eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
1,280 commits 5 branches 83 tags 53 MiB
Commit graph

1,280 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mick Grove
f603c474f6 Updated precommit behavior and docs 2025-12-09 14:56:32 -08:00
Mick Grove
f1a77a736c Updated precommit behavior and docs 2025-12-09 12:56:55 -08:00
Mick Grove
356ecc5748 Atlassian key update 2025-12-09 09:48:05 -08:00
Mick Grove
3c141f989a updated entropy on several rules 2025-12-06 16:48:52 -08:00
Mick Grove
c59b7794ca updated posthog rule 2025-12-06 12:58:45 -08:00
Mick Grove
fc2fa58748 Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-06 12:06:47 -08:00
Mick Grove
b03ce7ffaf Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-06 09:10:21 -08:00
Mick Grove
3be190edac Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-05 22:41:39 -08:00
Mick Grove
19cd75293f Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-05 22:24:16 -08:00
Mick Grove
33412d04be Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-05 21:57:20 -08:00
Mick Grove
f79b7f4b0c added posthog 2025-12-05 21:45:24 -08:00
Mick Grove
9eff41f4ff Added new rules for AWS Bedrock, Voyage.ai 2025-12-05 16:06:02 -08:00
Mick Grove
ed4e622f6b
 		Merge pull request #157 from mongodb/development 
Allow manual rerun of Docker publish job
 2025-12-05 12:55:03 -08:00
Mick Grove
6c2bc8303e Allow manual rerun of Docker publish job 2025-12-05 12:53:53 -08:00
Mick Grove
8c9e6b36cb
 		Merge pull request #156 from mongodb/development 
Fix failing Docker publishing due to Alpine image bug
 2025-12-05 12:47:39 -08:00
Mick Grove
1f9d692e9f Updated dockerfile to fix failing docker image publishing 2025-12-05 12:44:38 -08:00
Mick Grove
e0587f12ba cleanup' 2025-12-05 10:26:58 -08:00
Mick Grove
2f31157ac3
 		Merge pull request #154 from mongodb/development v1.69.0 
v1.69.0
 2025-12-05 10:16:47 -08:00
Mick Grove
338b6f16d6 updated cargo dependencies 2025-12-05 08:21:09 -08:00
Mick Grove
d869627d62 - Reduced per-match memory usage by compacting stored source locations and interning repeated capture names. 
- Stored optional validation response bodies as boxed strings to avoid allocating empty payloads and to streamline validator caches.
- Parallelized git cloning based on the configured job count and begin scanning repositories as soon as each clone finishes to reduce end-to-end scan times.
- Combined per-repository results into a single aggregate summary after scans complete.
- Added initial access-map support and report viewer html file. Currently beta features.
 2025-12-05 08:09:13 -08:00
Mick Grove
078fa16e6a - Reduced per-match memory usage by compacting stored source locations and interning repeated capture names. 
- Stored optional validation response bodies as boxed strings to avoid allocating empty payloads and to streamline validator caches.
- Parallelized git cloning based on the configured job count and begin scanning repositories as soon as each clone finishes to reduce end-to-end scan times.
- Combined per-repository results into a single aggregate summary after scans complete.
- Added initial access-map support and report viewer html file. Currently beta features.
 2025-12-04 22:02:30 -08:00
Mick Grove
3f9b3df7eb
 		Merge pull request #152 from mongodb/development v1.68.0 
v1.68.0
 2025-11-24 23:52:56 -08:00
Mick Grove
9718fc1dc4 Fixed Bitbucket authenticated cloning bug 2025-11-24 23:45:10 -08:00
Mick Grove
2f69219b5c Fixed Bitbucket authenticated cloning bug 2025-11-24 23:43:11 -08:00
Mick Grove
d7123b3437
 		Merge pull request #151 from mongodb/development v1.67.0 
fixed failing CI action
 2025-11-24 17:10:57 -08:00
Mick Grove
e35dc20a13 fixed failing CI action 2025-11-24 17:10:32 -08:00
Mick Grove
8d03f16f8a
 		Merge pull request #150 from mongodb/development 
v1.67.0
 2025-11-24 14:47:40 -08:00
Mick Grove
d15afe7cea updated tests 2025-11-24 12:49:06 -08:00
Mick Grove
4935aef71c
 		Merge branch 'main' into development 
Signed-off-by: Mick Grove <mick.grove@mongodb.com>
 2025-11-24 11:26:52 -08:00
Mick Grove
eeafe2fe6b updated tests 2025-11-24 11:08:31 -08:00
Mick Grove
0acaaa0680 Updated Summary to include scan date, kingfisher version ran, and latest kingfisher version available 2025-11-24 10:36:58 -08:00
Mick Grove
58b17c21ac reducing false positives 2025-11-24 09:33:58 -08:00
Mick Grove
4fb8e616dc added youtube rule 2025-11-23 20:00:19 -08:00
Mick Grove
a5877c4abe added youtube rule 2025-11-23 18:30:02 -08:00
Mick Grove
4c53f2c246 added youtube rule 2025-11-23 17:23:52 -08:00
Mick Grove
ec1e3a3432 - Fixed deduplication to consider rule identifiers so overlapping patterns are not merged before validation 
- Moved 'URI with Username and Secret' to a low-confidence rule
 2025-11-23 11:32:27 -08:00
Mick Grove
ae01a24414 Added checksum to GitLab rule 2025-11-21 12:33:10 -08:00
Mick Grove
24e92fdc2d
 		Merge pull request #149 from mongodb/development v1.66.0 
v1.66.0
 2025-11-20 16:43:32 -08:00
Mick Grove
116aac2f83 - Updating to support Bitbucket App Passwords 
- Improved boundaries for several rules
- Added more rules
 2025-11-20 16:34:13 -08:00
Mick Grove
9dacbbdacf - Updating to support Bitbucket App Passwords 
- Improved boundaries for several rules
- Added more rules
 2025-11-20 16:34:13 -08:00
Mick Grove
17e0ca3594 - Updating to support Bitbucket App Passwords 
- Improved boundaries for several rules
- Added more rules
 2025-11-20 16:33:28 -08:00
Mick Grove
92b5a74822 - Updating to support Bitbucket App Passwords 
- Improved boundaries for several rules
- Added more rules
 2025-11-20 16:33:28 -08:00
Mick Grove
76fa852214
 		Merge pull request #147 from mongodb/development v1.65.0 
v1.65.0
 2025-11-16 23:37:03 -08:00
Mick Grove
42797b747d v1.65.0 2025-11-16 23:30:14 -08:00
Mick Grove
b5bc8e203b v1.65.0 2025-11-16 23:30:14 -08:00
Mick Grove
bc4591a814 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-16 23:26:02 -08:00
Mick Grove
531efb58bd - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-16 23:26:02 -08:00
Mick Grove
c6b10f0b47 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-16 23:25:42 -08:00
Mick Grove
78589c4caf - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-16 23:25:42 -08:00
Mick Grove
377a220f89 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-15 08:46:53 -08:00