PyPI - credsweeper - Versions diffs - 1.11.5__py3-none-any.whl → 1.12.0__py3-none-any.whl - Mend

credsweeper 1.11.5py3-none-any.whl → 1.12.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of credsweeper might be problematic. Click here for more details.

Files changed (141) hide show

credsweeper/__init__.py +21 -15
credsweeper/__main__.py +141 -35
credsweeper/app.py +11 -11
credsweeper/common/keyword_pattern.py +13 -15
credsweeper/common/morpheme_checklist.txt +2 -0
credsweeper/config/__init__.py +0 -1
credsweeper/config/config.py +3 -3
credsweeper/credentials/__init__.py +0 -5
credsweeper/credentials/augment_candidates.py +1 -1
credsweeper/credentials/candidate.py +1 -1
credsweeper/credentials/credential_manager.py +1 -1
credsweeper/credentials/line_data.py +22 -2
credsweeper/deep_scanner/__init__.py +0 -1
credsweeper/deep_scanner/abstract_scanner.py +3 -3
credsweeper/deep_scanner/byte_scanner.py +1 -1
credsweeper/deep_scanner/bzip2_scanner.py +2 -2
credsweeper/deep_scanner/deb_scanner.py +1 -1
credsweeper/deep_scanner/deep_scanner.py +3 -3
credsweeper/deep_scanner/docx_scanner.py +1 -1
credsweeper/deep_scanner/eml_scanner.py +1 -1
credsweeper/deep_scanner/encoder_scanner.py +1 -1
credsweeper/deep_scanner/gzip_scanner.py +2 -2
credsweeper/deep_scanner/html_scanner.py +1 -1
credsweeper/deep_scanner/jclass_scanner.py +1 -1
credsweeper/deep_scanner/jks_scanner.py +1 -1
credsweeper/deep_scanner/lang_scanner.py +1 -1
credsweeper/deep_scanner/lzma_scanner.py +2 -2
credsweeper/deep_scanner/mxfile_scanner.py +1 -1
credsweeper/deep_scanner/pdf_scanner.py +1 -1
credsweeper/deep_scanner/pkcs_scanner.py +2 -2
credsweeper/deep_scanner/pptx_scanner.py +1 -1
credsweeper/deep_scanner/rpm_scanner.py +1 -1
credsweeper/deep_scanner/tar_scanner.py +2 -2
credsweeper/deep_scanner/tmx_scanner.py +2 -2
credsweeper/deep_scanner/xlsx_scanner.py +2 -2
credsweeper/deep_scanner/xml_scanner.py +1 -1
credsweeper/deep_scanner/zip_scanner.py +2 -2
credsweeper/file_handler/__init__.py +0 -15
credsweeper/file_handler/abstract_provider.py +3 -4
credsweeper/file_handler/byte_content_provider.py +1 -1
credsweeper/file_handler/content_provider.py +1 -1
credsweeper/file_handler/data_content_provider.py +1 -1
credsweeper/file_handler/diff_content_provider.py +133 -3
credsweeper/file_handler/file_path_extractor.py +2 -2
credsweeper/file_handler/files_provider.py +4 -4
credsweeper/file_handler/patches_provider.py +7 -8
credsweeper/file_handler/text_content_provider.py +1 -1
credsweeper/filters/__init__.py +2 -3
credsweeper/filters/filter.py +5 -3
credsweeper/filters/group/__init__.py +0 -2
credsweeper/filters/group/general_keyword.py +2 -2
credsweeper/filters/group/general_pattern.py +2 -2
credsweeper/filters/group/group.py +38 -36
credsweeper/filters/group/password_keyword.py +9 -8
credsweeper/filters/group/token_pattern.py +3 -3
credsweeper/filters/group/url_credentials_group.py +8 -8
credsweeper/filters/group/weird_base36_token.py +3 -3
credsweeper/filters/group/weird_base64_token.py +3 -3
credsweeper/filters/line_git_binary_check.py +5 -4
credsweeper/filters/line_specific_key_check.py +6 -5
credsweeper/filters/line_uue_part_check.py +5 -4
credsweeper/filters/value_allowlist_check.py +6 -5
credsweeper/filters/value_array_dictionary_check.py +8 -6
credsweeper/filters/value_atlassian_token_check.py +6 -5
credsweeper/filters/value_azure_token_check.py +6 -5
credsweeper/filters/value_base32_data_check.py +8 -5
credsweeper/filters/value_base64_data_check.py +6 -5
credsweeper/filters/value_base64_encoded_pem_check.py +6 -5
credsweeper/filters/value_base64_key_check.py +6 -5
credsweeper/filters/value_base64_part_check.py +6 -5
credsweeper/filters/value_basic_auth_check.py +37 -0
credsweeper/filters/value_blocklist_check.py +6 -4
credsweeper/filters/value_camel_case_check.py +6 -5
credsweeper/filters/value_couple_keyword_check.py +6 -4
credsweeper/filters/value_dictionary_keyword_check.py +6 -4
credsweeper/filters/value_discord_bot_check.py +6 -5
credsweeper/filters/value_entropy_base_check.py +6 -5
credsweeper/filters/value_file_path_check.py +8 -5
credsweeper/filters/value_github_check.py +5 -4
credsweeper/filters/value_grafana_check.py +6 -5
credsweeper/filters/value_grafana_service_check.py +5 -4
credsweeper/filters/value_hex_number_check.py +5 -4
credsweeper/filters/value_jfrog_token_check.py +6 -5
credsweeper/filters/value_json_web_key_check.py +6 -5
credsweeper/filters/value_json_web_token_check.py +6 -5
credsweeper/filters/value_last_word_check.py +6 -4
credsweeper/filters/{value_dictionary_value_length_check.py → value_length_check.py} +12 -6
credsweeper/filters/value_method_check.py +5 -4
credsweeper/filters/value_not_allowed_pattern_check.py +6 -5
credsweeper/filters/value_not_part_encoded_check.py +4 -4
credsweeper/filters/value_number_check.py +5 -4
credsweeper/filters/value_pattern_check.py +61 -41
credsweeper/filters/value_similarity_check.py +6 -4
credsweeper/filters/value_split_keyword_check.py +5 -4
credsweeper/filters/value_string_type_check.py +9 -7
credsweeper/filters/value_token_base_check.py +5 -4
credsweeper/filters/value_token_check.py +6 -5
credsweeper/logger/__init__.py +0 -1
credsweeper/logger/logger.py +1 -1
credsweeper/ml_model/__init__.py +0 -1
credsweeper/ml_model/features/__init__.py +1 -0
credsweeper/ml_model/features/entropy_evaluation.py +1 -1
credsweeper/ml_model/features/feature.py +1 -1
credsweeper/ml_model/features/file_extension.py +1 -1
credsweeper/ml_model/features/has_html_tag.py +2 -2
credsweeper/ml_model/features/is_secret_numeric.py +1 -1
credsweeper/ml_model/features/length_of_attribute.py +1 -1
credsweeper/ml_model/features/morpheme_dense.py +15 -8
credsweeper/ml_model/features/rule_name.py +1 -1
credsweeper/ml_model/features/rule_severity.py +21 -0
credsweeper/ml_model/features/search_in_attribute.py +1 -1
credsweeper/ml_model/features/word_in.py +1 -1
credsweeper/ml_model/features/word_in_path.py +5 -2
credsweeper/ml_model/features/word_in_postamble.py +1 -1
credsweeper/ml_model/features/word_in_preamble.py +1 -1
credsweeper/ml_model/features/word_in_transition.py +1 -1
credsweeper/ml_model/features/word_in_value.py +1 -1
credsweeper/ml_model/features/word_in_variable.py +1 -1
credsweeper/ml_model/ml_config.json +130 -24
credsweeper/ml_model/ml_model.onnx +0 -0
credsweeper/ml_model/ml_validator.py +3 -2
credsweeper/rules/__init__.py +0 -1
credsweeper/rules/config.yaml +116 -42
credsweeper/rules/rule.py +4 -3
credsweeper/scanner/__init__.py +0 -1
credsweeper/scanner/scan_type/__init__.py +0 -5
credsweeper/scanner/scan_type/multi_pattern.py +4 -4
credsweeper/scanner/scan_type/pem_key_pattern.py +4 -4
credsweeper/scanner/scan_type/scan_type.py +4 -4
credsweeper/scanner/scan_type/single_pattern.py +4 -4
credsweeper/scanner/scanner.py +12 -8
credsweeper/secret/config.json +2 -2
credsweeper/utils/__init__.py +0 -1
credsweeper/utils/pem_key_detector.py +3 -3
credsweeper/utils/util.py +3 -132
{credsweeper-1.11.5.dist-info → credsweeper-1.12.0.dist-info}/METADATA +1 -1
credsweeper-1.12.0.dist-info/RECORD +161 -0
credsweeper-1.11.5.dist-info/RECORD +0 -159
{credsweeper-1.11.5.dist-info → credsweeper-1.12.0.dist-info}/WHEEL +0 -0
{credsweeper-1.11.5.dist-info → credsweeper-1.12.0.dist-info}/entry_points.txt +0 -0
{credsweeper-1.11.5.dist-info → credsweeper-1.12.0.dist-info}/licenses/LICENSE +0 -0

credsweeper/filters/value_string_type_check.py CHANGED Viewed

@@ -1,9 +1,10 @@
 import re
+from typing import Optional
-from credsweeper.config import Config
-from credsweeper.credentials import LineData
+from credsweeper.config.config import Config
+from credsweeper.credentials.line_data import LineData
 from credsweeper.file_handler.analysis_target import AnalysisTarget
-from credsweeper.filters import Filter
+from credsweeper.filters.filter import Filter
 class ValueStringTypeCheck(Filter):
@@ -23,10 +24,11 @@ class ValueStringTypeCheck(Filter):
     False otherwise
     """
-    MULTIBYTE_PATTERN = re.compile(r"(\s*(0x)?[0-9a-f]{1,3}\s*,){8,80}", flags=re.IGNORECASE)
+    MULTIBYTE_PATTERN = re.compile(r"((0x)?[0-9a-f]{1,16}[UL]*)(\s*,\s*((0x)?[0-9a-f]{1,16}[UL]*)){3}",
+                                   flags=re.IGNORECASE)
-    def __init__(self, config: Config) -> None:
-        self.check_for_literals = config.check_for_literals
+    def __init__(self, config: Optional[Config] = None, check_for_literals=True) -> None:
+        self.check_for_literals = check_for_literals
     def run(self, line_data: LineData, target: AnalysisTarget) -> bool:
         """Run filter checks on received credential candidate data 'line_data'.
@@ -42,7 +44,7 @@ class ValueStringTypeCheck(Filter):
         if not self.check_for_literals or line_data.url_part:
             return False
-        if ValueStringTypeCheck.MULTIBYTE_PATTERN.match(line_data.value):
+        if ValueStringTypeCheck.MULTIBYTE_PATTERN.search(line_data.value):
             return False
         if line_data.is_source_file_with_quotes() \

credsweeper/filters/value_token_base_check.py CHANGED Viewed

@@ -1,11 +1,12 @@
 import contextlib
 from abc import abstractmethod
+from typing import Optional
 from typing import Tuple
-from credsweeper.config import Config
-from credsweeper.credentials import LineData
+from credsweeper.config.config import Config
+from credsweeper.credentials.line_data import LineData
 from credsweeper.file_handler.analysis_target import AnalysisTarget
-from credsweeper.filters import Filter
+from credsweeper.filters.filter import Filter
 from credsweeper.utils.hop_stat import HopStat
@@ -26,7 +27,7 @@ class ValueTokenBaseCheck(Filter):
         64: 2.15981241,
     }
-    def __init__(self, config: Config = None) -> None:
+    def __init__(self, config: Optional[Config] = None) -> None:
         self.__hop_stat = HopStat()
     @staticmethod

credsweeper/filters/value_token_check.py CHANGED Viewed

@@ -1,9 +1,10 @@
 import re
+from typing import Optional
-from credsweeper.config import Config
-from credsweeper.credentials import LineData
+from credsweeper.config.config import Config
+from credsweeper.credentials.line_data import LineData
 from credsweeper.file_handler.analysis_target import AnalysisTarget
-from credsweeper.filters import Filter
+from credsweeper.filters.filter import Filter
 class ValueTokenCheck(Filter):
@@ -17,9 +18,9 @@ class ValueTokenCheck(Filter):
     """
-    SPLIT_PATTERN = r"(?<!,) (?!,)|;|\)|\(|{|}|<|>|\[|\]|`"
+    SPLIT_PATTERN = re.compile(r"(?<!\W) (?!\W)|[;(){}<>[\]`]")
-    def __init__(self, config: Config = None) -> None:
+    def __init__(self, config: Optional[Config] = None) -> None:
         pass
     def run(self, line_data: LineData, target: AnalysisTarget) -> bool:

credsweeper/logger/__init__.py CHANGED Viewed

	@@ -1 +0,0 @@
1	- from credsweeper.logger.logger import Logger

credsweeper/logger/logger.py CHANGED Viewed

@@ -4,7 +4,7 @@ from pathlib import Path
 from typing import Optional
 from credsweeper.app import APP_PATH
-from credsweeper.utils import Util
+from credsweeper.utils.util import Util
 class Logger:

credsweeper/ml_model/__init__.py CHANGED Viewed

	@@ -1 +0,0 @@
1	- from credsweeper.ml_model.ml_validator import MlValidator

credsweeper/ml_model/features/__init__.py CHANGED Viewed

@@ -5,6 +5,7 @@ from credsweeper.ml_model.features.is_secret_numeric import IsSecretNumeric
 from credsweeper.ml_model.features.length_of_attribute import LengthOfAttribute
 from credsweeper.ml_model.features.morpheme_dense import MorphemeDense
 from credsweeper.ml_model.features.rule_name import RuleName
+from credsweeper.ml_model.features.rule_severity import RuleSeverity
 from credsweeper.ml_model.features.search_in_attribute import SearchInAttribute
 from credsweeper.ml_model.features.word_in_path import WordInPath
 from credsweeper.ml_model.features.word_in_postamble import WordInPostamble

credsweeper/ml_model/features/entropy_evaluation.py CHANGED Viewed

@@ -4,7 +4,7 @@ from typing import Dict, List, Set
 import numpy as np
 from credsweeper.common.constants import Chars, ML_HUNK
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.file_handler.data_content_provider import MIN_DATA_LEN
 from credsweeper.ml_model.features.feature import Feature

credsweeper/ml_model/features/feature.py CHANGED Viewed

@@ -3,7 +3,7 @@ from typing import List, Any
 import numpy as np
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 class Feature(ABC):

credsweeper/ml_model/features/file_extension.py CHANGED Viewed

@@ -2,7 +2,7 @@ from typing import List, Any
 import numpy as np
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn

credsweeper/ml_model/features/has_html_tag.py CHANGED Viewed

@@ -1,7 +1,7 @@
 from credsweeper.common.constants import CHUNK_SIZE
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.feature import Feature
-from credsweeper.utils import Util
+from credsweeper.utils.util import Util
 class HasHtmlTag(Feature):

credsweeper/ml_model/features/is_secret_numeric.py CHANGED Viewed

@@ -1,4 +1,4 @@
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.feature import Feature

credsweeper/ml_model/features/length_of_attribute.py CHANGED Viewed

@@ -1,7 +1,7 @@
 import numpy as np
 from credsweeper.common.constants import ML_HUNK
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.feature import Feature

credsweeper/ml_model/features/morpheme_dense.py CHANGED Viewed

@@ -1,5 +1,5 @@
 from credsweeper.common import static_keyword_checklist
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.feature import Feature
@@ -7,13 +7,20 @@ class MorphemeDense(Feature):
     """Feature calculates morphemes density for a value"""
     def extract(self, candidate: Candidate) -> float:
+        density = 0.0
         if value := candidate.line_data_list[0].value.lower():
-            morphemes_counter = 0
+            morphemes_length = 0
             for morpheme in static_keyword_checklist.morpheme_set:
-                if morpheme in value:
-                    morphemes_counter += 1
+                morpheme_pos = value.find(morpheme)
+                if 0 <= morpheme_pos:
+                    morpheme_len = len(morpheme)
+                    while 0 <= morpheme_pos:
+                        morphemes_length += morpheme_len
+                        morpheme_pos += morpheme_len
+                        morpheme_pos = value.find(morpheme, morpheme_pos)
             # normalization: minimal morpheme length is 3
-            return 3.0 * morphemes_counter / len(value)
-        else:
-            # empty value case
-            return 0.0
+            density = morphemes_length / len(value)
+            if 1.0 < density:
+                # overlap morpheme case
+                density = 1.0
+        return density

credsweeper/ml_model/features/rule_name.py CHANGED Viewed

@@ -2,7 +2,7 @@ from typing import List, Any
 import numpy as np
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn

credsweeper/ml_model/features/rule_severity.py ADDED Viewed

@@ -0,0 +1,21 @@
+from credsweeper.common.constants import Severity
+from credsweeper.credentials.candidate import Candidate
+from credsweeper.ml_model.features.feature import Feature
+class RuleSeverity(Feature):
+    """Categorical feature that corresponds to rule name."""
+    def extract(self, candidate: Candidate) -> float:
+        if Severity.CRITICAL == candidate.severity:
+            return 1.0
+        elif Severity.HIGH == candidate.severity:
+            return 0.75
+        elif Severity.MEDIUM == candidate.severity:
+            return 0.5
+        elif Severity.LOW == candidate.severity:
+            return 0.25
+        elif Severity.INFO == candidate.severity:
+            return 0.0
+        else:
+            raise ValueError(f"Unknown type of severity: {candidate.severity}")

credsweeper/ml_model/features/search_in_attribute.py CHANGED Viewed

@@ -1,6 +1,6 @@
 import re
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.feature import Feature

credsweeper/ml_model/features/word_in.py CHANGED Viewed

@@ -3,7 +3,7 @@ from typing import List, Any, Tuple, Set
 import numpy as np
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.feature import Feature

credsweeper/ml_model/features/word_in_path.py CHANGED Viewed

@@ -1,9 +1,10 @@
+import os.path
 from pathlib import Path
 from typing import List, Any
 import numpy as np
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn
@@ -16,7 +17,9 @@ class WordInPath(WordIn):
             path = Path(file_path)
             # apply ./ for normalised path to detect "/src" for relative path
             posix_lower_path = path.as_posix().lower() if path.is_absolute() else f"./{path.as_posix().lower()}"
-            return self.word_in_str(posix_lower_path)
+            # prevent extra confusion from the same word in extension
+            path_without_extension, _ = os.path.splitext(posix_lower_path)
+            return self.word_in_str(path_without_extension)
         else:
             return np.array([np.zeros(shape=[self.dimension], dtype=np.int8)])

credsweeper/ml_model/features/word_in_postamble.py CHANGED Viewed

@@ -1,7 +1,7 @@
 import numpy as np
 from credsweeper.common.constants import ML_HUNK
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn

credsweeper/ml_model/features/word_in_preamble.py CHANGED Viewed

@@ -1,7 +1,7 @@
 import numpy as np
 from credsweeper.common.constants import ML_HUNK
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn

credsweeper/ml_model/features/word_in_transition.py CHANGED Viewed

@@ -1,6 +1,6 @@
 import numpy as np
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn

credsweeper/ml_model/features/word_in_value.py CHANGED Viewed

@@ -1,6 +1,6 @@
 import numpy as np
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn

credsweeper/ml_model/features/word_in_variable.py CHANGED Viewed

@@ -1,6 +1,6 @@
 import numpy as np
-from credsweeper.credentials import Candidate
+from credsweeper.credentials.candidate import Candidate
 from credsweeper.ml_model.features.word_in import WordIn

credsweeper 1.11.5__py3-none-any.whl → 1.12.0__py3-none-any.whl

Potentially problematic release.

credsweeper 1.11.5py3-none-any.whl → 1.12.0py3-none-any.whl