eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
225 commits 5 branches 83 tags 53 MiB
Commit graph

225 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mick Grove
cdfdd5f54e GitLab: include nested subgroup projects when enumerating group repositories 2025-08-08 15:12:33 -07:00
Mick Grove
c763780905 GitLab: include nested subgroup projects when enumerating group repositories 2025-08-08 15:11:44 -07:00
Mick Grove
02803a9bb2 GitLab: include nested subgroup projects when enumerating group repositories 2025-08-08 15:11:36 -07:00
Mick Grove
a912043eb9 changes in response to code review 2025-08-07 18:45:46 -07:00
Mick Grove
0bdd68c900 JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 18:30:40 -07:00
Mick Grove
b3ddc119a4 JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 17:36:39 -07:00
Mick Grove
061d3d97ed JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 17:21:31 -07:00
Mick Grove
b71fb5e6e2 JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 17:21:16 -07:00
Mick Grove
de181634cb Fixed GitHub organization and GitLab group scans when using '--git-history=none' 2025-08-07 16:13:57 -07:00
Mick Grove
57ba607a33 Fixed validation logic for clarifai rule 2025-08-06 21:31:02 -07:00
Mick Grove
8d32662c1a fixed issue where --redact did not function properly 2025-08-06 21:23:27 -07:00
Mick Grove
e48b9617c8 Remote scans with --git-history=none now clone repositories with a working tree and scan the current files instead of erroring with 'No inputs to scan.' 2025-08-06 19:16:22 -07:00
Mick Grove
0b8e8fcc75 Remote scans with --git-history=none now clone repositories with a working tree and scan the current files instead of erroring with 'No inputs to scan.' 2025-08-06 19:15:50 -07:00
Mick Grove
d9b90fbc50 fixing github action failure for linux-arm6 when making deb 2025-08-05 18:06:09 -07:00
Mick Grove
c2e227a832 Updated Supabase rule to detect project url's and validate their corresponding tokens 2025-08-05 16:25:22 -07:00
Mick Grove
756fd89097 - Use system TLS root certificates to support self-hosted GitLab instances with internal CAs 
- Added new rule: Coze personal access token
 2025-08-05 14:45:51 -07:00
Mick Grove
3ebb8ecf8e - Fixed header precedence so custom HTTP validation headers like "Accept" are preserved 
- Added new Heroku rule
 2025-08-04 21:38:23 -07:00
Mick Grove
ac1bd81e37 - Fixed header precedence so custom HTTP validation headers like "Accept" are preserved 
- Added new Heroku rule
 2025-08-04 19:32:42 -07:00
Mick Grove
664cfd0e5c - Fixed header precedence so custom HTTP validation headers like "Accept" are preserved 
- Added new Heroku rule
 2025-08-04 19:32:19 -07:00
Mick Grove
ce2126608a added progress bar to s3 downloads, and attempting to fix linux-arm64 test failure due to code 143 2025-08-04 12:32:19 -07:00
Mick Grove
f14c2b6e61 fixed issues found by pr review 2025-08-04 09:21:49 -07:00
Mick Grove
3ac5e04ea0
 		Update src/reporter.rs 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Mick Grove <mick.grove@mongodb.com>
 2025-08-04 09:09:51 -07:00
Mick Grove
73fd3d0dec refactored output reporting and formatting logic 2025-08-04 08:58:20 -07:00
Mick Grove
27b37245e7 refactored output reporting and formatting logic 2025-08-04 08:58:06 -07:00
Mick Grove
ef51e77e24 updating s3 feature 2025-08-03 20:59:58 -07:00
Mick Grove
caee82dc1b
 		Merge pull request #70 from micksmix/main 
Added support for scanning s3 buckets
 2025-08-03 10:37:33 -07:00
Mick Grove
459d4d0ef0
 		Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-03 10:37:02 -07:00
Mick Grove
141640ef4a
 		Update src/scanner/runner.rs 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-03 10:35:52 -07:00
Mick Grove
10d604418b improved integration test and updated README 2025-08-03 09:45:52 -07:00
Mick Grove
9a3d27f881 added integration test 2025-08-03 08:56:22 -07:00
Mick Grove
f8789607e7 improving s3 bucket scanning feature 2025-08-03 08:14:32 -07:00
Mick Grove
ef6ba415f2 improving s3 bucket scanning feature 2025-08-03 08:13:08 -07:00
Mick Grove
96ab0d4b59 -Added support for scanning AWS S3 buckets via --s3-bucket and optional --s3-prefix 
- Added --role-arn and --aws-local-profile flags for S3 authentication alongside KF_AWS_KEY/KF_AWS_SECRET
 2025-08-02 20:40:16 -07:00
Mick Grove
5a82ff3cc5
 		Merge pull request #69 from mongodb/development v1.31.0 
v1.31.0
 2025-08-01 17:29:15 -07:00
Mick Grove
d02b1cc3f8 New rule: Groq 2025-08-01 17:28:55 -07:00
Mick Grove
3a3db4a7d3 New rule: Groq 2025-08-01 17:07:13 -07:00
Mick Grove
8a74eba160 - New rules: Telegram bot token, OpenWeatherMap, Apify 
- New OpenAI detectors added (@joshlarsen)
- Fixed bug that broke validation when using unnamed group captures
 2025-08-01 16:56:04 -07:00
Mick Grove
4a789e984c
 		Merge pull request #68 from joshlarsen/add-openai-api-keys 
add support for newer OpenAI API key formats
 2025-08-01 16:21:28 -07:00
Mick Grove
4e4bf28723
 		Update data/rules/openai.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-01 15:31:29 -07:00
Josh Larsen
bcc3153700
 		add newer OpenAI API key formats 2025-08-01 15:04:37 -04:00
Mick Grove
d43a988736
 		Merge pull request #67 from mongodb/development v1.30.0 
v1.30.0
 2025-08-01 09:59:17 -07:00
Mick Grove
0ef4144710 Fixed validation caching for HTTP validators to include rendered headers so inactive secrets no longer appear active, in some cases. Removed pre-commit installation hook, due to bugs 2025-08-01 09:18:29 -07:00
Mick Grove
3d1b299cf5 Fixed validation caching for HTTP validators to include rendered headers so inactive secrets no longer appear active, in some cases. Removed pre-commit installation hook, due to bugs 2025-08-01 09:17:04 -07:00
Mick Grove
2c747dfbdb Fixed validation caching for HTTP validators to include rendered headers so inactive secrets no longer appear active, in some cases 2025-08-01 09:15:47 -07:00
Mick Grove
97135c01fd Fixed validation caching for HTTP validators to include rendered headers so inactive secrets no longer appear active, in some cases 2025-08-01 09:15:24 -07:00
Mick Grove
8a05329f77
 		Merge pull request #65 from mongodb/development v1.29.0 
v1.29.0
 2025-07-31 19:00:39 -07:00
Mick Grove
f0a99dcfcd bug fixes in response to code review. Also added support for ed25519 coinbase cdp api keys 2025-07-31 18:29:21 -07:00
Mick Grove
92f8513945 updated version number 2025-07-31 16:53:52 -07:00
Mick Grove
51bc64339c - Fixed issue when more than 1 named capture group is used in a rule variable 
- Added 2 new liquid template filters: 'b64dec' and 'es256_sign'
- Added custom validator for Coinbase, and a Coinbase rule that uses it
 2025-07-31 16:52:50 -07:00
Mick Grove
d6ad8e56f0
 		Merge pull request #63 from mongodb/development v1.28.0 
v1.28.0
 2025-07-29 20:58:13 -07:00