secret

package
v0.57.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 1, 2024 License: Apache-2.0 Imports: 15 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	CategoryAWS                  = types.SecretRuleCategory("AWS")
	CategoryGitHub               = types.SecretRuleCategory("GitHub")
	CategoryGitLab               = types.SecretRuleCategory("GitLab")
	CategoryAsymmetricPrivateKey = types.SecretRuleCategory("AsymmetricPrivateKey")
	CategoryShopify              = types.SecretRuleCategory("Shopify")
	CategorySlack                = types.SecretRuleCategory("Slack")
	CategoryGoogle               = types.SecretRuleCategory("Google")
	CategoryStripe               = types.SecretRuleCategory("Stripe")
	CategoryPyPI                 = types.SecretRuleCategory("PyPI")
	CategoryHeroku               = types.SecretRuleCategory("Heroku")
	CategoryTwilio               = types.SecretRuleCategory("Twilio")
	CategoryAge                  = types.SecretRuleCategory("Age")
	CategoryFacebook             = types.SecretRuleCategory("Facebook")
	CategoryTwitter              = types.SecretRuleCategory("Twitter")
	CategoryAdobe                = types.SecretRuleCategory("Adobe")
	CategoryAlibaba              = types.SecretRuleCategory("Alibaba")
	CategoryAsana                = types.SecretRuleCategory("Asana")
	CategoryAtlassian            = types.SecretRuleCategory("Atlassian")
	CategoryBitbucket            = types.SecretRuleCategory("Bitbucket")
	CategoryBeamer               = types.SecretRuleCategory("Beamer")
	CategoryClojars              = types.SecretRuleCategory("Clojars")
	CategoryContentfulDelivery   = types.SecretRuleCategory("ContentfulDelivery")
	CategoryDatabricks           = types.SecretRuleCategory("Databricks")
	CategoryDiscord              = types.SecretRuleCategory("Discord")
	CategoryDoppler              = types.SecretRuleCategory("Doppler")
	CategoryDropbox              = types.SecretRuleCategory("Dropbox")
	CategoryDuffel               = types.SecretRuleCategory("Duffel")
	CategoryDynatrace            = types.SecretRuleCategory("Dynatrace")
	CategoryEasypost             = types.SecretRuleCategory("Easypost")
	CategoryFastly               = types.SecretRuleCategory("Fastly")
	CategoryFinicity             = types.SecretRuleCategory("Finicity")
	CategoryFlutterwave          = types.SecretRuleCategory("Flutterwave")
	CategoryFrameio              = types.SecretRuleCategory("Frameio")
	CategoryGoCardless           = types.SecretRuleCategory("GoCardless")
	CategoryGrafana              = types.SecretRuleCategory("Grafana")
	CategoryHashiCorp            = types.SecretRuleCategory("HashiCorp")
	CategoryHubSpot              = types.SecretRuleCategory("HubSpot")
	CategoryIntercom             = types.SecretRuleCategory("Intercom")
	CategoryIonic                = types.SecretRuleCategory("Ionic")
	CategoryJWT                  = types.SecretRuleCategory("JWT")
	CategoryLinear               = types.SecretRuleCategory("Linear")
	CategoryLob                  = types.SecretRuleCategory("Lob")
	CategoryMailchimp            = types.SecretRuleCategory("Mailchimp")
	CategoryMailgun              = types.SecretRuleCategory("Mailgun")
	CategoryMapbox               = types.SecretRuleCategory("Mapbox")
	CategoryMessageBird          = types.SecretRuleCategory("MessageBird")
	CategoryNewRelic             = types.SecretRuleCategory("NewRelic")
	CategoryNpm                  = types.SecretRuleCategory("Npm")
	CategoryPlanetscale          = types.SecretRuleCategory("Planetscale")
	CategoryPostman              = types.SecretRuleCategory("Postman")
	CategoryPulumi               = types.SecretRuleCategory("Pulumi")
	CategoryRubyGems             = types.SecretRuleCategory("RubyGems")
	CategorySendGrid             = types.SecretRuleCategory("SendGrid")
	CategorySendinblue           = types.SecretRuleCategory("Sendinblue")
	CategoryShippo               = types.SecretRuleCategory("Shippo")
	CategoryLinkedIn             = types.SecretRuleCategory("LinkedIn")
	CategoryTwitch               = types.SecretRuleCategory("Twitch")
	CategoryTypeform             = types.SecretRuleCategory("Typeform")
	CategoryDocker               = types.SecretRuleCategory("Docker")
	CategoryHuggingFace          = types.SecretRuleCategory("HuggingFace")
)

Functions

func GetSecretRulesMetadata added in v0.35.0 

func GetSecretRulesMetadata() []iacRules.Check

This function is exported for trivy-plugin-aqua purposes only

Types

type AllowRule 

type AllowRule struct {
	ID          string  `yaml:"id"`
	Description string  `yaml:"description"`
	Regex       *Regexp `yaml:"regex"`
	Path        *Regexp `yaml:"path"`
}

type AllowRules 

type AllowRules []AllowRule

func (AllowRules) Allow 

func (rules AllowRules) Allow(match string) bool

func (AllowRules) AllowPath 

func (rules AllowRules) AllowPath(path string) bool

type Blocks 

type Blocks struct {
	// contains filtered or unexported fields
}

func (*Blocks) Match 

func (b *Blocks) Match(block Location) bool

type Config 

type Config struct {
	// Enable only specified built-in rules. If only one ID is specified, all other rules are disabled.
	// All the built-in rules are enabled if this field is not specified. It doesn't affect custom rules.
	EnableBuiltinRuleIDs []string `yaml:"enable-builtin-rules"`

	// Disable rules. It is applied to enabled IDs.
	DisableRuleIDs []string `yaml:"disable-rules"`

	// Disable allow rules.
	DisableAllowRuleIDs []string `yaml:"disable-allow-rules"`

	CustomRules      []Rule       `yaml:"rules"`
	CustomAllowRules AllowRules   `yaml:"allow-rules"`
	ExcludeBlock     ExcludeBlock `yaml:"exclude-block"`
}

func ParseConfig added in v0.32.0 

func ParseConfig(configPath string) (*Config, error)

type ExcludeBlock 

type ExcludeBlock struct {
	Description string    `yaml:"description"`
	Regexes     []*Regexp `yaml:"regexes"`
}

type Global 

type Global struct {
	Rules        []Rule
	AllowRules   AllowRules
	ExcludeBlock ExcludeBlock
}

func (Global) Allow 

func (g Global) Allow(match string) bool

Allow checks if the match is allowed

func (Global) AllowPath 

func (g Global) AllowPath(path string) bool

AllowPath checks if the path is allowed

type Location 

type Location struct {
	Start int
	End   int
}

func (Location) Match 

func (l Location) Match(loc Location) bool

type Match added in v0.30.0 

type Match struct {
	Rule     Rule
	Location Location
}

type Regexp 

type Regexp struct {
	*regexp.Regexp
}

Regexp adds unmarshalling from YAML for regexp.Regexp

func MustCompile 

func MustCompile(str string) *Regexp

func MustCompileWithoutWordPrefix added in v0.54.0 

func MustCompileWithoutWordPrefix(str string) *Regexp

func (*Regexp) UnmarshalYAML 

func (r *Regexp) UnmarshalYAML(value *yaml.Node) error

UnmarshalYAML unmarshals YAML into a regexp.Regexp

type Rule 

type Rule struct {
	ID              string                   `yaml:"id"`
	Category        types.SecretRuleCategory `yaml:"category"`
	Title           string                   `yaml:"title"`
	Severity        string                   `yaml:"severity"`
	Regex           *Regexp                  `yaml:"regex"`
	Keywords        []string                 `yaml:"keywords"`
	Path            *Regexp                  `yaml:"path"`
	AllowRules      AllowRules               `yaml:"allow-rules"`
	ExcludeBlock    ExcludeBlock             `yaml:"exclude-block"`
	SecretGroupName string                   `yaml:"secret-group-name"`
}

func GetBuiltinRules added in v0.54.0 

func GetBuiltinRules() []Rule

This function is exported for trivy-plugin-aqua purposes only

func (*Rule) Allow 

func (r *Rule) Allow(match string) bool

func (*Rule) AllowPath 

func (r *Rule) AllowPath(path string) bool

func (*Rule) MatchKeywords 

func (r *Rule) MatchKeywords(content []byte) bool

func (*Rule) MatchPath 

func (r *Rule) MatchPath(path string) bool

type ScanArgs 

type ScanArgs struct {
	FilePath string
	Content  []byte
	Binary   bool
}

type Scanner 

type Scanner struct {
	*Global
	// contains filtered or unexported fields
}

func NewScanner 

func NewScanner(config *Config) Scanner

func (*Scanner) AllowLocation 

func (s *Scanner) AllowLocation(r Rule, content []byte, loc Location) bool

func (*Scanner) FindLocations 

func (s *Scanner) FindLocations(r Rule, content []byte) []Location

func (*Scanner) FindSubmatchLocations 

func (s *Scanner) FindSubmatchLocations(r Rule, content []byte) []Location

func (*Scanner) Scan 

func (s *Scanner) Scan(args ScanArgs) types.Secret

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.