eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
398 commits 5 branches 83 tags 53 MiB
Commit graph

76 commits

Author SHA1 Message Date
Mick Grove
3647d759a3 - Added a --no-ignore CLI flag to disable inline directives when you need every potential secret reported 
- Added: repeatable --ignore-comment <TOKEN> flag to reuse inline directives from other scanners (for example NOSONAR,
  kics-scan ignore, gitleaks:allow, etc)
 2025-10-10 16:23:41 -07:00
Mick Grove
92de1ba63d - Added kingfisher:ignore (or kingfisher:allow) to silence a finding inline within a file 
- Added: to reuse existing inline directives from other scanners, pass --compat-ignore-comments to also accept NOSONAR, kics-scan ignore,  gitleaks:allow and trufflehog:ignore
 2025-10-09 20:53:17 -07:00
Mick Grove
1f5b96c8d3 Merge branch 'development' into inline-ignore 
Signed-off-by: Mick Grove <mick.grove@mongodb.com>
 2025-10-09 20:19:02 -07:00
Mick Grove
a003b732fa - Added kingfisher:ignore (or kingfisher:allow) to silence a finding inline within a file 
- Added: to reuse existing inline directives from other scanners, pass --compat-ignore-comments to also accept NOSONAR, kics-scan ignore,  gitleaks:allow and trufflehog:ignore
 2025-10-09 20:11:31 -07:00
Mick Grove
caf766b731 - Added kingfisher:ignore (or kingfisher:allow) to silence a finding inline within a file 
- Added: to reuse existing inline directives from other scanners, pass --compat-ignore-comments to also accept NOSONAR, kics-scan ignore,  gitleaks:allow and trufflehog:ignore
 2025-10-09 17:59:10 -07:00
Mick Grove
7c85b89aae Fixed tree-sitter scanning bug where passing --no-base64 caused errors to be printed when the file type couldn’t be determined 2025-10-08 08:59:25 -07:00
Mick Grove
ec1d640b74 Added first-class Azure Repos support, including CLI commands, enumeration, and documentation updates 2025-10-04 23:12:28 -07:00
Mick Grove
d6d854c168 - Improved performance of tree-sitter parsing 
- Updated Windows build script to ensure static binary is produced
 2025-10-03 17:22:28 -07:00
Mick Grove
6a974907ee Added support for Gitea 2025-09-23 13:07:45 -07:00
Mick Grove
5c70fdc8e5 Added support for BitBucket 2025-09-22 18:21:03 -07:00
Mick Grove
19cca00c2b Removed the unused --rlimit-nofile flag 2025-09-18 17:02:56 -07:00
Mick Grove
866bf63202 Added diff-only Git scanning via --since-commit and --branch, including remote-aware ref resolution so CI jobs can pair --git-url clones with pull request branches 2025-09-16 14:20:43 -07:00
Mick Grove
563fa66d46 Added --github-exclude and --gitlab-exclude options to skip specific repositories when scanning or listing GitHub and GitLab sources, including support for gitignore-style glob patterns 2025-09-15 21:26:51 -07:00
Mick Grove
ba12a5b2be preparing for v1.48.0 2025-09-05 09:31:52 -07:00
Mick Grove
52b2c02ee9 Optimized memory usage via string interning and extensive data sharing 2025-09-03 09:52:49 -07:00
Mick Grove
c3513ea206 Optimized memory usage via string interning and extensive data sharing 2025-09-02 19:54:44 -07:00
Mick Grove
def8789c31 fix windows x64 builds 2025-08-31 17:26:30 -07:00
Mick Grove
dcd0460e8a fix ci build error 2025-08-31 10:27:16 -07:00
Mick Grove
2a3a4956d2 fix ci build error 2025-08-30 22:24:13 -07:00
Mick Grove
8b43f982c6 Fix tests 2025-08-30 21:25:12 -07:00
Mick Grove
5c33aa0b71 Decode Base64 blobs and scan their contents for secrets while skipping short strings for performance. This has a small performance impact and can be disabled with --no-base64 2025-08-30 19:40:22 -07:00
Mick Grove
5638a6cb45 Decode Base64 blobs and scan their contents for secrets while skipping short strings for performance. This has a small performance impact and can be disabled with --no-base64 2025-08-30 19:40:11 -07:00
Mick Grove
9de355a5c8 Decode Base64 blobs and scan their contents for secrets while skipping short strings for performance 2025-08-30 16:44:55 -07:00
Mick Grove
f820aaad6e - Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url' 2025-08-20 20:41:19 -07:00
Mick Grove
6e4c94ddc3 - Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url' 2025-08-20 20:41:11 -07:00
Mick Grove
d3bf941c5f Added '--skip-regex' and '--skip-word' flags to ignore secrets matching custom patterns or skipwords 2025-08-19 19:18:25 -07:00
Mick Grove
2411b86b78 - Fixed issue with self-update on Linux 
- Reverted the change to json and jsonl outputs by rule
 2025-08-19 11:55:28 -07:00
Mick Grove
951b62d61e - Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key 
- Grouped JSON and JSONL outputs by rule, restoring matches arrays in reports
 2025-08-18 22:56:34 -07:00
Mick Grove
ab6ac8943a fixing windows tests 2025-08-17 21:11:09 -07:00
Mick Grove
2b062163e2 fixed failing tests 2025-08-17 17:41:51 -07:00
Mick Grove
125858c060 fixed failing tests 2025-08-17 17:41:34 -07:00
Mick Grove
6fb119d501 removed serde_utils and added Authress rule 2025-08-16 07:33:36 -07:00
Mick Grove
14fccc9cc6 - Added support for scanning gitlab subgroups, with 'kingfisher scan --gitlab-group my-group --gitlab-include-subgroups' 2025-08-14 09:25:18 -07:00
Mick Grove
67b570816f fixed test 2025-08-13 09:23:03 -07:00
Mick Grove
deef538835 fixed test 2025-08-13 09:20:36 -07:00
Mick Grove
8c71eae231 Dropped the “prevalidated” flag from rule definitions and validation logic so every finding now flows through the standard active/inactive/unknown pipeline, simplifying rule configuration and preventing special‑case bypasses 2025-08-13 08:22:53 -07:00
Mick Grove
053d1a3224 Added support for scanning Confluence pages 2025-08-10 21:54:26 -07:00
Mick Grove
22c5594b53 Added support for scanning Confluence pages 2025-08-10 21:51:31 -07:00
Mick Grove
f4a1e85b26 removed unused cli argument, snippet-length 2025-08-10 17:27:36 -07:00
Mick Grove
706723e384 removed unused cli argument, snippet-length 2025-08-10 17:25:32 -07:00
Mick Grove
2fd6cd30e1 - --quiet now suppresses scan summaries and rule statistics unless --rule-stats is explicitly provided 
- Added X Consumer key detection and validation
 2025-08-09 15:36:12 -07:00
Mick Grove
96a08ed8ed GitLab: include nested subgroup projects when enumerating group repositories 2025-08-08 15:11:44 -07:00
Mick Grove
5f1c4fb236 changes in response to code review 2025-08-07 18:45:46 -07:00
Mick Grove
dafc123eb9 JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 18:30:40 -07:00
Mick Grove
ac5b9fb594 JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 17:21:16 -07:00
Mick Grove
6fe4d0e789 fixed issue where --redact did not function properly 2025-08-06 21:23:27 -07:00
Mick Grove
6cbde61099 Remote scans with --git-history=none now clone repositories with a working tree and scan the current files instead of erroring with 'No inputs to scan.' 2025-08-06 19:16:22 -07:00
Mick Grove
a81cfb963a Remote scans with --git-history=none now clone repositories with a working tree and scan the current files instead of erroring with 'No inputs to scan.' 2025-08-06 19:15:50 -07:00
Mick Grove
bc05c3e5f2 refactored output reporting and formatting logic 2025-08-04 08:58:06 -07:00
Mick Grove
505d775302 improved integration test and updated README 2025-08-03 09:45:52 -07:00