gitlab-secret_detection 0.8.0 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 11072219ab42b67d6058ec56843fa3b5082b69a65f7e18fdde5c845d10693c95
|
|
4
|
+
data.tar.gz: de0687b9f7a614ab6adeb26c155b3769f54a45470ed74bb807188c68e9580d33
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b8a514a818697d448ce86821cc065685e70b0b8fad00b4729f689b888d3e76219160a1560ff058ae402e4aec56edb0b16f1b49faf6ecb0143b6a7bbeab736308
|
|
7
|
+
data.tar.gz: fa0c4f0e2118588084e570000b138bb030e6626f16da2e0cba53515afb0543aaee99e476588dacb91c81b93d37d0a4d04afe0a85f4962299361588dd7c074190
|
|
@@ -260,6 +260,8 @@ module Gitlab
|
|
|
260
260
|
def find_secrets_in_payload(payload:, pattern_matcher:, raw_value_exclusions: [], rule_exclusions: [])
|
|
261
261
|
findings = []
|
|
262
262
|
|
|
263
|
+
payload_offset = payload.respond_to?(:offset) ? payload.offset : 0
|
|
264
|
+
|
|
263
265
|
payload.data
|
|
264
266
|
.each_line($INPUT_RECORD_SEPARATOR, chomp: true)
|
|
265
267
|
.each_with_index do |line, index|
|
|
@@ -271,7 +273,11 @@ module Gitlab
|
|
|
271
273
|
|
|
272
274
|
next if line.empty?
|
|
273
275
|
|
|
274
|
-
|
|
276
|
+
# If payload offset is given then we will compute absolute line number i.e.,
|
|
277
|
+
# offset + relative_line_number - 1. In this scenario, index is equivalent to relative_line_number - 1.
|
|
278
|
+
# Whereas, when payload offset is not given, we'll set the line number relative to the beginning of the
|
|
279
|
+
# payload. In this scenario it will be index + 1.
|
|
280
|
+
line_no = payload_offset.positive? ? payload_offset + index : index + 1
|
|
275
281
|
|
|
276
282
|
matches = pattern_matcher.match(line, exception: false) # returns indices of matched patterns
|
|
277
283
|
|
|
@@ -280,7 +286,8 @@ module Gitlab
|
|
|
280
286
|
|
|
281
287
|
next if rule_exclusions.include?(rule[:id])
|
|
282
288
|
|
|
283
|
-
findings << Core::Finding.new(payload.id, Core::Status::FOUND, line_no, rule[:id],
|
|
289
|
+
findings << Core::Finding.new(payload.id, Core::Status::FOUND, line_no, rule[:id],
|
|
290
|
+
rule[:description])
|
|
284
291
|
end
|
|
285
292
|
end
|
|
286
293
|
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n\x16secret_detection.proto\x12\x17gitlab.secret_detection\"\
|
|
8
|
+
descriptor_data = "\n\x16secret_detection.proto\x12\x17gitlab.secret_detection\"\x9c\x04\n\x0bScanRequest\x12>\n\x08payloads\x18\x01 \x03(\x0b\x32,.gitlab.secret_detection.ScanRequest.Payload\x12\x19\n\x0ctimeout_secs\x18\x02 \x01(\x02H\x00\x88\x01\x01\x12!\n\x14payload_timeout_secs\x18\x03 \x01(\x02H\x01\x88\x01\x01\x12\x42\n\nexclusions\x18\x04 \x03(\x0b\x32..gitlab.secret_detection.ScanRequest.Exclusion\x12\x0c\n\x04tags\x18\x05 \x03(\t\x1a\x43\n\x07Payload\x12\n\n\x02id\x18\x01 \x01(\t\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\t\x12\x13\n\x06offset\x18\x03 \x01(\x05H\x00\x88\x01\x01\x42\t\n\x07_offset\x1a\x66\n\tExclusion\x12J\n\x0e\x65xclusion_type\x18\x01 \x01(\x0e\x32\x32.gitlab.secret_detection.ScanRequest.ExclusionType\x12\r\n\x05value\x18\x02 \x01(\t\"f\n\rExclusionType\x12\x1e\n\x1a\x45XCLUSION_TYPE_UNSPECIFIED\x10\x00\x12\x17\n\x13\x45XCLUSION_TYPE_RULE\x10\x01\x12\x1c\n\x18\x45XCLUSION_TYPE_RAW_VALUE\x10\x02\x42\x0f\n\r_timeout_secsB\x17\n\x15_payload_timeout_secs\"\xe2\x03\n\x0cScanResponse\x12>\n\x07results\x18\x01 \x03(\x0b\x32-.gitlab.secret_detection.ScanResponse.Finding\x12\x0e\n\x06status\x18\x02 \x01(\x05\x1a\x9d\x01\n\x07\x46inding\x12\x12\n\npayload_id\x18\x01 \x01(\t\x12\x0e\n\x06status\x18\x02 \x01(\x05\x12\x11\n\x04type\x18\x03 \x01(\tH\x00\x88\x01\x01\x12\x18\n\x0b\x64\x65scription\x18\x04 \x01(\tH\x01\x88\x01\x01\x12\x18\n\x0bline_number\x18\x05 \x01(\x05H\x02\x88\x01\x01\x42\x07\n\x05_typeB\x0e\n\x0c_descriptionB\x0e\n\x0c_line_number\"\xe1\x01\n\x06Status\x12\x16\n\x12STATUS_UNSPECIFIED\x10\x00\x12\x10\n\x0cSTATUS_FOUND\x10\x01\x12\x1c\n\x18STATUS_FOUND_WITH_ERRORS\x10\x02\x12\x17\n\x13STATUS_SCAN_TIMEOUT\x10\x03\x12\x1a\n\x16STATUS_PAYLOAD_TIMEOUT\x10\x04\x12\x15\n\x11STATUS_SCAN_ERROR\x10\x05\x12\x16\n\x12STATUS_INPUT_ERROR\x10\x06\x12\x14\n\x10STATUS_NOT_FOUND\x10\x07\x12\x15\n\x11STATUS_AUTH_ERROR\x10\x08\x32\xc1\x01\n\x07Scanner\x12U\n\x04Scan\x12$.gitlab.secret_detection.ScanRequest\x1a%.gitlab.secret_detection.ScanResponse\"\x00\x12_\n\nScanStream\x12$.gitlab.secret_detection.ScanRequest\x1a%.gitlab.secret_detection.ScanResponse\"\x00(\x01\x30\x01\x42 \xea\x02\x1dGitlab::SecretDetection::GRPCb\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
pool.add_serialized_file(descriptor_data)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: gitlab-secret_detection
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.9.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- group::secret detection
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2024-10-
|
|
13
|
+
date: 2024-10-30 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: grpc
|