eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
1,574 commits 5 branches 83 tags 53 MiB
Commit graph

41 commits

Author SHA1 Message Date
Mick Grove
54d9fc7ecd preparing for v1.100.0 2026-05-18 13:03:16 -07:00
Mick Grove
ab93d4d242 Revert msys2/setup-msys2 to v2.31.0 
v2.31.1 fails to verify MSYS2 package database PGP signatures on
GitHub-hosted Windows runners ("signature from Christoph Reiter
... is unknown trust" for clangarm64/mingw32/mingw64/ucrt64/clang64/msys),
which breaks the Windows ARM64 (and x64) jobs at the pacman -Syuu step.
Pinning back to v2.31.0 until upstream ships a fix.
 2026-04-29 12:57:56 -07:00
Mick Grove
c387ac08d2 Added first-class **Postman** scanning target: new kingfisher scan postman subcommand (and equivalent --postman-* flags) fetches workspaces, collections, and environments via the Postman API and scans them for hard-coded credentials in request auth blocks, pre-request/test scripts, saved example responses, and — notably — secret-typed environment variables, which the API returns in plaintext despite the UI mask. Selectors: --workspace, --collection, --environment, --all, with optional --include-mocks-monitors and --api-url for self-hosted endpoints. Authenticates via KF_POSTMAN_TOKEN (or POSTMAN_API_KEY) sent as X-Api-Key; honors X-RateLimit-RetryAfter on 429s. Findings link back to https://go.postman.co/... URLs in reports. 2026-04-29 11:09:47 -07:00
Mick Grove
9d7e31980c performance improvements and rule improvements 2026-04-19 22:38:39 -07:00
Mick Grove
5411a52211 updated to rust 1.94 2026-04-14 14:20:28 -07:00
Mick Grove
c171704884 updated vectorscan 2026-04-02 19:35:30 -07:00
Mick Grove
d609900d56 updated dependencies 2026-03-24 08:55:34 -07:00
Mick Grove
5fa4ce59b7 openssf scorecard suggested improvements 
Made-with: Cursor
 2026-03-19 23:39:36 -07:00
Mick Grove
6c32e374c3 openssf scorecard suggested improvements 2026-03-19 20:14:35 -07:00
Mick Grove
02a314529e v1.87.0 2026-03-09 21:50:06 -07:00
Mick Grove
e1c0702d3c v1.86.0 2026-03-06 08:28:28 -08:00
Mick Grove
11df7a4a8b v1.86.0 2026-03-05 23:09:54 -08:00
Mick Grove
a0b979d3f8 v1.86.0 2026-03-05 22:50:11 -08:00
Mick Grove
2527438e25 v1.86.0 2026-03-05 22:08:11 -08:00
Mick Grove
d89bdb868f v1.86.0 2026-03-05 20:50:48 -08:00
Mick Grove
0bf066491a v1.86.0 2026-03-05 20:36:27 -08:00
Mick Grove
cfc01eab68 Fixed CI runner failure when executing tests 2026-02-13 09:19:02 -08:00
Mick Grove
20a05a643c Fixed CI runner failure when executing tests 2026-02-12 21:11:50 -08:00
Mick Grove
1a8651ecb0 Fixed CI runner failure when executing tests 2026-02-12 17:26:28 -08:00
Mick Grove
1503b4f661 Fixed CI runner failure when executing tests 2026-02-12 17:25:49 -08:00
Mick Grove
e72f40b169 Fixed CI runner failure when executing tests 2026-02-12 16:51:55 -08:00
Mick Grove
dfe6554b1c Fixed CI runner failure when executing tests 2026-02-12 16:07:55 -08:00
Mick Grove
60c72292c7 Added optional validation rate limiting via --validation-rps (global) and repeatable --validation-rps-rule <RULE_SELECTOR=RPS> (per-rule override) for both scan and validate. Throttling now applies across built-in validator types (HTTP/gRPC plus AWS, GCP, Coinbase, MongoDB, Postgres, MySQL, JDBC, JWT, and Azure Storage). Rule selectors support the short form (for example, github=2 matches kingfisher.github.*) with longest-prefix precedence when multiple selectors apply. 2026-02-12 13:15:51 -08:00
Mick Grove
5882468177 Added optional validation rate limiting via --validation-rps (global) and repeatable --validation-rps-rule <RULE_SELECTOR=RPS> (per-rule override) for both scan and validate. Throttling now applies across built-in validator types (HTTP/gRPC plus AWS, GCP, Coinbase, MongoDB, Postgres, MySQL, JDBC, JWT, and Azure Storage). Rule selectors support the short form (for example, github=2 matches kingfisher.github.*) with longest-prefix precedence when multiple selectors apply. 2026-02-12 12:33:59 -08:00
Mick Grove
4a74e95756 v1.81.0 2026-02-10 19:43:34 -08:00
Mick Grove
301c656f38 Fix build issues 2026-02-02 08:17:41 -08:00
Mick Grove
bcf3e278a1 preparing v1.74.0 2026-01-13 18:08:46 -08:00
Mick Grove
f4fc395554 preparing v1.74.0 2026-01-13 17:08:21 -08:00
Mick Grove
08cccfd6ef v1.73.0 2026-01-02 12:49:58 -08:00
Mick Grove
c66069fe4b - Map SARIF result levels from rule confidence 
- Added tag selection support to the bash and PowerShell install scripts.
 2025-12-22 09:45:58 -08:00
Mick Grove
dca955a95c v1.63.0 2025-11-10 18:47:51 -08:00
Mick Grove
da47c8009b Fixing CI builds for Windows on GitHub Actions 2025-11-09 20:44:42 -08:00
Mick Grove
1cc05e718b Fixing CI builds for Windows on GitHub Actions 2025-11-09 17:34:14 -08:00
Mick Grove
02b84a0084 Fixing CI builds for Windows on GitHub Actions 2025-11-09 17:09:58 -08:00
Mick Grove
22188647bb Fixing CI builds for Windows on GitHub Actions 2025-11-09 16:50:29 -08:00
Mick Grove
5566f8e733 updated ci to use Rust 1.90 2025-10-15 23:01:28 -07:00
Mick Grove
82caff531f preparing for v1.48.0 2025-09-05 10:20:41 -07:00
Mick Grove
80aef7e6d7 preparing for v1.48.0 2025-09-05 09:31:43 -07:00
Mick Grove
be35bb532f added progress bar to s3 downloads, and attempting to fix linux-arm64 test failure due to code 143 2025-08-04 12:32:19 -07:00
Mick Grove
5f8ffcd940 updated github actions to upgrade build from 1.85.0 to 1.88.0 2025-07-14 19:44:28 -07:00
Mick Grove
fc4aee9e41 preparing for v1.12 2025-06-24 17:17:16 -07:00