eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
301 commits 5 branches 83 tags 53 MiB
Commit graph

41 commits

Author SHA1 Message Date
Mick Grove
c3513ea206 Optimized memory usage via string interning and extensive data sharing 2025-09-02 19:54:44 -07:00
Mick Grove
5638a6cb45 Decode Base64 blobs and scan their contents for secrets while skipping short strings for performance. This has a small performance impact and can be disabled with --no-base64 2025-08-30 19:40:11 -07:00
Mick Grove
6e4c94ddc3 - Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url' 2025-08-20 20:41:11 -07:00
Mick Grove
d3bf941c5f Added '--skip-regex' and '--skip-word' flags to ignore secrets matching custom patterns or skipwords 2025-08-19 19:18:25 -07:00
Mick Grove
14cd646ece fixing issues reported by code review 2025-08-17 18:02:36 -07:00
Mick Grove
80058136af removed serde_utils and added Authress rule 2025-08-16 07:34:02 -07:00
Mick Grove
6fb119d501 removed serde_utils and added Authress rule 2025-08-16 07:33:36 -07:00
Mick Grove
695b051e24 Improved language detection 2025-08-15 16:08:46 -07:00
Mick Grove
14fccc9cc6 - Added support for scanning gitlab subgroups, with 'kingfisher scan --gitlab-group my-group --gitlab-include-subgroups' 2025-08-14 09:25:18 -07:00
Mick Grove
8c71eae231 Dropped the “prevalidated” flag from rule definitions and validation logic so every finding now flows through the standard active/inactive/unknown pipeline, simplifying rule configuration and preventing special‑case bypasses 2025-08-13 08:22:53 -07:00
Mick Grove
22c5594b53 Added support for scanning Confluence pages 2025-08-10 21:51:31 -07:00
Mick Grove
2fd6cd30e1 - --quiet now suppresses scan summaries and rule statistics unless --rule-stats is explicitly provided 
- Added X Consumer key detection and validation
 2025-08-09 15:36:12 -07:00
Mick Grove
ac5b9fb594 JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 17:21:16 -07:00
Mick Grove
6fe4d0e789 fixed issue where --redact did not function properly 2025-08-06 21:23:27 -07:00
Mick Grove
6cbde61099 Remote scans with --git-history=none now clone repositories with a working tree and scan the current files instead of erroring with 'No inputs to scan.' 2025-08-06 19:16:22 -07:00
Mick Grove
a81cfb963a Remote scans with --git-history=none now clone repositories with a working tree and scan the current files instead of erroring with 'No inputs to scan.' 2025-08-06 19:15:50 -07:00
Mick Grove
ff5250c9a2 - Fixed header precedence so custom HTTP validation headers like "Accept" are preserved 
- Added new Heroku rule
 2025-08-04 19:32:42 -07:00
Mick Grove
28fd24c9b4 - Fixed header precedence so custom HTTP validation headers like "Accept" are preserved 
- Added new Heroku rule
 2025-08-04 19:32:19 -07:00
Mick Grove
be35bb532f added progress bar to s3 downloads, and attempting to fix linux-arm64 test failure due to code 143 2025-08-04 12:32:19 -07:00
Mick Grove
bc05c3e5f2 refactored output reporting and formatting logic 2025-08-04 08:58:06 -07:00
Mick Grove
1e466feee8 Update src/scanner/runner.rs 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-03 10:35:52 -07:00
Mick Grove
40e760ea2c -Added support for scanning AWS S3 buckets via --s3-bucket and optional --s3-prefix 
- Added --role-arn and --aws-local-profile flags for S3 authentication alongside KF_AWS_KEY/KF_AWS_SECRET
 2025-08-02 20:40:16 -07:00
Mick Grove
46d0ecce3b - New rules: Telegram bot token, OpenWeatherMap, Apify 
- New OpenAI detectors added (@joshlarsen)
- Fixed bug that broke validation when using unnamed group captures
 2025-08-01 16:56:04 -07:00
Mick Grove
bcf2b60e0b Added support for Slack 2025-07-29 19:00:49 -07:00
Mick Grove
d3fbffcb84 Fixed broken windows build script 2025-07-29 10:12:40 -07:00
Mick Grove
dcbdb51746 improved precommit hook, to allow global installation 2025-07-28 10:26:32 -07:00
Mick Grove
787a5aaf22 improved precommit hook, to allow global installation 2025-07-28 10:25:11 -07:00
Mick Grove
cdbf3ffac1 changed from oci-distribution to newer oci-client 2025-07-28 09:55:48 -07:00
Mick Grove
34b533a59d Adding support for scanning Docker images 2025-07-27 20:25:45 -07:00
Mick Grove
7cf37969dd Adding support for scanning Docker images 2025-07-27 17:54:26 -07:00
Mick Grove
8739c92572 WIP: Adding support for scanning Docker images 2025-07-27 14:59:19 -07:00
Mick Grove
17586c5b57 WIP: Adding support for scanning Docker images 2025-07-27 13:17:49 -07:00
Mick Grove
627ef98881 WIP: Adding support for scanning Docker images 2025-07-27 12:20:20 -07:00
Mick Grove
63a757fba8 Added support for scanning issues returned from a JQL search using --jira-url and --jql 2025-07-25 17:23:18 -07:00
Mick Grove
8fb78c8c65 change that hoists the redirect-free reqwest::Client into a single, lazily-initialized static so every call to validate_jwt re-uses the same handle (and therefore the same connection-pool, DNS cache, TLS session cache, etc) 2025-07-14 17:22:37 -07:00
Mick Grove
533fc49c54 Removed --ignore-tests argument, because the --exclude flag provides more granular functionality 2025-07-14 16:55:19 -07:00
Mick Grove
3520c5fba5 Added baseline feature with --baseline-file and --manage-baseline flags. Introduced --exclude option for skipping paths 2025-07-14 13:18:24 -07:00
Mick Grove
16bc75020b updated test 2025-06-28 09:30:22 -07:00
Mick Grove
e7e391ab98 Fixed broken pagerduty rule 2025-06-25 20:56:24 -07:00
Mick Grove
9b5c220182 Updated github actions to extract only the latest changelog entry. Added --rule-stats flag to display rule performance 2025-06-25 17:23:35 -07:00
Mick Grove
fc4aee9e41 preparing for v1.12 2025-06-24 17:17:16 -07:00