credsweeper 1.11.5__py3-none-any.whl → 1.11.6__py3-none-any.whl

credsweeper/ml_model/features/word_in_preamble.py

@@ -1,7 +1,7 @@
 import numpy as np
 
 from credsweeper.common.constants import ML_HUNK
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn
 
 

credsweeper/ml_model/features/word_in_transition.py

@@ -1,6 +1,6 @@
 import numpy as np
 
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn
 
 

credsweeper/ml_model/features/word_in_value.py

@@ -1,6 +1,6 @@
 import numpy as np
 
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn
 
 

credsweeper/ml_model/features/word_in_variable.py

@@ -1,6 +1,6 @@
 import numpy as np
 
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn
 
 

credsweeper/ml_model/ml_validator.py

@@ -9,8 +9,9 @@ from onnxruntime import InferenceSession
 
 import credsweeper.ml_model.features as features
 from credsweeper.common.constants import ThresholdPreset, ML_HUNK
-from credsweeper.credentials import Candidate, CandidateKey
-from credsweeper.utils import Util
+from credsweeper.credentials.candidate import Candidate
+from credsweeper.credentials.candidate_key import CandidateKey
+from credsweeper.utils.util import Util
 
 logger = logging.getLogger(__name__)
 

credsweeper/rules/__init__.py

@@ -1 +0,0 @@
-from credsweeper.rules.rule import Rule

credsweeper/rules/config.yaml

@@ -209,6 +209,20 @@
     - code
     - doc
 
+- name: Akamai Credentials
+  severity: high
+  confidence: strong
+  type: pattern
+  values:
+    - (?P<value>akab-[0-9a-z]{16}-[0-9a-z]{16})(?!\.[0-9a-z-]{1,80}\.akamaiapis\.net)
+  filter_type: GeneralPattern
+  required_substrings:
+    - akab-
+  min_line_len: 38
+  target:
+    - code
+    - doc
+
 - name: AWS Client ID
   severity: high
   confidence: moderate
@@ -1276,6 +1290,23 @@
     - code
     - doc
 
+- name: Docker Access Token
+  severity: high
+  confidence: strong
+  type: pattern
+  values:
+    - (?P<value>dckr_[op]at_[0-9A-Za-z_-]{27,32})
+  min_line_len: 36
+  filter_type:
+    - ValuePatternCheck
+    - ValueEntropyBase64Check
+  required_substrings:
+    - dckr_pat_
+    - dckr_oat_
+  target:
+    - code
+    - doc
+
 - name: Docker Swarm Token
   severity: high
   confidence: strong
@@ -1434,45 +1465,61 @@
     - code
     - doc
 
-- name: API
+- name: Basic Authorization
+  severity: medium
+  confidence: strong
+  type: pattern
+  values:
+    - (?P<variable>(?i:basic))(?P<separator>\s+)(?P<value>[=0-9A-Za-z_/+-]{8,8000})(?![0-9A-Za-z_/+-])
+  min_line_len: 18
+  filter_type:
+    - ValueBasicAuthCheck
+  required_substrings:
+    - basic
+  target:
+    - code
+    - doc
+
+- name: Bearer Authorization
   severity: medium
   confidence: moderate
-  type: keyword
+  type: pattern
   values:
-    - api(?!tal)
+    - (?P<variable>(?i:bearer|ntlm))(?P<separator>\s+)(?P<value>[.0-9A-Za-z_/+-]{32,8000}=*)(?![0-9A-Za-z_/+-])
+  min_line_len: 37
   filter_type: GeneralKeyword
-  use_ml: true
-  min_line_len: 11
   required_substrings:
-    - api
+    - bearer
+    - ntlm
   target:
     - code
+    - doc
 
-- name: Auth
-  severity: medium
+- name: API
+  severity: low
   confidence: moderate
   type: keyword
   values:
-    - auth(?!ors?(?!i[tz]))
+    - api(?!tal)
   filter_type: GeneralKeyword
   use_ml: true
-  min_line_len: 12
+  min_line_len: 11
   required_substrings:
-    - auth
+    - api
   target:
     - code
 
-- name: Certificate
+- name: Auth
   severity: medium
   confidence: moderate
   type: keyword
   values:
-    - cert
+    - auth(?!ors?(?!i[tz]))
   filter_type: GeneralKeyword
   use_ml: true
   min_line_len: 12
   required_substrings:
-    - cert
+    - auth
   target:
     - code
 
@@ -1491,7 +1538,7 @@
     - code
 
 - name: Key
-  severity: medium
+  severity: high
   confidence: moderate
   type: keyword
   values:
@@ -1505,7 +1552,7 @@
     - code
 
 - name: Nonce
-  severity: medium
+  severity: low
   confidence: moderate
   type: keyword
   values:
@@ -1519,7 +1566,7 @@
     - code
 
 - name: Password
-  severity: medium
+  severity: high
   confidence: moderate
   type: keyword
   values:
@@ -1534,7 +1581,7 @@
     - code
 
 - name: Salt
-  severity: medium
+  severity: low
   confidence: moderate
   type: keyword
   values:
@@ -1562,7 +1609,7 @@
     - code
 
 - name: Token
-  severity: medium
+  severity: high
   confidence: moderate
   type: keyword
   values:

credsweeper/rules/rule.py

@@ -7,9 +7,10 @@ from typing import Dict, List, Optional, Union, Set
 from credsweeper import filters
 from credsweeper.common.constants import RuleType, Severity, MAX_LINE_LENGTH, Confidence
 from credsweeper.common.keyword_pattern import KeywordPattern
-from credsweeper.config import Config
-from credsweeper.filters import Filter, group
-from credsweeper.filters.group import Group
+from credsweeper.config.config import Config
+from credsweeper.filters import group
+from credsweeper.filters.filter import Filter
+from credsweeper.filters.group.group import Group
 
 logger = logging.getLogger(__name__)
 

credsweeper/scanner/__init__.py

@@ -1 +0,0 @@
-from credsweeper.scanner.scanner import Scanner

credsweeper/scanner/scan_type/__init__.py

@@ -1,5 +0,0 @@
-from credsweeper.scanner.scan_type.scan_type import ScanType  # isort:skip
-
-from credsweeper.scanner.scan_type.multi_pattern import MultiPattern
-from credsweeper.scanner.scan_type.pem_key_pattern import PemKeyPattern
-from credsweeper.scanner.scan_type.single_pattern import SinglePattern

credsweeper/scanner/scan_type/multi_pattern.py

@@ -1,11 +1,11 @@
 from typing import List
 
 from credsweeper.common.constants import RuleType
-from credsweeper.config import Config
-from credsweeper.credentials import Candidate
+from credsweeper.config.config import Config
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.file_handler.analysis_target import AnalysisTarget
-from credsweeper.rules import Rule
-from credsweeper.scanner.scan_type import ScanType
+from credsweeper.rules.rule import Rule
+from credsweeper.scanner.scan_type.scan_type import ScanType
 
 
 class MultiPattern(ScanType):

credsweeper/scanner/scan_type/pem_key_pattern.py

@@ -2,11 +2,11 @@ import logging
 from typing import List
 
 from credsweeper.common.constants import RuleType
-from credsweeper.config import Config
-from credsweeper.credentials import Candidate
+from credsweeper.config.config import Config
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.file_handler.analysis_target import AnalysisTarget
-from credsweeper.rules import Rule
-from credsweeper.scanner.scan_type import ScanType
+from credsweeper.rules.rule import Rule
+from credsweeper.scanner.scan_type.scan_type import ScanType
 from credsweeper.utils.pem_key_detector import PemKeyDetector
 
 logger = logging.getLogger(__name__)

credsweeper/scanner/scan_type/scan_type.py

@@ -4,11 +4,11 @@ from abc import ABC, abstractmethod
 from typing import List
 
 from credsweeper.common.constants import RuleType, MIN_DATA_LEN
-from credsweeper.config import Config
-from credsweeper.credentials import Candidate, LineData
+from credsweeper.config.config import Config
+from credsweeper.credentials.candidate import Candidate, LineData
 from credsweeper.file_handler.analysis_target import AnalysisTarget
-from credsweeper.filters import Filter
-from credsweeper.rules import Rule
+from credsweeper.filters.filter import Filter
+from credsweeper.rules.rule import Rule
 
 logger = logging.getLogger(__name__)
 

credsweeper/scanner/scan_type/single_pattern.py

@@ -1,10 +1,10 @@
 from typing import List
 
-from credsweeper.config import Config
-from credsweeper.credentials import Candidate
+from credsweeper.config.config import Config
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.file_handler.analysis_target import AnalysisTarget
-from credsweeper.rules import Rule
-from credsweeper.scanner.scan_type import ScanType
+from credsweeper.rules.rule import Rule
+from credsweeper.scanner.scan_type.scan_type import ScanType
 
 
 class SinglePattern(ScanType):

credsweeper/scanner/scanner.py

@@ -6,13 +6,16 @@ from typing import List, Type, Tuple, Union, Dict, Generator, Set
 from credsweeper.app import APP_PATH
 from credsweeper.common.constants import RuleType, MIN_VARIABLE_LENGTH, MIN_SEPARATOR_LENGTH, MIN_VALUE_LENGTH, \
     MAX_LINE_LENGTH, PEM_BEGIN_PATTERN
-from credsweeper.config import Config
-from credsweeper.credentials import Candidate
+from credsweeper.config.config import Config
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.file_handler.analysis_target import AnalysisTarget
 from credsweeper.file_handler.content_provider import ContentProvider
-from credsweeper.rules import Rule
-from credsweeper.scanner.scan_type import PemKeyPattern, ScanType, SinglePattern, MultiPattern
-from credsweeper.utils import Util
+from credsweeper.rules.rule import Rule
+from credsweeper.scanner.scan_type.multi_pattern import MultiPattern
+from credsweeper.scanner.scan_type.pem_key_pattern import PemKeyPattern
+from credsweeper.scanner.scan_type.scan_type import ScanType
+from credsweeper.scanner.scan_type.single_pattern import SinglePattern
+from credsweeper.utils.util import Util
 
 logger = logging.getLogger(__name__)
 

credsweeper/utils/__init__.py

@@ -1 +0,0 @@
-from credsweeper.utils.util import DiffRowData, Util, DiffDict

credsweeper/utils/pem_key_detector.py

@@ -5,10 +5,10 @@ import string
 from typing import List
 
 from credsweeper.common.constants import PEM_BEGIN_PATTERN, PEM_END_PATTERN, Chars
-from credsweeper.config import Config
-from credsweeper.credentials import LineData
+from credsweeper.config.config import Config
+from credsweeper.credentials.line_data import LineData
 from credsweeper.file_handler.analysis_target import AnalysisTarget
-from credsweeper.utils import Util
+from credsweeper.utils.util import Util
 
 logger = logging.getLogger(__name__)
 

credsweeper/utils/util.py

@@ -9,12 +9,10 @@ import random
 import re
 import string
 import tarfile
-from dataclasses import dataclass
 from pathlib import Path
 from typing import Any, Dict, List, Tuple, Optional, Union
 
 import numpy as np
-import whatthepatch
 import yaml
 from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives.asymmetric import padding
@@ -29,31 +27,12 @@ from cryptography.hazmat.primitives.asymmetric.x448 import X448PublicKey, X448Pr
 from cryptography.hazmat.primitives.serialization import load_der_private_key
 from cryptography.hazmat.primitives.serialization.pkcs12 import load_key_and_certificates
 from lxml import etree
-from typing_extensions import TypedDict
 
-from credsweeper.common.constants import DiffRowType, AVAILABLE_ENCODINGS, \
+from credsweeper.common.constants import AVAILABLE_ENCODINGS, \
     DEFAULT_ENCODING, LATIN_1, CHUNK_SIZE, MAX_LINE_LENGTH, CHUNK_STEP_SIZE, ASCII
 
 logger = logging.getLogger(__name__)
 
-DiffDict = TypedDict(
-    "DiffDict",
-    {
-        "old": Optional[int],  #
-        "new": Optional[int],  #
-        "line": Union[str, bytes],  # bytes are possibly since whatthepatch v1.0.4
-        "hunk": Any  # not used
-    })
-
-
-@dataclass(frozen=True)
-class DiffRowData:
-    """Class for keeping data of diff row."""
-
-    line_type: DiffRowType
-    line_numb: int
-    line: str
-
 
 class Util:
     """Class that contains different useful methods."""
@@ -277,116 +256,6 @@ class Util:
             lines = []
         return lines
 
-    @staticmethod
-    def patch2files_diff(raw_patch: List[str], change_type: DiffRowType) -> Dict[str, List[DiffDict]]:
-        """Generate files changes from patch for added or deleted filepaths.
-
-        Args:
-            raw_patch: git patch file content
-            change_type: change type to select, DiffRowType.ADDED or DiffRowType.DELETED
-
-        Return:
-            return dict with ``{file paths: list of file row changes}``, where
-            elements of list of file row changes represented as::
-
-                {
-                    "old": line number before diff,
-                    "new": line number after diff,
-                    "line": line text,
-                    "hunk": diff hunk number
-                }
-
-        """
-        if not raw_patch:
-            return {}
-
-        added_files, deleted_files = {}, {}
-        try:
-            for patch in whatthepatch.parse_patch(raw_patch):
-                if patch.changes is None:
-                    logger.warning(f"Patch '{str(patch.header)}' cannot be scanned")
-                    continue
-                changes = []
-                for change in patch.changes:
-                    change_dict = change._asdict()
-                    changes.append(change_dict)
-
-                added_files[patch.header.new_path] = changes
-                deleted_files[patch.header.old_path] = changes
-            if change_type == DiffRowType.ADDED:
-                return added_files
-            elif change_type == DiffRowType.DELETED:
-                return deleted_files
-            else:
-                logger.error(f"Change type should be one of: '{DiffRowType.ADDED}', '{DiffRowType.DELETED}';"
-                             f" but received {change_type}")
-        except Exception as exc:
-            logger.exception(exc)
-        return {}
-
-    @staticmethod
-    def preprocess_diff_rows(
-            added_line_number: Optional[int],  #
-            deleted_line_number: Optional[int],  #
-            line: str) -> List[DiffRowData]:
-        """Auxiliary function to extend diff changes.
-
-        Args:
-            added_line_number: number of added line or None
-            deleted_line_number: number of deleted line or None
-            line: the text line
-
-        Return:
-            diff rows data with as list of row change type, line number, row content
-
-        """
-        rows_data: List[DiffRowData] = []
-        if isinstance(added_line_number, int):
-            # indicates line was inserted
-            rows_data.append(DiffRowData(DiffRowType.ADDED, added_line_number, line))
-        if isinstance(deleted_line_number, int):
-            # indicates line was removed
-            rows_data.append(DiffRowData(DiffRowType.DELETED, deleted_line_number, line))
-        return rows_data
-
-    @staticmethod
-    def wrong_change(change: DiffDict) -> bool:
-        """Returns True if the change is wrong"""
-        for i in ["line", "new", "old"]:
-            if i not in change:
-                logger.error(f"Skipping wrong change {change}")
-                return True
-        return False
-
-    @staticmethod
-    def preprocess_file_diff(changes: List[DiffDict]) -> List[DiffRowData]:
-        """Generate changed file rows from diff data with changed lines (e.g. marked + or - in diff).
-
-        Args:
-            changes: git diff by file rows data
-
-        Return:
-            diff rows data with as list of row change type, line number, row content
-
-        """
-        if not changes:
-            return []
-
-        rows_data = []
-        # process diff to restore lines and their positions
-        for change in changes:
-            if Util.wrong_change(change):
-                continue
-            line = change["line"]
-            if isinstance(line, str):
-                rows_data.extend(Util.preprocess_diff_rows(change.get("new"), change.get("old"), line))
-            elif isinstance(line, (bytes, bytearray)):
-                logger.warning("The feature is available with the deep scan option")
-            else:
-                logger.error(f"Unknown type of line {type(line)}")
-
-        return rows_data
-
     @staticmethod
     def is_zip(data: Union[bytes, bytearray]) -> bool:
         """According https://en.wikipedia.org/wiki/List_of_file_signatures"""

{credsweeper-1.11.5.dist-info → credsweeper-1.11.6.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: credsweeper
-Version: 1.11.5
+Version: 1.11.6
 Summary: Credential Sweeper
 Project-URL: Homepage, https://github.com/Samsung/CredSweeper
 Project-URL: Bug Tracker, https://github.com/Samsung/CredSweeper/issues