Upgrade to v3.88.4 #66
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Also some minor formatting in sources.go
* update log for large s3 file * key and size already in ctx
* pass on host to gitlab analyzer from detector * remove version from metadata as that causes the test to fail * reverted the cli to old one. code refactoring
* issue:3838 - fixed common email pattern * updated pattern as suggested by rgmz Co-authored-by: Richard Gomez <[email protected]> --------- Co-authored-by: Richard Gomez <[email protected]>
The URI detector currently makes an indiscriminate number of HTTP requests to domains, regardless of whether they actually exist. This results in wasted network bandwidth and logs spammed with things like below: Found unverified result 🐷🔑❓ Verification issue: lookup proxy.example.com: no such host Detector Type: URI Decoder Type: PLAIN Raw result: http://username:[email protected] Commit: 0dec3cdfe8cbd1c7fd6b5bdd3d8f108d4cc42311 Email: Toan <[email protected]> File: reactjs.zip Line: 127 Link: https://github.com/azureossd/Deployment-Oryx-Samples/blob/0dec3cdfe8cbd1c7fd6b5bdd3d8f108d4cc42311/reactjs.zip#L127 Repository: https://github.com/azureossd/Deployment-Oryx-Samples.git Timestamp: 2020-04-23 01:20:33 +0000 In addition to de-duplicating matches, this updates the URI detector to track hosts that are not found and skip verification.
* fixed sentry auth token detector * not sure why this is failing * Updated http client logic Co-authored-by: Richard Gomez <[email protected]> * resolved comments * improved decoding logic * removed response type * splitted to two versions * splitted to two versions * this is confusing error --------- Co-authored-by: Richard Gomez <[email protected]>
This PR updates an error message to be more helpful.
…esecurity#3847) * exposed a MethodIsSafe() to reuse it in OpsGenie Analyzer. Use Restricted Client for non-safe APIs. * Renamed MethodIsSafe to IsMethodSafe for more clarity
* Updated Postman metadata fields to contain location uniqueness and took out the unused fields of global_id, field_name, and variable_type. * Disabled body scanning for now since the only body that is scanned is the currently selected radio button but secrets can still be saved in the other unselected radio button options. * Updated link generation for more accuracy. * Updated tests to not use global constant.
… detectors (trufflesecurity#3860) * Simple implementation of exclude regexes, stopwords, and entropy checks for customdetectors * better name * readme blurb and example * link
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
Update changes from:
Checklist:
make test-community)?make lintthis requires golangci-lint)?