Skip to content

[Feat] Implementation of Posthog Analyzer #4103

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
May 16, 2025

Conversation

abmussani
Copy link
Contributor

Description:

This PR implements Posthog analyzer which gathers and display user and organization permissions. There are some certain permissions which cannot be verified. Here is the list:

error_tracking:read
error_tracking:write
sharing_configuration:read
sharing_configuration:write
webhook:read
webhook:write

There are some optimization can be done in Posthog detector. I will create a separate PR for that.

Checklist:

  • Tests passing (make test-community)?
  • Lint passing (make lint this requires golangci-lint)?

@abmussani abmussani self-assigned this Apr 28, 2025
@abmussani abmussani requested review from a team as code owners April 28, 2025 12:27
abmussani added 3 commits May 7, 2025 12:54
* main:
  [Feat] Added Mux API Analyzer (trufflesecurity#4128)
  fixed name of netlify analyzer in cli output (trufflesecurity#4140)
  fix(discordwebhook): Update Discord webhook detector to support 19-digit IDs (trufflesecurity#4133)
  [Feat] Added New AccuWeather Detector Version (trufflesecurity#4114)
  [Feat] Added Ngrok API Key Analyzer (trufflesecurity#4110)
  Improved JDBC Detector Regex (trufflesecurity#4109)
  [Feat] Detector implementation for Azure Configuration Connection String Key (trufflesecurity#3939)
  test(sources/s3): fix missing region error (trufflesecurity#4131)
  feat(sources/s3): migrate to AWS SDK v2 (trufflesecurity#4069)
  Update PreCommit.md (trufflesecurity#4112)
  Exclusion of FalsePositive GH's usernames in PrivateKeyDetector (trufflesecurity#4046)
  Monday App Analyzer (trufflesecurity#4120)
  [Feat] Detector implementation for Azure API Management Direct Management Key (trufflesecurity#3938)
  Fastly Analyzer (trufflesecurity#4082)
  Postman Code Uses Consistent Casing for Id Var Names (trufflesecurity#4124)
  Normalize UID to Uid in Postman Code (trufflesecurity#4125)
  postman_client.IDNameUUID becomes IdNameUid (trufflesecurity#4123)
  Fixed Kontent Detector (trufflesecurity#4122)

# Conflicts:
#	pkg/analyzer/analyzers/analyzers.go
#	pkg/analyzer/cli.go
@abmussani abmussani requested review from nabeelalam and a team May 16, 2025 10:11
Copy link
Contributor

@nabeelalam nabeelalam left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @abmussani

@nabeelalam nabeelalam merged commit 3e87718 into trufflesecurity:main May 16, 2025
13 checks passed
abmussani added a commit to bunnyanon/trufflehog that referenced this pull request May 21, 2025
* main: (121 commits)
  Fixed Grafana detector (trufflesecurity#4166)
  Reduce verbosity of chunk trace logging (trufflesecurity#4161)
  Increase postman logging verbosity (trufflesecurity#4160)
  Change github file extension log message verbosity (trufflesecurity#4159)
  docs: fix typos (trufflesecurity#4158)
  fix(twitch): Update Twitch detector to handle new RawV2 field and adjust test expectations (trufflesecurity#4150)
  Add a bunch of Postman logging (trufflesecurity#4154)
  Added DataBricks Analyzer (trufflesecurity#4135)
  fixed shopify detector line number (trufflesecurity#4149)
  chore: run setup-go after checkout (trufflesecurity#4143)
  Add per-chunk detection logging (trufflesecurity#4152)
  [Feat] Added Dropbox API OAuth2 Token Analyzer (trufflesecurity#4080)
  Updated Github Source Validate method (trufflesecurity#4144)
  replace anthropic reference with groq (trufflesecurity#4147)
  [Fix] Line number issue for custom detector (trufflesecurity#3997)
  fix(postman): prevent infinite recursion in variable substitution (trufflesecurity#4145)
  Add metrics to the Postman source (trufflesecurity#4142)
  [Feat] Implementation of Posthog Analyzer (trufflesecurity#4103)
  [Feat] Added Mux API Analyzer (trufflesecurity#4128)
  fixed name of netlify analyzer in cli output (trufflesecurity#4140)
  ...

# Conflicts:
#	pkg/pb/detectorspb/detectors.pb.go
#	proto/detectors.proto
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants