You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ability to access the File and Line information from the Regex Detector example provided here:
Found unverified result π·πβ
Detector Type: CustomRegex
Decoder Type: PLAIN
Raw result: RawResultHere
Name: HogTokenDetector
File: input_file
Line: 13
from the verification server.
Preferred Solution
I am not entirely sure what the best solution would be, as the data structure sent to the server seems to be intentionally stripped down to reduce information size. One potential approach could be adding the ability in the .yaml configuration file to include the input file like this, although I am not convinced this is the best solution:
# config.yaml
detectors:
- name: HogTokenDetector
filename: ${input_file} <--------
keywords:
- hog
regex:
hogID: '\b(HOG[0-9A-Z]{17})\b'
hogToken: '[^A-Za-z0-9+\/]{0,1}([A-Za-z0-9+\/]{40})[^A-Za-z0-9+\/]{0,1}'
verify:
- endpoint: http://localhost:8000/
# unsafe must be set if the endpoint is HTTP
unsafe: true
headers:
- "Authorization: super secret authorization header"
Additional Context
When I parse the trufflehog output into the JSON format, I noticed that {"Data":{"Filesystem":{"file":"test_folder/test_server.py","line":2}}} includes a way to get the name of the verified result file and line. However, the data structure sent to the server looks like this:
Please review the Community Note before submitting
Description
The ability to access the
File
andLine
information from the Regex Detector example provided here:from the verification server.
Preferred Solution
I am not entirely sure what the best solution would be, as the data structure sent to the server seems to be intentionally stripped down to reduce information size. One potential approach could be adding the ability in the
.yaml
configuration file to include the input file like this, although I am not convinced this is the best solution:Additional Context
When I parse the
trufflehog
output into the JSON format, I noticed that{"Data":{"Filesystem":{"file":"test_folder/test_server.py","line":2}}}
includes a way to get the name of the verified result file and line. However, the data structure sent to the server looks like this:as explained here: https://github.com/trufflesecurity/trufflehog/tree/main?tab=readme-ov-file#verification-server-example-python
References
The text was updated successfully, but these errors were encountered: