingbee/scrapingbee_test.go
Line: 147
VerificationError: Get "https://app.scrapingbee.com/api/v1/?api_key=TQ9CCAZSORUPU1NMZXZEM11VY7K3NC6HJPBNYP2V4CZZXUY9SWEULNDHOZ77XGWO9FASA12XWFVWUBZJ&url=https://httpbin.org/anything?json&render_js=false": context deadline exceeded

Additional Context

This may only be applicable to plain output. I haven't tested it with JSON or anything else.

References

N/A
@rgmz rgmz mentioned this issue Nov 9, 2023
Closed
2 tasks
@rgmz
Copy link
Contributor Author

rgmz commented Jan 30, 2024

Partially fixed by #2335.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rgmz