Documentation ¶
Index ¶
- func IsNew(finding report.Finding, baseline []report.Finding) bool
- func LoadBaseline(baselinePath string) ([]report.Finding, error)
- type Detector
- func (d *Detector) AddBaseline(baselinePath string, source string) error
- func (d *Detector) AddGitleaksIgnore(gitleaksIgnorePath string) error
- func (d *Detector) Detect(fragment Fragment) []report.Finding
- func (d *Detector) DetectBytes(content []byte) []report.Finding
- func (d *Detector) DetectFiles(source string) ([]report.Finding, error)
- func (d *Detector) DetectGit(source string, logOpts string, gitScanType GitScanType) ([]report.Finding, error)
- func (d *Detector) DetectReader(r io.Reader, bufSize int) ([]report.Finding, error)
- func (d *Detector) DetectString(content string) []report.Finding
- type Fragment
- type GitScanType
- type Location
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Detector ¶
type Detector struct { // Config is the configuration for the detector Config config.Config // Redact is a flag to redact findings. This is exported // so users using gitleaks as a library can set this flag // without calling `detector.Start(cmd *cobra.Command)` Redact bool // verbose is a flag to print findings Verbose bool // files larger than this will be skipped MaxTargetMegaBytes int // followSymlinks is a flag to enable scanning symlink files FollowSymlinks bool // NoColor is a flag to disable color output NoColor bool // contains filtered or unexported fields }
Detector is the main detector struct
func NewDetector ¶
NewDetector creates a new detector with the given config
func NewDetectorDefaultConfig ¶
NewDetectorDefaultConfig creates a new detector with the default config
func (*Detector) AddBaseline ¶
func (*Detector) AddGitleaksIgnore ¶
func (*Detector) DetectBytes ¶
DetectBytes scans the given bytes and returns a list of findings
func (*Detector) DetectFiles ¶
DetectFiles accepts a path to a source directory or file and begins a scan of the file or directory.
func (*Detector) DetectGit ¶
func (d *Detector) DetectGit(source string, logOpts string, gitScanType GitScanType) ([]report.Finding, error)
GitScan accepts a *gitdiff.File channel which contents a git history generated from the output of `git log -p ...`. startGitScan will look at each file (patch) in the history and determine if the patch contains any findings.
func (*Detector) DetectReader ¶
DetectReader accepts an io.Reader and a buffer size for the reader in KB
type Fragment ¶
type Fragment struct { // Raw is the raw content of the fragment Raw string // FilePath is the path to the file if applicable FilePath string SymlinkFile string // CommitSHA is the SHA of the commit if applicable CommitSHA string // contains filtered or unexported fields }
Fragment contains the data to be scanned
type GitScanType ¶
type GitScanType int
Type used to differentiate between git scan types: $ gitleaks detect $ gitleaks protect $ gitleaks protect staged
const ( DetectType GitScanType = iota ProtectType ProtectStagedType )