Documentation
¶
Index ¶
- func IsNew(finding report.Finding, baseline []report.Finding) bool
- func LoadBaseline(baselinePath string) ([]report.Finding, error)
- type Detector
- func (d *Detector) AddBaseline(baselinePath string) error
- func (d *Detector) AddGitleaksIgnore(gitleaksIgnorePath string) error
- func (d *Detector) Detect(fragment Fragment) []report.Finding
- func (d *Detector) DetectBytes(content []byte) []report.Finding
- func (d *Detector) DetectFiles(source string) ([]report.Finding, error)
- func (d *Detector) DetectGit(source string, logOpts string, gitScanType GitScanType) ([]report.Finding, error)
- func (d *Detector) DetectReader(r io.Reader, bufSize int) ([]report.Finding, error)
- func (d *Detector) DetectString(content string) []report.Finding
- type Fragment
- type GitScanType
- type Location
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Detector ¶ added in v8.4.0
type Detector struct {
// Config is the configuration for the detector
Config config.Config
// Redact is a flag to redact findings. This is exported
// so users using gitleaks as a library can set this flag
// without calling `detector.Start(cmd *cobra.Command)`
Redact bool
// verbose is a flag to print findings
Verbose bool
// files larger than this will be skipped
MaxTargetMegaBytes int
// followSymlinks is a flag to enable scanning symlink files
FollowSymlinks bool
// contains filtered or unexported fields
}
Detector is the main detector struct
func NewDetector ¶ added in v8.4.0
NewDetector creates a new detector with the given config
func NewDetectorDefaultConfig ¶ added in v8.4.0
NewDetectorDefaultConfig creates a new detector with the default config
func (*Detector) AddBaseline ¶ added in v8.13.0
func (*Detector) AddGitleaksIgnore ¶ added in v8.10.0
func (*Detector) Detect ¶ added in v8.4.0
Detect scans the given fragment and returns a list of findings
func (*Detector) DetectBytes ¶ added in v8.4.0
DetectBytes scans the given bytes and returns a list of findings
func (*Detector) DetectFiles ¶ added in v8.4.0
DetectFiles accepts a path to a source directory or file and begins a scan of the file or directory.
func (*Detector) DetectGit ¶ added in v8.4.0
func (d *Detector) DetectGit(source string, logOpts string, gitScanType GitScanType) ([]report.Finding, error)
GitScan accepts a *gitdiff.File channel which contents a git history generated from the output of `git log -p ...`. startGitScan will look at each file (patch) in the history and determine if the patch contains any findings.
func (*Detector) DetectReader ¶ added in v8.15.0
DetectReader accepts an io.Reader and a buffer size for the reader in KB
type Fragment ¶ added in v8.4.0
type Fragment struct {
// Raw is the raw content of the fragment
Raw string
// FilePath is the path to the file if applicable
FilePath string
SymlinkFile string
// CommitSHA is the SHA of the commit if applicable
CommitSHA string
// contains filtered or unexported fields
}
Fragment contains the data to be scanned
type GitScanType ¶ added in v8.4.0
type GitScanType int
Type used to differentiate between git scan types: $ gitleaks detect $ gitleaks protect $ gitleaks protect staged
const ( DetectType GitScanType = iota ProtectType ProtectStagedType )
Source Files
Directories