secrets

package
v1.6.9-integrations Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 31, 2023 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Base64Chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
	HexChars    = "1234567890abcdefABCDEF"
)

Variables

View Source
var (
	SecretsQueryMetadata map[string]string
)

Functions

func CheckEntropyInterval

func CheckEntropyInterval(entropy Entropy, token string) (isEntropyInInterval bool, entropyLevel float64)

CheckEntropyInterval - verifies if a given token's entropy is within expected bounds

Types

type AllowRule

type AllowRule struct {
	Description string `json:"description"`
	RegexStr    string `json:"regex"`
	Regex       *regexp.Regexp
}

type Entropy

type Entropy struct {
	Group int     `json:"group"`
	Min   float64 `json:"min"`
	Max   float64 `json:"max"`
}

type Inspector

type Inspector struct {
	SecretTracker []SecretTracker
	// contains filtered or unexported fields
}

func NewInspector

func NewInspector(
	ctx context.Context,
	excludeResults map[string]bool,
	tracker engine.Tracker,
	queryFilter *source.QueryInspectorParameters,
	disableSecretsQuery bool,
	executionTimeout int,
	regexRulesContent string,
	isCustomSecretsRegexes bool,
) (*Inspector, error)

func (*Inspector) GetQueriesLength

func (c *Inspector) GetQueriesLength() int

func (*Inspector) Inspect

func (c *Inspector) Inspect(ctx context.Context, basePaths []string,
	files model.FileMetadatas, currentQuery chan<- int64) ([]model.Vulnerability, error)

Inspect inspects the source code for passwords & secrets and returns the list of vulnerabilities

type MultilineResult

type MultilineResult struct {
	DetectLineGroup int `json:"detectLineGroup"`
}

type RegexQuery

type RegexQuery struct {
	ID          string          `json:"id"`
	Name        string          `json:"name"`
	Multiline   MultilineResult `json:"multiline"`
	RegexStr    string          `json:"regex"`
	SpecialMask string          `json:"specialMask"`
	Entropies   []Entropy       `json:"entropies"`
	AllowRules  []AllowRule     `json:"allowRules"`
	Regex       *regexp.Regexp
}

type RegexRuleStruct

type RegexRuleStruct struct {
	Rules      []RegexQuery `json:"rules"`
	AllowRules []AllowRule  `json:"allowRules"`
}

type RuleMatch

type RuleMatch struct {
	File     string
	RuleName string
	Matches  []string
	Line     int
	Entropy  float64
}

type SecretTracker added in v1.6.3

type SecretTracker struct {
	ResolvedFilePath string
	Line             int
	OriginalContent  string
	MaskedContent    string
}

SecretTracker is Struct created to keep track of the secrets found in the inspector it used for masking all the secrets in the vulnerability preview in the different report formats

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL