kingfisher

Author	SHA1	Message	Date
Mick Grove	bfcec88482	updated dependencies	2026-03-24 09:40:06 -07:00
Mick Grove	6c32e374c3	openssf scorecard suggested improvements	2026-03-19 20:14:35 -07:00
Mick Grove	e6dd9cd7db	v1.90.0	2026-03-18 17:06:55 -07:00
Mick Grove	f0a3bee587	added --max-validation-response-length <BYTES>	2026-03-16 22:25:32 -07:00
Mick Grove	bc1093ca4a	v1.90.0	2026-03-15 13:59:07 -07:00
Mick Grove	e54b87a322	added Teams support	2026-03-13 22:53:05 -07:00
Mick Grove	60931c11a9	added Teams support	2026-03-13 17:39:34 -07:00
Mick Grove	ab811c8bcf	v1.87.0	2026-03-09 20:11:58 -07:00
Mick Grove	d66d8f0226	added new rules	2026-03-07 21:31:02 -08:00
Mick Grove	0bf066491a	v1.86.0	2026-03-05 20:36:27 -08:00
Mick Grove	fcac8cf1b7	rules updated	2026-03-03 16:47:59 -08:00
Mick Grove	0605848ed5	Fix extraction fallback handling	2026-02-28 12:42:08 -07:00
Mick Grove	3220ed3a80	Merge branch 'codex/pr-244-mergeable' into development * codex/pr-244-mergeable: Add Jira comment and changelog scanning	2026-02-28 11:14:19 -07:00
Mick Grove	719b91301d	Add Jira comment and changelog scanning	2026-02-28 11:13:00 -07:00
Mick Grove	0ae4e8445c	Updated kingfisher scan to accept Git repository URLs as positional targets (for example kingfisher scan github.com/org/repo or kingfisher scan https://gitlab.com/group/project.git ) without requiring --git-url.	2026-02-26 23:14:18 -07:00
Mick Grove	a5582d0544	added redis rule, modified from Titus project, and updated NOTICE file	2026-02-24 12:56:50 -07:00
Mick Grove	92f43d2e29	added --turbo mode	2026-02-24 12:25:12 -07:00
Mick Grove	aa29ee0e99	added '--fast' mode which sets maximum scan speed. Omits git commit context and will not base64 decode	2026-02-23 22:34:23 -07:00
Mick Grove	fa640e2c38	Python bytecode (.pyc) scanning: extracts string constants from compiled Python	2026-02-23 20:06:43 -07:00
Mick Grove	1f4ccb8144	Automatically extracts and scans SQLite database contents for secrets stored in table rows	2026-02-22 23:35:18 -07:00
Mick Grove	8cf09936fc	Kingfisher can now generate an auditor-friendly HTML report	2026-02-15 23:50:39 -08:00
Mick Grove	816d5c40ba	wip 1.83	2026-02-13 16:41:28 -08:00
Mick Grove	5882468177	Added optional validation rate limiting via --validation-rps (global) and repeatable --validation-rps-rule <RULE_SELECTOR=RPS> (per-rule override) for both scan and validate. Throttling now applies across built-in validator types (HTTP/gRPC plus AWS, GCP, Coinbase, MongoDB, Postgres, MySQL, JDBC, JWT, and Azure Storage). Rule selectors support the short form (for example, github=2 matches kingfisher.github.*) with longest-prefix precedence when multiple selectors apply.	2026-02-12 12:33:59 -08:00
Mick Grove	ec44d9b60b	- Added kingfisher.temporal.1 rule for Temporal Cloud API keys (namespace-scoped and user-scoped JWT formats) with Temporal-specific pattern matching. - Added Temporal Cloud active credential validation via GET https://saas-api.tmprl.cloud/cloud/current-identity using bearer auth, so Temporal keys validate against provider APIs instead of generic OIDC discovery. - Fixed JWT issuer normalization to treat bare host issuers (e.g. iss: temporal.io) as HTTPS URLs during discovery, avoiding low-level URL builder failures. - Added crates/kingfisher-rules/build.rs to ensure embedded rule assets rebuild when files under crates/kingfisher-rules/data change.	2026-02-11 23:27:05 -08:00
Mick Grove	4a74e95756	v1.81.0	2026-02-10 19:43:34 -08:00
Mick Grove	e518fb30f2	v1.81.0	2026-02-10 19:24:19 -08:00
Mick Grove	209f7611ef	v1.80.0	2026-02-09 12:14:50 -08:00
Mick Grove	95e9407700	Fixed readme	2026-02-07 09:21:41 -08:00
Mick Grove	ede6e62019	Fixed PyPi github action	2026-02-07 09:12:50 -08:00
Mick Grove	4c89ee59da	Fixed PyPi github action	2026-02-07 09:03:57 -08:00
Mick Grove	63f1d515ae	preparing for v1.78.0	2026-02-02 18:39:24 -08:00
Mick Grove	92ca07739a	updated alibaba rule	2026-02-01 22:31:52 -08:00
Mick Grove	8491b03ff0	dockerhub rule update and docs update	2026-01-31 21:54:08 -08:00
Mick Grove	45cab25615	Added Husky precommit support and added pre-commit hook that automatically downloads and caches the appropriate binary for your platform (no Docker or manual installation required).	2026-01-30 08:33:59 -08:00
Mick Grove	aee1050620	ensured more CLI arguments are global	2026-01-30 08:04:15 -08:00
Mick Grove	8be7941333	Added 'revoke' subcommand and support for a new optional 'revocation' structure to the rules. Supporting GitHub and Slack right now	2026-01-29 12:45:32 -08:00
Mick Grove	1c45efde3e	Refactored into multiple crates. Added the 'validate' subcommand	2026-01-28 22:24:35 -08:00
Mick Grove	bd4cd4c2c2	Refactored into multiple crates. Added the 'validate' subcommand	2026-01-28 10:57:45 -08:00
Mick Grove	76be1df60c	Refactored into multiple crates. Added the 'validate' subcommand	2026-01-28 10:27:24 -08:00
Mick Grove	8c07fb3f3c	- Enhanced Access Map View: added fingerprint display, enabled searching by fingerprint, and implemented bidirectional navigation between Findings and Access Map nodes. - Added Slack Access Map support with granular permissions in the tree view.	2026-01-14 21:45:55 -08:00
Mick Grove	02131a6d40	Merge pull request #181 from mongodb/development preparing v1.74.0	2026-01-13 21:15:07 -08:00
Mick Grove	a93419bd33	preparing v1.74.0	2026-01-13 14:26:50 -08:00
Mick Grove	bb038df5ff	Update demo link in README.md Signed-off-by: Mick Grove <mick.grove@mongodb.com>	2026-01-02 16:06:03 -08:00
Mick Grove	7bde8a9a9b	v1.73.0	2026-01-02 13:04:30 -08:00
Mick Grove	f19c9cbe2b	v1.73.0	2026-01-02 12:52:51 -08:00
Mick Grove	08cccfd6ef	v1.73.0	2026-01-02 12:49:58 -08:00
Mick Grove	239a200c22	v1.73.0	2026-01-01 22:34:51 -08:00
Mick Grove	7237a931d5	v1.73.0	2026-01-01 22:24:57 -08:00
Mick Grove	7f7b2d7cb9	- Map SARIF result levels from rule confidence - Added tag selection support to the bash and PowerShell install scripts.	2025-12-22 09:47:12 -08:00
Mick Grove	c66069fe4b	- Map SARIF result levels from rule confidence - Added tag selection support to the bash and PowerShell install scripts.	2025-12-22 09:45:58 -08:00

1 2 3 4

168 commits