From 8528b7625f2c32062c5b33f452cd889ffa57ee30 Mon Sep 17 00:00:00 2001 From: Dustin Decker Date: Mon, 29 Jan 2024 12:23:59 -0800 Subject: [PATCH 1/3] Merge branch 'main' of github.com:trufflesecurity/trufflehog --- pkg/engine/defaults.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkg/engine/defaults.go b/pkg/engine/defaults.go index eb16ecb85065..ffc4a2b6673a 100644 --- a/pkg/engine/defaults.go +++ b/pkg/engine/defaults.go @@ -66,7 +66,6 @@ import ( "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azurebatch" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azurecontainerregistry" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azuredevopspersonalaccesstoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azurefunctionkey" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azuresearchadminkey" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azuresearchquerykey" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azurestorage" @@ -1608,7 +1607,7 @@ func DefaultDetectors() []detectors.Detector { azurestorage.Scanner{}, azurecontainerregistry.Scanner{}, azurebatch.Scanner{}, - azurefunctionkey.Scanner{}, + // azurefunctionkey.Scanner{}, // AZF is throwing some FPs azuredevopspersonalaccesstoken.Scanner{}, azuresearchadminkey.Scanner{}, &azuresearchquerykey.Scanner{}, From 7d8b8ddaae1d17d037b203977a4c7656f3b25f7f Mon Sep 17 00:00:00 2001 From: Dustin Decker Date: Mon, 29 Jan 2024 12:25:25 -0800 Subject: [PATCH 2/3] AZF throwing FPs --- pkg/engine/defaults.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/engine/defaults.go b/pkg/engine/defaults.go index ffc4a2b6673a..48b02f46fe98 100644 --- a/pkg/engine/defaults.go +++ b/pkg/engine/defaults.go @@ -1607,7 +1607,7 @@ func DefaultDetectors() []detectors.Detector { azurestorage.Scanner{}, azurecontainerregistry.Scanner{}, azurebatch.Scanner{}, - // azurefunctionkey.Scanner{}, // AZF is throwing some FPs + // azurefunctionkey.Scanner{}, // detector is throwing some FPs azuredevopspersonalaccesstoken.Scanner{}, azuresearchadminkey.Scanner{}, &azuresearchquerykey.Scanner{}, From 5b38cada708b2af562c1817b2a45bc110e355a4f Mon Sep 17 00:00:00 2001 From: Dustin Decker Date: Mon, 29 Jan 2024 12:26:56 -0800 Subject: [PATCH 3/3] update snifftest script --- hack/snifftest/snifftest.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hack/snifftest/snifftest.sh b/hack/snifftest/snifftest.sh index 4e221536669c..04e1bd6ebab4 100755 --- a/hack/snifftest/snifftest.sh +++ b/hack/snifftest/snifftest.sh @@ -8,8 +8,8 @@ REPO_ARRAY=( # "https://github.com/Netflix/dgs-framework.git" # "https://github.com/Netflix/vector.git" # "https://github.com/expressjs/express.git" - "https://github.com/Azure/azure-sdk-for-net" - "https://github.com/Azure/azure-cli" + # "https://github.com/Azure/azure-sdk-for-net" + # "https://github.com/Azure/azure-cli" ) REPOS=$(printf "%s," "${REPO_ARRAY[@]}" | cut -d "," -f 1-${#REPO_ARRAY[@]}) go run hack/snifftest/main.go scan --exclude privatekey --exclude uri --exclude github_old --repo "$REPOS" --detector all --print --fail-threshold 99 \ No newline at end of file