Skip to content

Feat: bitbucket app #4214

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Feat: bitbucket app #4214

wants to merge 10 commits into from

Conversation

x-stp
Copy link

@x-stp x-stp commented Jun 7, 2025
edited
Loading

fork off brandonjyan:bitbucketapppassword which lived here #1498

The previous complex logic has been replaced with a clean, single-pass approach using a unified credentialPatterns slice for simplicity and performance.

The entire detector has been brought up to current project standards, attempt w/ cleaner regex with named capture groups and improved resource handling.

xxlarge bench is 2x faster.

Checklist:

  • [ ✔️ ] Tests passing (make test-community)?

  • [ ✔️ ] Lint passing (make lint this requires golangci-lint)?

@x-stp x-stp requested review from a team as code owners June 7, 2025 18:31
@CLAassistant
Copy link

CLAassistant commented Jun 7, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

@x-stp x-stp marked this pull request as draft June 7, 2025 18:31
@x-stp x-stp marked this pull request as ready for review June 7, 2025 18:54
@x-stp x-stp requested a review from a team as a code owner June 7, 2025 18:54
amanfcp
amanfcp reviewed Jun 11, 2025
View reviewed changes
amanfcp
amanfcp reviewed Jun 11, 2025
View reviewed changes
pkg/detectors/bitbucketapppassword/bitbucketapppassword.go Outdated
Comment on lines 83 to 85
if res.StatusCode >= 200 && res.StatusCode < 300 || res.StatusCode == 403 {
s1.Verified = true
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of using a broad conditional to check status codes, consider switching to a switch statement that explicitly handles expected responses like 200 OK and 401 Unauthorized. This makes the code easier to read, and allows for structured handling of each response case. It also ensures that unexpected status codes are surfaced clearly, which helps with debugging and observability.

Here's an example

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Swapped. Did keep 200, 403 grouped in the switch block as they both return true.

amanfcp
amanfcp reviewed Jun 11, 2025
View reviewed changes
amanfcp
amanfcp reviewed Jun 11, 2025
View reviewed changes
amanfcp
amanfcp reviewed Jun 11, 2025
View reviewed changes
pkg/detectors/bitbucketapppassword/bitbucketapppassword.go Outdated
Raw: []byte(fmt.Sprintf(`%s: %s`, resUsernameMatch, resAppPasswordMatch)),
}

if verify {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit; In our new detectors, we do verification separately, see this

amanfcp
amanfcp reviewed Jun 11, 2025
View reviewed changes
amanfcp
amanfcp reviewed Jun 11, 2025
View reviewed changes
Copy link
Contributor

@amanfcp amanfcp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should also have a bitbucketapppassword_test.go for pattern test. See this

@x-stp x-stp marked this pull request as draft June 11, 2025 18:34
@x-stp x-stp force-pushed the feat/bitbucket_round2 branch from 64a0e95 to c23bcf2 Compare June 11, 2025 18:59
x-stp
x-stp commented Jun 11, 2025
View reviewed changes
@x-stp x-stp force-pushed the feat/bitbucket_round2 branch 2 times, most recently from 134bd62 to 1864c95 Compare June 11, 2025 21:04
@x-stp
Update pkg/detectors/bitbucketapppassword/bitbucketapppassword.go
f31ad18 
Co-authored-by: Amaan Ullah <amaanuj.dev@gmail.com>
@x-stp x-stp force-pushed the feat/bitbucket_round2 branch from 1864c95 to 6ecce5f Compare June 11, 2025 21:20
@x-stp
refactor(bitbucket): tests (+patterns) ; code cleanup
340b046 
- add switch{} block + credentialPattern[] for readability
- + tidy nested loops
- reflect codebase conventions in verification scope
- hard drain io.Discard, body.Close on res call in verify func
- intro the patterns test as it was not introoed
- standardize the integration test based off others living in repo
@x-stp x-stp force-pushed the feat/bitbucket_round2 branch from 6ecce5f to 340b046 Compare June 11, 2025 21:40
@x-stp
Copy link
Author

x-stp commented Jun 11, 2025
edited
Loading

ran some benchmarks
where OLD == #1498

Benchmark Size GCP (Fastest) Bitfinex Hugging Face Bitbucket NEW Bitbucket OLD
xsmall 585.6 1,156 599.2 923.8 507.1
small 681.6 1,435 986.4 6,125 10,420
medium 1,280 3,721 4,845 67,149 129,749
large 6,524 24,868 42,898 777,381 1,525,966
xlarge 60,241 240,401 414,083 7,247,065 17,305,812
xxlarge 748,382 2,563,427 4,265,669 75,731,043 145,927,025

still not really satisfied as these regexes are quite slow.

@amanfcp, thx for the pointers, I tried to port the feedback in while going through some more recently added detectors.
This should be ready for a fresh look when you have a moment; though I am not a fan of the slow regexes.

@x-stp x-stp marked this pull request as ready for review June 11, 2025 21:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amanfcp amanfcp amanfcp left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@x-stp @CLAassistant @amanfcp @brandonjyan