eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
1,133 commits 5 branches 83 tags 53 MiB
Commit graph

257 commits

Author SHA1 Message Date
Mick Grove
65251b7213 more changes for v1.78.0 2026-02-03 09:32:06 -08:00
Mick Grove
5253204c2a preparing for v1.78.0 2026-02-02 23:22:08 -08:00
Mick Grove
63f1d515ae preparing for v1.78.0 2026-02-02 18:39:24 -08:00
Mick Grove
32be18bef0 updated alibaba rule 2026-02-01 22:32:00 -08:00
Mick Grove
52f71c4462 updated changelog 2026-01-31 23:14:06 -08:00
Mick Grove
4fd0b74d7d updated changelog 2026-01-31 23:08:30 -08:00
Mick Grove
c40226e939 added revoke command in output for validated credentials. Exposed in the html findings viewer as well 2026-01-31 22:58:53 -08:00
Mick Grove
a5d9dae9b3 added revoke command in output for validated credentials. Exposed in the html findings viewer as well 2026-01-31 22:52:57 -08:00
Mick Grove
5eb743711b updated changelog 2026-01-30 08:07:12 -08:00
Mick Grove
aee1050620 ensured more CLI arguments are global 2026-01-30 08:04:15 -08:00
Mick Grove
8be7941333 Added 'revoke' subcommand and support for a new optional 'revocation' structure to the rules. Supporting GitHub and Slack right now 2026-01-29 12:45:32 -08:00
Mick Grove
1c45efde3e Refactored into multiple crates. Added the 'validate' subcommand 2026-01-28 22:24:35 -08:00
Mick Grove
bd4cd4c2c2 Refactored into multiple crates. Added the 'validate' subcommand 2026-01-28 10:57:45 -08:00
Mick Grove
76be1df60c Refactored into multiple crates. Added the 'validate' subcommand 2026-01-28 10:27:24 -08:00
Mick Grove
38a0dd9e26 Switched compression dependencies to pure-Rust bzip2/lzma implementations and pared zip features to avoid C-based codecs for bz2/xz handling. 2026-01-23 10:45:08 -08:00
Mick Grove
216fc1dbdc Switched compression dependencies to pure-Rust bzip2/lzma implementations and pared zip features to avoid C-based codecs for bz2/xz handling. 2026-01-23 09:52:11 -08:00
Mick Grove
bf4f825c72 Switched compression dependencies to pure-Rust bzip2/lzma implementations and pared zip features to avoid C-based codecs for bz2/xz handling. 2026-01-22 22:02:08 -08:00
Mick Grove
b4feb86f47 - Fixed validation deduplication for rules with nested unnamed captures (e.g. (?<REGEX>...(ABC|DEF)...)) to use the primary capture for grouping, ensuring each unique match triggers a separate validation request. 
- Added trace-level (-vv) logging for internal validation dedup keys and grouping to aid debugging.
 2026-01-21 13:13:43 -08:00
Mick Grove
049294af3d Skipped per-repository report writes when an output file is specified and emit a single aggregated report after multi-repository scans to preserve full output content in files. 2026-01-16 12:39:44 -08:00
Mick Grove
caaa31562c Skipped per-repository report writes when an output file is specified and emit a single aggregated report after multi-repository scans to preserve full output content in files. 2026-01-16 10:03:59 -08:00
Mick Grove
8c07fb3f3c - Enhanced Access Map View: added fingerprint display, enabled searching by fingerprint, and implemented bidirectional navigation between Findings and Access Map nodes. 
- Added Slack Access Map support with granular permissions in the tree view.
 2026-01-14 21:45:55 -08:00
Mick Grove
96f585ffa3
 		Merge pull request #182 from mongodb/main 
sync with main
 2026-01-14 17:20:19 -08:00
Mick Grove
26f41fcf7a - Enhanced Access Map View: added fingerprint display, enabled searching by fingerprint, and implemented bidirectional navigation between Findings and Access Map nodes. 
- Added Slack Access Map support with granular permissions in the tree view.
 2026-01-14 17:19:02 -08:00
Mick Grove
02131a6d40
 		Merge pull request #181 from mongodb/development 
preparing v1.74.0
 2026-01-13 21:15:07 -08:00
Mick Grove
f4fc395554 preparing v1.74.0 2026-01-13 17:08:21 -08:00
Mick Grove
4f18541cb6 preparing v1.74.0 2026-01-12 22:50:05 -08:00
Himanshu Kumar Das
6ed438fe68
 		Fix UTF-8 boundary panic in HTTP response body slicing 
The body_looks_like_html() function panicked when byte index 1024 fell inside a multi-byte UTF-8 character (e.g., Chinese text from Gitee). Use is_char_boundary() to find a valid slice point instead of arbitrary byte index.

Signed-off-by: Himanshu Kumar Das <1238723+himanshudas@users.noreply.github.com>
 2026-01-13 03:40:06 +05:30
Mick Grove
7237a931d5 v1.73.0 2026-01-01 22:24:57 -08:00
Mick Grove
37afe7fff5 - Map SARIF result levels from rule confidence 
- Added tag selection support to the bash and PowerShell install scripts.
 2025-12-22 11:31:13 -08:00
Mick Grove
c66069fe4b - Map SARIF result levels from rule confidence 
- Added tag selection support to the bash and PowerShell install scripts.
 2025-12-22 09:45:58 -08:00
Mick Grove
61986c469c updated ci build 2025-12-22 09:04:36 -08:00
Mick Grove
c0e0c7bc2d updated jsonwebtoken 2025-12-22 00:26:21 -08:00
Mick Grove
f1d139242f Aliased "kingfisher self-update" as "kingfisher update" 2025-12-21 23:55:39 -08:00
Mick Grove
957f95d456 Aliased "kingfisher self-update" as "kingfisher update" 2025-12-21 23:43:01 -08:00
Mick Grove
587dfc5892 - Fixed deduplication for dependency-provider rules so dependent validations run per blob 
- Updated Artifactory rule entropy and added new artifactory rule
 2025-12-21 22:07:45 -08:00
Mick Grove
2ec6aa5915 fixing test failures 2025-12-16 23:51:22 -08:00
Mick Grove
14d41d560f updated README 2025-12-16 21:13:00 -08:00
Mick Grove
e67a827e45 improved Jira support and fixed salesforce rule 2025-12-16 18:28:10 -08:00
Mick Grove
d155a33334 improved Jira support and working on salesforce rule, which is broken atm 2025-12-16 16:53:02 -08:00
Mick Grove
9c5e78ccfb bug fix 2025-12-12 21:51:57 -08:00
Mick Grove
962f3ad9ba bug fix 2025-12-12 21:30:51 -08:00
Mick Grove
195f086afc added dark mode for finding + access map viewer 2025-12-12 17:21:17 -08:00
Mick Grove
f603c474f6 Updated precommit behavior and docs 2025-12-09 14:56:32 -08:00
Mick Grove
f1a77a736c Updated precommit behavior and docs 2025-12-09 12:56:55 -08:00
Mick Grove
fc2fa58748 Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-06 12:06:47 -08:00
Mick Grove
3be190edac Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-05 22:41:39 -08:00
Mick Grove
19cd75293f Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-05 22:24:16 -08:00
Mick Grove
33412d04be Added a 'kingfisher view' subcommand that serves the bundled access-map HTML viewer from the binary so users can load JSON or JSONL reports passed on the CLI (or upload them in the browser) over a configurable local-only port. 2025-12-05 21:57:20 -08:00
Mick Grove
e0587f12ba cleanup' 2025-12-05 10:26:58 -08:00
Mick Grove
078fa16e6a - Reduced per-match memory usage by compacting stored source locations and interning repeated capture names. 
- Stored optional validation response bodies as boxed strings to avoid allocating empty payloads and to streamline validator caches.
- Parallelized git cloning based on the configured job count and begin scanning repositories as soon as each clone finishes to reduce end-to-end scan times.
- Combined per-repository results into a single aggregate summary after scans complete.
- Added initial access-map support and report viewer html file. Currently beta features.
 2025-12-04 22:02:30 -08:00