eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
350 commits 5 branches 83 tags 53 MiB
Commit graph

71 commits

Author SHA1 Message Date
Mick Grove
432c1fc0bc Fixed tree-sitter scanning bug where passing --no-base64 caused errors to be printed when the file type couldn’t be determined 2025-10-08 08:59:25 -07:00
Mick Grove
69dc42f5bb Added first-class Azure Repos support, including CLI commands, enumeration, and documentation updates 2025-10-04 23:12:28 -07:00
Mick Grove
74e47fc592 - Improved performance of tree-sitter parsing 
- Updated Windows build script to ensure static binary is produced
 2025-10-03 17:22:28 -07:00
Mick Grove
04bb3b74d0 Added support for Gitea 2025-09-23 13:07:45 -07:00
Mick Grove
3f82999ed5 Added support for BitBucket 2025-09-22 18:21:03 -07:00
Mick Grove
95b9b526a3 Removed the unused --rlimit-nofile flag 2025-09-18 17:02:56 -07:00
Mick Grove
bcec04b554 Added diff-only Git scanning via --since-commit and --branch, including remote-aware ref resolution so CI jobs can pair --git-url clones with pull request branches 2025-09-16 14:20:43 -07:00
Mick Grove
8a83203e3f Added --github-exclude and --gitlab-exclude options to skip specific repositories when scanning or listing GitHub and GitLab sources, including support for gitignore-style glob patterns 2025-09-15 21:26:51 -07:00
Mick Grove
9dd8487d54 preparing for v1.48.0 2025-09-05 09:31:52 -07:00
Mick Grove
bf60c5584b Optimized memory usage via string interning and extensive data sharing 2025-09-03 09:52:49 -07:00
Mick Grove
ac34f35f61 Optimized memory usage via string interning and extensive data sharing 2025-09-02 19:54:44 -07:00
Mick Grove
2a85f66e4a fix windows x64 builds 2025-08-31 17:26:30 -07:00
Mick Grove
e03ab5972d fix ci build error 2025-08-31 10:27:16 -07:00
Mick Grove
40ef76fd00 fix ci build error 2025-08-30 22:24:13 -07:00
Mick Grove
db0cd8d4ff Fix tests 2025-08-30 21:25:12 -07:00
Mick Grove
aa2c3ba0cc Decode Base64 blobs and scan their contents for secrets while skipping short strings for performance. This has a small performance impact and can be disabled with --no-base64 2025-08-30 19:40:22 -07:00
Mick Grove
fc0be774b4 Decode Base64 blobs and scan their contents for secrets while skipping short strings for performance. This has a small performance impact and can be disabled with --no-base64 2025-08-30 19:40:11 -07:00
Mick Grove
984231e25c Decode Base64 blobs and scan their contents for secrets while skipping short strings for performance 2025-08-30 16:44:55 -07:00
Mick Grove
87094ad773 - Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url' 2025-08-20 20:41:19 -07:00
Mick Grove
a3d9d22d6c - Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url' 2025-08-20 20:41:11 -07:00
Mick Grove
bf08d973b4 Added '--skip-regex' and '--skip-word' flags to ignore secrets matching custom patterns or skipwords 2025-08-19 19:18:25 -07:00
Mick Grove
36f51afd63 - Fixed issue with self-update on Linux 
- Reverted the change to json and jsonl outputs by rule
 2025-08-19 11:55:28 -07:00
Mick Grove
41a4ebb60f - Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key 
- Grouped JSON and JSONL outputs by rule, restoring matches arrays in reports
 2025-08-18 22:56:34 -07:00
Mick Grove
92bbe70487 fixing windows tests 2025-08-17 21:11:09 -07:00
Mick Grove
c81e8a763d fixed failing tests 2025-08-17 17:41:51 -07:00
Mick Grove
068448193f fixed failing tests 2025-08-17 17:41:34 -07:00
Mick Grove
6619705459 removed serde_utils and added Authress rule 2025-08-16 07:33:36 -07:00
Mick Grove
b8ffa3ba0c - Added support for scanning gitlab subgroups, with 'kingfisher scan --gitlab-group my-group --gitlab-include-subgroups' 2025-08-14 09:25:18 -07:00
Mick Grove
1054476a3b fixed test 2025-08-13 09:23:03 -07:00
Mick Grove
a062e82728 fixed test 2025-08-13 09:20:36 -07:00
Mick Grove
e7a8da6b3c Dropped the “prevalidated” flag from rule definitions and validation logic so every finding now flows through the standard active/inactive/unknown pipeline, simplifying rule configuration and preventing special‑case bypasses 2025-08-13 08:22:53 -07:00
Mick Grove
94e2e11de3 Added support for scanning Confluence pages 2025-08-10 21:54:26 -07:00
Mick Grove
baa7b6e761 Added support for scanning Confluence pages 2025-08-10 21:51:31 -07:00
Mick Grove
9ca6ea5fb6 removed unused cli argument, snippet-length 2025-08-10 17:27:36 -07:00
Mick Grove
690db297e3 removed unused cli argument, snippet-length 2025-08-10 17:25:32 -07:00
Mick Grove
c9c0aba687 - --quiet now suppresses scan summaries and rule statistics unless --rule-stats is explicitly provided 
- Added X Consumer key detection and validation
 2025-08-09 15:36:12 -07:00
Mick Grove
c763780905 GitLab: include nested subgroup projects when enumerating group repositories 2025-08-08 15:11:44 -07:00
Mick Grove
a912043eb9 changes in response to code review 2025-08-07 18:45:46 -07:00
Mick Grove
0bdd68c900 JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 18:30:40 -07:00
Mick Grove
b71fb5e6e2 JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 17:21:16 -07:00
Mick Grove
8d32662c1a fixed issue where --redact did not function properly 2025-08-06 21:23:27 -07:00
Mick Grove
e48b9617c8 Remote scans with --git-history=none now clone repositories with a working tree and scan the current files instead of erroring with 'No inputs to scan.' 2025-08-06 19:16:22 -07:00
Mick Grove
0b8e8fcc75 Remote scans with --git-history=none now clone repositories with a working tree and scan the current files instead of erroring with 'No inputs to scan.' 2025-08-06 19:15:50 -07:00
Mick Grove
27b37245e7 refactored output reporting and formatting logic 2025-08-04 08:58:06 -07:00
Mick Grove
10d604418b improved integration test and updated README 2025-08-03 09:45:52 -07:00
Mick Grove
9a3d27f881 added integration test 2025-08-03 08:56:22 -07:00
Mick Grove
96ab0d4b59 -Added support for scanning AWS S3 buckets via --s3-bucket and optional --s3-prefix 
- Added --role-arn and --aws-local-profile flags for S3 authentication alongside KF_AWS_KEY/KF_AWS_SECRET
 2025-08-02 20:40:16 -07:00
Mick Grove
8a74eba160 - New rules: Telegram bot token, OpenWeatherMap, Apify 
- New OpenAI detectors added (@joshlarsen)
- Fixed bug that broke validation when using unnamed group captures
 2025-08-01 16:56:04 -07:00
Mick Grove
86ea3540e3 Added support for Slack. Wrote a basic integration test 2025-07-29 20:20:33 -07:00
Mick Grove
3320863962 Added support for Slack 2025-07-29 19:00:49 -07:00