eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
969 commits 5 branches 83 tags 53 MiB
Commit graph

969 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mick Grove
fc2fa58748 Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-06 12:06:47 -08:00
Mick Grove
b03ce7ffaf Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-06 09:10:21 -08:00
Mick Grove
3be190edac Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-05 22:41:39 -08:00
Mick Grove
19cd75293f Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-05 22:24:16 -08:00
Mick Grove
33412d04be Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-05 21:57:20 -08:00
Mick Grove
f79b7f4b0c added posthog 2025-12-05 21:45:24 -08:00
Mick Grove
9eff41f4ff Added new rules for AWS Bedrock, Voyage.ai 2025-12-05 16:06:02 -08:00
Mick Grove
6c2bc8303e Allow manual rerun of Docker publish job 2025-12-05 12:53:53 -08:00
Mick Grove
1f9d692e9f Updated dockerfile to fix failing docker image publishing 2025-12-05 12:44:38 -08:00
Mick Grove
e0587f12ba cleanup' 2025-12-05 10:26:58 -08:00
Mick Grove
338b6f16d6 updated cargo dependencies 2025-12-05 08:21:09 -08:00
Mick Grove
d869627d62 - Reduced per-match memory usage by compacting stored source locations and interning repeated capture names. 
- Stored optional validation response bodies as boxed strings to avoid allocating empty payloads and to streamline validator caches.
- Parallelized git cloning based on the configured job count and begin scanning repositories as soon as each clone finishes to reduce end-to-end scan times.
- Combined per-repository results into a single aggregate summary after scans complete.
- Added initial access-map support and report viewer html file. Currently beta features.
 2025-12-05 08:09:13 -08:00
Mick Grove
078fa16e6a - Reduced per-match memory usage by compacting stored source locations and interning repeated capture names. 
- Stored optional validation response bodies as boxed strings to avoid allocating empty payloads and to streamline validator caches.
- Parallelized git cloning based on the configured job count and begin scanning repositories as soon as each clone finishes to reduce end-to-end scan times.
- Combined per-repository results into a single aggregate summary after scans complete.
- Added initial access-map support and report viewer html file. Currently beta features.
 2025-12-04 22:02:30 -08:00
Mick Grove
9718fc1dc4 Fixed Bitbucket authenticated cloning bug 2025-11-24 23:45:10 -08:00
Mick Grove
2f69219b5c Fixed Bitbucket authenticated cloning bug 2025-11-24 23:43:11 -08:00
Mick Grove
e35dc20a13 fixed failing CI action 2025-11-24 17:10:32 -08:00
Mick Grove
d15afe7cea updated tests 2025-11-24 12:49:06 -08:00
Mick Grove
4935aef71c
 		Merge branch 'main' into development 
Signed-off-by: Mick Grove <mick.grove@mongodb.com>
 2025-11-24 11:26:52 -08:00
Mick Grove
eeafe2fe6b updated tests 2025-11-24 11:08:31 -08:00
Mick Grove
0acaaa0680 Updated Summary to include scan date, kingfisher version ran, and latest kingfisher version available 2025-11-24 10:36:58 -08:00
Mick Grove
58b17c21ac reducing false positives 2025-11-24 09:33:58 -08:00
Mick Grove
4fb8e616dc added youtube rule 2025-11-23 20:00:19 -08:00
Mick Grove
a5877c4abe added youtube rule 2025-11-23 18:30:02 -08:00
Mick Grove
4c53f2c246 added youtube rule 2025-11-23 17:23:52 -08:00
Mick Grove
ec1e3a3432 - Fixed deduplication to consider rule identifiers so overlapping patterns are not merged before validation 
- Moved 'URI with Username and Secret' to a low-confidence rule
 2025-11-23 11:32:27 -08:00
Mick Grove
ae01a24414 Added checksum to GitLab rule 2025-11-21 12:33:10 -08:00
Mick Grove
24e92fdc2d
 		Merge pull request #149 from mongodb/development v1.66.0 
v1.66.0
 2025-11-20 16:43:32 -08:00
Mick Grove
116aac2f83 - Updating to support Bitbucket App Passwords 
- Improved boundaries for several rules
- Added more rules
 2025-11-20 16:34:13 -08:00
Mick Grove
9dacbbdacf - Updating to support Bitbucket App Passwords 
- Improved boundaries for several rules
- Added more rules
 2025-11-20 16:34:13 -08:00
Mick Grove
17e0ca3594 - Updating to support Bitbucket App Passwords 
- Improved boundaries for several rules
- Added more rules
 2025-11-20 16:33:28 -08:00
Mick Grove
92b5a74822 - Updating to support Bitbucket App Passwords 
- Improved boundaries for several rules
- Added more rules
 2025-11-20 16:33:28 -08:00
Mick Grove
76fa852214
 		Merge pull request #147 from mongodb/development v1.65.0 
v1.65.0
 2025-11-16 23:37:03 -08:00
Mick Grove
42797b747d v1.65.0 2025-11-16 23:30:14 -08:00
Mick Grove
b5bc8e203b v1.65.0 2025-11-16 23:30:14 -08:00
Mick Grove
bc4591a814 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-16 23:26:02 -08:00
Mick Grove
531efb58bd - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-16 23:26:02 -08:00
Mick Grove
c6b10f0b47 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-16 23:25:42 -08:00
Mick Grove
78589c4caf - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-16 23:25:42 -08:00
Mick Grove
377a220f89 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-15 08:46:53 -08:00
Mick Grove
0f1e652cd4 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-15 08:46:53 -08:00
Mick Grove
8d77f9d298 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-15 08:43:54 -08:00
Mick Grove
51ebf30454 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-15 08:43:54 -08:00
Mick Grove
9853d346a6 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-15 08:23:06 -08:00
Mick Grove
f159dac5ab - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-15 08:23:06 -08:00
Mick Grove
f9d75eaadd - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-15 08:11:25 -08:00
Mick Grove
6e0e8fd2c9 - Skip reporting MongoDB and Postgres findings when their connection strings cannot be parsed, even when validation is disabled. 
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
 2025-11-15 08:11:25 -08:00
Mick Grove
1af21d845d
 		Merge pull request #146 from mongodb/development v1.64.0 
v1.64.0
 2025-11-13 15:27:16 -08:00
Mick Grove
debf3beb8e Fixed broken tests 2025-11-13 15:22:48 -08:00
Mick Grove
3417d0f254 Fixed broken tests 2025-11-13 15:22:48 -08:00
Mick Grove
426acac892 Filter out empty 'KF_BITBUCKET_*' environment values when constructing the Bitbucket authentication configuration so blank variables no longer override valid credentials 2025-11-13 14:30:27 -08:00