PyPI - credsweeper - Versions diffs - 1.12.1__py3-none-any.whl → 1.13.3__py3-none-any.whl - Mend

credsweeper 1.12.1py3-none-any.whl → 1.13.3py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of credsweeper might be problematic. Click here for more details.

Files changed (51) hide show

credsweeper/__init__.py +1 -1
credsweeper/__main__.py +23 -13
credsweeper/app.py +7 -2
credsweeper/common/keyword_pattern.py +6 -3
credsweeper/common/morpheme_checklist.txt +26 -6
credsweeper/config/config.py +1 -0
credsweeper/credentials/line_data.py +21 -6
credsweeper/deep_scanner/abstract_scanner.py +1 -0
credsweeper/deep_scanner/csv_scanner.py +71 -0
credsweeper/deep_scanner/deep_scanner.py +19 -9
credsweeper/deep_scanner/jks_scanner.py +11 -2
credsweeper/deep_scanner/pkcs_scanner.py +4 -0
credsweeper/deep_scanner/rtf_scanner.py +41 -0
credsweeper/deep_scanner/strings_scanner.py +52 -0
credsweeper/file_handler/byte_content_provider.py +10 -1
credsweeper/file_handler/file_path_extractor.py +2 -0
credsweeper/file_handler/text_content_provider.py +7 -1
credsweeper/filters/__init__.py +1 -1
credsweeper/filters/group/token_pattern.py +2 -2
credsweeper/filters/group/weird_base36_token.py +3 -3
credsweeper/filters/group/weird_base64_token.py +2 -2
credsweeper/filters/value_camel_case_check.py +2 -2
credsweeper/filters/value_file_path_check.py +5 -3
credsweeper/filters/value_github_check.py +3 -2
credsweeper/filters/value_morphemes_check.py +43 -0
credsweeper/filters/value_string_type_check.py +1 -0
credsweeper/ml_model/features/feature.py +1 -18
credsweeper/ml_model/features/file_extension.py +1 -1
credsweeper/ml_model/features/has_html_tag.py +10 -8
credsweeper/ml_model/features/is_secret_numeric.py +4 -3
credsweeper/ml_model/features/rule_name.py +1 -1
credsweeper/ml_model/features/word_in.py +9 -32
credsweeper/ml_model/features/word_in_path.py +2 -3
credsweeper/ml_model/features/word_in_postamble.py +1 -4
credsweeper/ml_model/features/word_in_preamble.py +1 -4
credsweeper/ml_model/features/word_in_transition.py +1 -4
credsweeper/ml_model/features/word_in_value.py +2 -3
credsweeper/ml_model/features/word_in_variable.py +2 -3
credsweeper/ml_model/ml_config.json +15 -8
credsweeper/ml_model/ml_model.onnx +0 -0
credsweeper/ml_model/ml_validator.py +1 -1
credsweeper/rules/config.yaml +174 -207
credsweeper/scanner/scanner.py +12 -7
credsweeper/secret/config.json +18 -5
credsweeper/utils/util.py +21 -18
{credsweeper-1.12.1.dist-info → credsweeper-1.13.3.dist-info}/METADATA +7 -7
{credsweeper-1.12.1.dist-info → credsweeper-1.13.3.dist-info}/RECORD +50 -47
credsweeper/filters/value_couple_keyword_check.py +0 -28
{credsweeper-1.12.1.dist-info → credsweeper-1.13.3.dist-info}/WHEEL +0 -0
{credsweeper-1.12.1.dist-info → credsweeper-1.13.3.dist-info}/entry_points.txt +0 -0
{credsweeper-1.12.1.dist-info → credsweeper-1.13.3.dist-info}/licenses/LICENSE +0 -0

credsweeper/ml_model/ml_config.json CHANGED Viewed

@@ -10,6 +10,7 @@
     "features": [
         {
             "type": "RuleSeverity",
+            "comment": "INFO=0.0, LOW=0.25, MEDIUM=0.5, HIGH=0.75, CRITICAL=1.0",
             "kwargs": {}
         },
         {
@@ -62,7 +63,7 @@
             "type": "SearchInAttribute",
             "comment": "Repeated symbol",
             "kwargs": {
-                "pattern": ".*(?:(\\S)(\\S))((\\1.)|(.\\2)){7,}",
+                "pattern": "(?:(\\S)(\\S))((\\1.)|(.\\2)){7,}",
                 "attribute": "value"
             }
         },
@@ -70,7 +71,7 @@
             "type": "SearchInAttribute",
             "comment": "SHA marker",
             "kwargs": {
-                "pattern": ".*(?i:sha)[_-]?(224|256|384|512)",
+                "pattern": "(?i:sha)[_-]?(224|256|384|512)",
                 "attribute": "value"
             }
         },
@@ -126,7 +127,7 @@
             "type": "SearchInAttribute",
             "comment": "VariableNotAllowedNameCheck",
             "kwargs": {
-                "pattern": "(?i:(filters?|pub(lic)?)_?key)",
+                "pattern": "(?i:(sha[_-]?(224|256|384|512)|projects?|filters?|pub(lic)?)_?key)",
                 "attribute": "variable"
             }
         },
@@ -134,7 +135,7 @@
             "type": "SearchInAttribute",
             "comment": "VariableNotAllowedNameCheck",
             "kwargs": {
-                "pattern": "(?i:(id|size|name|type|manager|algorithm|view|error)$)",
+                "pattern": "(?i:(id|sum|size|name|type|manager|algorithm|pattern|view|error|date(time)?|time(stamp)?|tag|version|hash|rate)$)",
                 "attribute": "variable"
             }
         },
@@ -245,8 +246,10 @@
                     "crypt",
                     "crypted",
                     "decrypt",
+                    "edited",
                     "encrypt",
                     "example",
+                    "expire",
                     "fake",
                     "file",
                     "foo",
@@ -260,7 +263,8 @@
                     "pass",
                     "public",
                     "pwd",
-                    "rsa-",
+                    "redacted",
+                    "rsa",
                     "salt",
                     "secret",
                     "sha",
@@ -339,6 +343,7 @@
                     "get",
                     "e.g.",
                     "equal",
+                    "env",
                     "example",
                     "expect",
                     "line",
@@ -484,6 +489,7 @@
                     ".bat",
                     ".bats",
                     ".bazel",
+                    ".bin",
                     ".build",
                     ".bundle",
                     ".bzl",
@@ -504,7 +510,6 @@
                     ".csp",
                     ".csv",
                     ".dist",
-                    ".doc",
                     ".dockerfile",
                     ".edited",
                     ".eex",
@@ -527,6 +532,8 @@
                     ".gtpl",
                     ".h",
                     ".haml",
+                    ".har",
+                    ".hpp",
                     ".hs",
                     ".html",
                     ".idl",
@@ -657,8 +664,8 @@
                     "CMD Password",
                     "CMD Secret",
                     "CMD Token",
+                    "CURL User Password",
                     "Credential",
-                    "Github Old Token",
                     "Key",
                     "Nonce",
                     "Password",
@@ -671,4 +678,4 @@
             }
         }
     ]
-}
+}

credsweeper/ml_model/ml_model.onnx CHANGED Viewed

Binary file

credsweeper/ml_model/ml_validator.py CHANGED Viewed

@@ -272,7 +272,7 @@ class MlValidator:
         if head != tail:
             probability[head:tail] = self._batch_call_model(line_input_list, variable_input_list, value_input_list,
                                                             features_list)
-        is_cred = probability > self.threshold
+        is_cred = self.threshold <= probability
         if logger.isEnabledFor(logging.DEBUG):
             for i, decision in enumerate(is_cred):
                 logger.debug("ML decision: %s with prediction: %s for value: %s", decision, probability[i],

credsweeper 1.12.1__py3-none-any.whl → 1.13.3__py3-none-any.whl

Potentially problematic release.

credsweeper 1.12.1py3-none-any.whl → 1.13.3py3-none-any.whl