eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
1,280 commits 5 branches 83 tags 53 MiB
Commit graph

1,280 commits

This branch
This branch
All branches
Author SHA1 Message Date
Luke Young
ac02fb2783
 		feat(asana): add v2 tokens, split v1/v0 patterns 
Signed-off-by: Luke Young <bored-engineer@users.noreply.github.com>
 2026-01-30 14:32:08 -08:00
Luke Young
1864db0743
 		fix(aws): improve regex 
Signed-off-by: Luke Young <bored-engineer@users.noreply.github.com>
 2026-01-30 13:55:32 -08:00
Luke Young
77e3191532
 		fix(airtable): improve regex 
Signed-off-by: Luke Young <bored-engineer@users.noreply.github.com>
 2026-01-30 13:42:46 -08:00
Mick Grove
45cab25615 Added Husky precommit support and added pre-commit hook that automatically downloads and caches the appropriate binary for your platform (no Docker or manual installation required). 2026-01-30 08:33:59 -08:00
Mick Grove
5eb743711b updated changelog 2026-01-30 08:07:12 -08:00
Mick Grove
aee1050620 ensured more CLI arguments are global 2026-01-30 08:04:15 -08:00
Mick Grove
8be7941333 Added 'revoke' subcommand and support for a new optional 'revocation' structure to the rules. Supporting GitHub and Slack right now 2026-01-29 12:45:32 -08:00
Mick Grove
1c45efde3e Refactored into multiple crates. Added the 'validate' subcommand 2026-01-28 22:24:35 -08:00
Mick Grove
bd4cd4c2c2 Refactored into multiple crates. Added the 'validate' subcommand 2026-01-28 10:57:45 -08:00
Mick Grove
76be1df60c Refactored into multiple crates. Added the 'validate' subcommand 2026-01-28 10:27:24 -08:00
Mick Grove
2bf9e54ad9
 		Merge pull request #186 from mongodb/development v1.76.0 
v1.76.0
 2026-01-23 20:11:53 -08:00
Mick Grove
38a0dd9e26 Switched compression dependencies to pure-Rust bzip2/lzma implementations and pared zip features to avoid C-based codecs for bz2/xz handling. 2026-01-23 10:45:08 -08:00
Mick Grove
216fc1dbdc Switched compression dependencies to pure-Rust bzip2/lzma implementations and pared zip features to avoid C-based codecs for bz2/xz handling. 2026-01-23 09:52:11 -08:00
Mick Grove
62d22dba26 Switched compression dependencies to pure-Rust bzip2/lzma implementations and pared zip features to avoid C-based codecs for bz2/xz handling. 2026-01-22 22:32:05 -08:00
Mick Grove
bf4f825c72 Switched compression dependencies to pure-Rust bzip2/lzma implementations and pared zip features to avoid C-based codecs for bz2/xz handling. 2026-01-22 22:02:08 -08:00
Mick Grove
b4feb86f47 - Fixed validation deduplication for rules with nested unnamed captures (e.g. (?<REGEX>...(ABC|DEF)...)) to use the primary capture for grouping, ensuring each unique match triggers a separate validation request. 
- Added trace-level (-vv) logging for internal validation dedup keys and grouping to aid debugging.
 2026-01-21 13:13:43 -08:00
Mick Grove
1be10ee8c9
 		Merge pull request #184 from mongodb/development v1.75.0 
v1.75.0
 2026-01-16 15:30:34 -08:00
Mick Grove
049294af3d Skipped per-repository report writes when an output file is specified and emit a single aggregated report after multi-repository scans to preserve full output content in files. 2026-01-16 12:39:44 -08:00
Mick Grove
594534f69f Skipped per-repository report writes when an output file is specified and emit a single aggregated report after multi-repository scans to preserve full output content in files. 2026-01-16 11:34:13 -08:00
Mick Grove
4478ae9347 Skipped per-repository report writes when an output file is specified and emit a single aggregated report after multi-repository scans to preserve full output content in files. 2026-01-16 10:04:23 -08:00
Mick Grove
caaa31562c Skipped per-repository report writes when an output file is specified and emit a single aggregated report after multi-repository scans to preserve full output content in files. 2026-01-16 10:03:59 -08:00
Mick Grove
fee6c2d5ba new rules 2026-01-16 09:30:30 -08:00
Mick Grove
bff15a334b new rules 2026-01-16 08:15:32 -08:00
Mick Grove
2eadddcc4e new rules 2026-01-15 22:46:07 -08:00
Mick Grove
b0e2ce8af1 new rules 2026-01-15 22:15:59 -08:00
Mick Grove
0409abead5 new rules 2026-01-15 22:02:31 -08:00
Mick Grove
f26d3ca383 new rules 2026-01-15 21:00:23 -08:00
Mick Grove
a263c0c200 improving findings viewer 2026-01-15 17:51:56 -08:00
Mick Grove
c57181aa60 improving findings viewer 2026-01-15 10:41:55 -08:00
Mick Grove
c2cb5b9637 fix beamer rule 2026-01-14 22:12:28 -08:00
Mick Grove
fdd0a8e02d fix beamer rule 2026-01-14 22:06:08 -08:00
Mick Grove
8c07fb3f3c - Enhanced Access Map View: added fingerprint display, enabled searching by fingerprint, and implemented bidirectional navigation between Findings and Access Map nodes. 
- Added Slack Access Map support with granular permissions in the tree view.
 2026-01-14 21:45:55 -08:00
Mick Grove
96f585ffa3
 		Merge pull request #182 from mongodb/main 
sync with main
 2026-01-14 17:20:19 -08:00
Mick Grove
26f41fcf7a - Enhanced Access Map View: added fingerprint display, enabled searching by fingerprint, and implemented bidirectional navigation between Findings and Access Map nodes. 
- Added Slack Access Map support with granular permissions in the tree view.
 2026-01-14 17:19:02 -08:00
Mick Grove
02131a6d40
 		Merge pull request #181 from mongodb/development v1.74.0 
preparing v1.74.0
 2026-01-13 21:15:07 -08:00
Mick Grove
bcf3e278a1 preparing v1.74.0 2026-01-13 18:08:46 -08:00
Mick Grove
f4fc395554 preparing v1.74.0 2026-01-13 17:08:21 -08:00
Mick Grove
a93419bd33 preparing v1.74.0 2026-01-13 14:26:50 -08:00
Mick Grove
e10f6c6e2a
 		Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Mick Grove <mick.grove@mongodb.com>
 2026-01-13 10:37:37 -08:00
Mick Grove
b0c05ff8a2 preparing v1.74.0 2026-01-13 10:32:20 -08:00
Mick Grove
51588dbb6a preparing v1.74.0 2026-01-13 10:32:09 -08:00
Mick Grove
c77c95be3f
 		Merge pull request #180 from AkshayJainG/add-short-openai-key-detection 
Add detection for short sk-None- prefixed OpenAI API keys
 2026-01-13 08:41:23 -08:00
Akshay Jain
69d447dcc9 Add detection for short sk-None- prefixed OpenAI API keys 
OpenAI issues keys with sk-None- prefix in both short (56 char) and long
(130+ char) formats. The existing openai.2 rule only matches long keys
with {100,} minimum length. This adds openai.3 to detect the short variant:
sk-None- followed by exactly 48 alphanumeric characters.

Fixes detection gap where trufflehog found valid keys that kingfisher missed.
 2026-01-13 13:40:16 +05:30
Mick Grove
abe546fd59 preparing v1.74.0 2026-01-12 22:51:40 -08:00
Mick Grove
4f18541cb6 preparing v1.74.0 2026-01-12 22:50:05 -08:00
Mick Grove
75dd8f66dc
 		Merge pull request #178 from AkshayJainG/add-scraperapi-rule 
Add ScraperAPI key detection rule
 2026-01-12 22:44:25 -08:00
Mick Grove
065e18be63
 		Merge pull request #179 from himanshudas/main 
Fix UTF-8 boundary panic in HTTP response body slicing
 2026-01-12 22:44:18 -08:00
Himanshu Kumar Das
6ed438fe68
 		Fix UTF-8 boundary panic in HTTP response body slicing 
The body_looks_like_html() function panicked when byte index 1024 fell inside a multi-byte UTF-8 character (e.g., Chinese text from Gitee). Use is_char_boundary() to find a valid slice point instead of arbitrary byte index.

Signed-off-by: Himanshu Kumar Das <1238723+himanshudas@users.noreply.github.com>
 2026-01-13 03:40:06 +05:30
Akshay Jain
98d009deae Add ScraperAPI key detection rule 
Adds a new rule to detect ScraperAPI keys with:
- Pattern matching for 32-character alphanumeric keys
- Live validation against ScraperAPI endpoint
- Medium confidence with entropy check (min 3.5)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-07 13:38:53 +05:30
Mick Grove
f164122349
 		Merge pull request #175 from mongodb/mickgmdb-README-video-update v1.73.0 
Update demo link in README.md
 2026-01-02 16:06:23 -08:00