common

package
v0.0.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 29, 2019 License: BSD-3-Clause Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	//AppName is the application name
	AppName = "checkmate"

	//SourceFileExtensions extensions for source code
	//see https://fileinfo.com/filetypes/developer-all
	SourceFileExtensions = map[string]string{}/* 808 elements not displayed */

	//TextFileExtensions file name extensions for textual files
	TextFileExtensions = appendMaps(tfe1, tfe2)
	//DangerousFileNames are file names commonly associated with secrets, should not be stored in source code management systems
	DangerousFileNames = map[string]string{
		`id_rsa`:   `SSH private key`,
		`id_dsa`:   `SSH private key`,
		`keystore`: `Java key store`,
	}
	//CertsAndKeyStores are potential certificate and keystore files that should not be stored in source code repositories
	CertsAndKeyStores = map[string]string{
		`.pem`:      `Certificate file`,
		`.crt`:      `Certificate file`,
		`.cer`:      `Certificate file`,
		`.der`:      `Certificate file`,
		`.p7b`:      `Certificate file`,
		`.p7r`:      `Certificate file`,
		`.spc`:      `Certificate file`,
		`.pfx`:      `Certificate file`,
		`.p12`:      `Certificate file`,
		`.jks`:      `Java key store`,
		`.ks`:       `Java key store`,
		`.keystore`: `Java key store`,
		`.jceks`:    `Java key store`,
		`.ubr`:      `Java key store`,
		`.bks`:      `Java key store`,
		`.sst`:      `Microsoft certificate store`,
		`.sto`:      `Microsoft certificate stor`,
	}
	//FinancialAndAccountingExtensions are file extensions that may contain financial accounting data: not to be stored in source code repositories or other shared spaces
	//see https://www.file-extensions.org/filetype/extension/name/financial-tax-files/sortBy/extension/order/asc/page/1
	FinancialAndAccountingExtensions = map[string]string{}/* 386 elements not displayed */

	//DangerousExtensions are file extensions that are known to contain sensitive data, not to be stored in source code repositories or other shared spaces
	//see https://www.file-extensions.org/filetype/extension/name/encoded-and-encrypted-files/sortBy/extension/order/asc/page/1
	DangerousExtensions = map[string]string{}/* 465 elements not displayed */

)

Functions

func IsConfidentialFile added in v0.0.4 

func IsConfidentialFile(path string) (bool, string)

IsConfidentialFile indicates whether a file is potentially confidential based on its name or extension, with a narrative indicating what sort of file it may be if it is potentially condidential

func RegisterDiagnosticsConsumer 

func RegisterDiagnosticsConsumer(callback func(d diagnostics.SecurityDiagnostic), providers ...diagnostics.SecurityDiagnosticsProvider)

RegisterDiagnosticsConsumer registers a callback to consume diagnostics

Types

type DataToScan 

type DataToScan struct {
	//Source is the textual data to be scanned for secrets
	Source string `json:"source"`
	//SourceType is a hint as to the type of the source e.g .java, .xml, .yaml, .json, .rb, etc
	SourceType string `json:"source_type"`
	//Base64 is an optional flag that is used to indicate whether the text in `Source` is Base64-encoded
	Base64 bool `json:"base64,omitempty"`
}

DataToScan represents data to be inspected for possible secrets embedded along with hints and configurations about the nature of the data and the scanning sensitivity

type DiagnosticsAggregator 

type DiagnosticsAggregator interface {
	AddDiagnostic(diagnostic diagnostics.SecurityDiagnostic)
	Aggregate() []diagnostics.SecurityDiagnostic //Called when aggregation strategy is required to be run
}

DiagnosticsAggregator implements a strategy for aggregating diagnostics, e.g. removing duplicates, overlap, less sever issues etc.

func MakeSimpleAggregator 

func MakeSimpleAggregator() DiagnosticsAggregator

MakeSimpleAggregator creates a diagnostics aggregator that removes diagnostics whose range is completely overlapped by another diagnostic's range

type PathToSecurityDiagnostics added in v0.0.4 

type PathToSecurityDiagnostics interface {
	util.PathConsumer
	diagnostics.SecurityDiagnosticsProvider
}

PathToSecurityDiagnostics is an interface that describes an object that can consume a file path or URI and generate security diagnostics

type SourceToSecurityDiagnostics 

type SourceToSecurityDiagnostics interface {
	util.SourceConsumer
	diagnostics.SecurityDiagnosticsProvider
}

SourceToSecurityDiagnostics is an interface that describes an object that can consume source and generate security diagnostics

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.