kingfisher

Author	SHA1	Message	Date
Mick Grove	bbbb0f33bb	added ollama rule	2025-08-26 10:22:18 -07:00
Mick Grove	96293385f5	- Improved rules: AWS, pem	2025-08-22 16:16:00 -07:00
Mick Grove	6f06b1acb3	mproved AWS rule	2025-08-22 13:26:54 -07:00
Mick Grove	f51abc00b0	fixed failing tests	2025-08-21 16:13:03 -07:00
Mick Grove	29e09906b7	fixed failing tests	2025-08-21 16:11:34 -07:00
Mick Grove	245fb20670	- Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url' - Added rules for sendbird, mattermost, langchain, notion - JWT validation hardened to reject alg:none by default (only allowed if explicitly configured), require iss for OIDC/JWKS verification, ensuring Active Credential means cryptographically verified and time-valid, not just unexpired - Updated the Git cloning logic to include all refs and minimize clone output, allowing Kingfisher to analyze pull request and deleted branch history	2025-08-21 15:39:04 -07:00
Mick Grove	c3257a7e6f	fixed example in rule	2025-08-18 23:32:15 -07:00
Mick Grove	41a4ebb60f	- Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key - Grouped JSON and JSONL outputs by rule, restoring matches arrays in reports	2025-08-18 22:56:34 -07:00
Mick Grove	23c727f57d	added more rules	2025-08-16 20:36:22 -07:00
Mick Grove	768d9c7899	added more rules	2025-08-16 20:23:27 -07:00
Mick Grove	0d89e682da	added more rules	2025-08-16 14:54:01 -07:00
Mick Grove	a5c9c442d9	added clickhouse rule and validation	2025-08-16 08:41:39 -07:00
Mick Grove	f645212c57	removed serde_utils and added Authress rule	2025-08-16 07:35:52 -07:00
Mick Grove	6619705459	removed serde_utils and added Authress rule	2025-08-16 07:33:36 -07:00
Mick Grove	b259771ca9	fixed aiven regex to pass test	2025-08-14 10:17:16 -07:00
Mick Grove	d74c86818a	added rule for Vercel	2025-08-13 15:35:04 -07:00
Mick Grove	a062e82728	fixed test	2025-08-13 09:20:36 -07:00
Mick Grove	12e9a01b5e	Improved Tailscale api key detectors	2025-08-13 09:13:50 -07:00
Mick Grove	e7a8da6b3c	Dropped the “prevalidated” flag from rule definitions and validation logic so every finding now flows through the standard active/inactive/unknown pipeline, simplifying rule configuration and preventing special‑case bypasses	2025-08-13 08:22:53 -07:00
Mick Grove	979bc469c5	- --quiet now suppresses scan summaries and rule statistics unless --rule-stats is explicitly provided - Added X Consumer key detection and validation	2025-08-09 15:52:00 -07:00
Mick Grove	e53ad9f309	Added X Consumer key detection and validation	2025-08-09 08:45:27 -07:00
Mick Grove	b71fb5e6e2	JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials	2025-08-07 17:21:16 -07:00
Mick Grove	de181634cb	Fixed GitHub organization and GitLab group scans when using '--git-history=none'	2025-08-07 16:13:57 -07:00
Mick Grove	57ba607a33	Fixed validation logic for clarifai rule	2025-08-06 21:31:02 -07:00
Mick Grove	d9b90fbc50	fixing github action failure for linux-arm6 when making deb	2025-08-05 18:06:09 -07:00
Mick Grove	c2e227a832	Updated Supabase rule to detect project url's and validate their corresponding tokens	2025-08-05 16:25:22 -07:00
Mick Grove	756fd89097	- Use system TLS root certificates to support self-hosted GitLab instances with internal CAs - Added new rule: Coze personal access token	2025-08-05 14:45:51 -07:00
Mick Grove	664cfd0e5c	- Fixed header precedence so custom HTTP validation headers like "Accept" are preserved - Added new Heroku rule	2025-08-04 19:32:19 -07:00
Mick Grove	27b37245e7	refactored output reporting and formatting logic	2025-08-04 08:58:06 -07:00
Mick Grove	ef51e77e24	updating s3 feature	2025-08-03 20:59:58 -07:00
Mick Grove	3a3db4a7d3	New rule: Groq	2025-08-01 17:07:13 -07:00
Mick Grove	8a74eba160	- New rules: Telegram bot token, OpenWeatherMap, Apify - New OpenAI detectors added (@joshlarsen) - Fixed bug that broke validation when using unnamed group captures	2025-08-01 16:56:04 -07:00
Mick Grove	4e4bf28723	Update data/rules/openai.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-08-01 15:31:29 -07:00
Josh Larsen	bcc3153700	add newer OpenAI API key formats	2025-08-01 15:04:37 -04:00
Mick Grove	f0a99dcfcd	bug fixes in response to code review. Also added support for ed25519 coinbase cdp api keys	2025-07-31 18:29:21 -07:00
Mick Grove	51bc64339c	- Fixed issue when more than 1 named capture group is used in a rule variable - Added 2 new liquid template filters: 'b64dec' and 'es256_sign' - Added custom validator for Coinbase, and a Coinbase rule that uses it	2025-07-31 16:52:50 -07:00
Mick Grove	9a3fabdbf2	WIP: Adding support for scanning Docker images	2025-07-27 12:20:20 -07:00
Mick Grove	bb78d90067	added buildkite rule	2025-07-26 22:01:49 -07:00
Mick Grove	e5942822c6	added buildkite rule	2025-07-26 22:00:35 -07:00
Mick Grove	33592fbc65	added buildkite rule	2025-07-26 22:00:05 -07:00
Mick Grove	5c8f7d88ef	Added support for scanning issues returned from a JQL search using --jira-url and --jql	2025-07-25 17:23:18 -07:00
Mick Grove	a708fc6eea	Added ElevenLabs rule	2025-07-25 10:31:17 -07:00
Mick Grove	793b9e847c	Fixed Gitlab support. Added pre-commit and pre-receive installation scripts.	2025-07-23 19:57:33 -07:00
Mick Grove	31af8d88f0	Fixed bug in Makefile hen setting PROJECT_NAME	2025-07-21 22:52:05 -07:00
Mick Grove	1ca84d5f45	Fixed bug in Makefile hen setting PROJECT_NAME	2025-07-21 22:43:29 -07:00
Mick Grove	c4e3e5d1d7	- Now generating DEB and RPM packages - Now releasing Docker images, and updated README - Added rule for Scale, Deepgram, AssemblyAI	2025-07-21 15:21:10 -07:00
Mick Grove	8f587f62de	Updating GitHub Action to generate Docker image. Added rules for Diffbot, ai21, baseten. Fixed supabase rule. Added 'alg' to JWT validation output	2025-07-18 15:26:18 -07:00
Mick Grove	9ed88453ff	fixed 1password rule id	2025-07-17 15:25:10 -07:00
Mick Grove	bea92dcfd4	fixed issues found by pr review	2025-07-17 15:19:03 -07:00
Mick Grove	572d8146e7	upgraded cargo dependencies	2025-07-17 14:31:09 -07:00

1 2

98 commits