forked from mirrors/kingfisher
8aced005b8
- Condensed GitError formatting to report the exit status and the first informative lines from stdout/stderr, producing concise git clone failure logs. - Added support for scanning Google Cloud Storage buckets via --gcs-bucket, including optional prefixes and service-account authentication. - Added --skip-aws-account (now accepting comma-separated values) and --skip-aws-account-file to bypass live AWS validation for known canary/honey-token account IDs without triggering alerts. Kingfisher now ships with several canary AWS account IDs pre-seeded in the skip list and now reports matching findings as "Not Attempted" with the "Response" containing "(skip list entry)" so its clear that validation was intentionally skipped and why.
244 lines
6.3 KiB
TOML
244 lines
6.3 KiB
TOML
[workspace.package]
|
|
edition = "2021"
|
|
rust-version = "1.90"
|
|
license = "Apache-2.0"
|
|
authors = ["Mick Grove <mick.grove@mongodb.com>"]
|
|
homepage = "https://github.com/mongodb/kingfisher"
|
|
repository = "https://github.com/mongodb/kingfisher"
|
|
publish = false
|
|
|
|
|
|
[package]
|
|
name = "kingfisher"
|
|
version = "1.58.0"
|
|
description = "MongoDB's blazingly fast and accurate secret scanning and validation tool"
|
|
edition.workspace = true
|
|
rust-version.workspace = true
|
|
license.workspace = true
|
|
authors.workspace = true
|
|
homepage.workspace = true
|
|
repository.workspace = true
|
|
publish.workspace = true
|
|
|
|
[package.metadata.deb]
|
|
name = "kingfisher"
|
|
maintainer = "Mick Grove <mick.grove@mongodb.com>"
|
|
depends = "$auto"
|
|
section = "utils"
|
|
priority = "optional"
|
|
assets = [
|
|
["target/release/kingfisher", "/usr/bin/kingfisher", "755"]
|
|
]
|
|
|
|
[package.metadata.generate-rpm]
|
|
package = "kingfisher"
|
|
summary = "MongoDB's blazingly fast and accurate secret scanning and validation tool"
|
|
license = "Apache-2.0"
|
|
url = "https://github.com/mongodb/kingfisher"
|
|
assets = [
|
|
{ source = "target/release/kingfisher", dest = "/usr/bin/kingfisher", mode = "755" }
|
|
]
|
|
|
|
[dependencies]
|
|
clap = { version = "4.5", features = [
|
|
"cargo",
|
|
"derive",
|
|
"env",
|
|
"unicode",
|
|
"wrap_help",
|
|
] }
|
|
|
|
anyhow = "1.0"
|
|
bstr = { version = "1.12", features = ["serde"] }
|
|
fixedbitset = "0.5"
|
|
gix = { version = "0.73", features = ["max-performance", "serde", "blocking-network-client"] }
|
|
ignore = "0.4"
|
|
petgraph = "0.6"
|
|
roaring = "0.10"
|
|
schemars = "0.8"
|
|
serde = { version = "1.0", features = ["derive", "rc"] }
|
|
smallvec = { version = "1", features = [
|
|
"const_generics",
|
|
"const_new",
|
|
"union",
|
|
] }
|
|
tracing = "0.1.41"
|
|
indicatif = { version = "0.17", features = ["improved_unicode"] }
|
|
rayon = "1.10"
|
|
hex = "0.4.3"
|
|
vectorscan-rs = "0.0.5"
|
|
regex = "1.11.1"
|
|
serde_json = "1.0.140"
|
|
lazy_static = "1.5.0"
|
|
url = "2.5.4"
|
|
include_dir = { version = "0.7", features = ["glob"] }
|
|
strum = { version = "0.26", features = ["derive"] }
|
|
sysinfo = "0.31.4"
|
|
reqwest = { version = "0.12", default-features = false, features = [
|
|
"json",
|
|
"gzip",
|
|
"brotli",
|
|
"deflate",
|
|
"stream",
|
|
"rustls-tls",
|
|
"rustls-tls-native-roots",
|
|
"blocking",
|
|
"multipart",
|
|
] }
|
|
|
|
|
|
chrono = "0.4.41"
|
|
thiserror = "1.0.69"
|
|
tokio = { version = "1.46.1", features = ["full"] }
|
|
base64 = "0.22.1"
|
|
crossbeam-channel = "0.5.15"
|
|
indenter = "0.3.3"
|
|
serde-sarif = "0.4"
|
|
console = "0.15.11"
|
|
time = "0.3.41"
|
|
tempfile = "3.20.0"
|
|
num_cpus = "1.17.0"
|
|
once_cell = "1.21.3"
|
|
http = "1.3.1"
|
|
liquid = "0.26.11"
|
|
liquid-core = "0.26.11"
|
|
flate2 = "1.1.2"
|
|
thousands = "0.2.0"
|
|
base32 = "0.5.1"
|
|
crossbeam-skiplist = "0.1.3"
|
|
tokio-postgres = { version = "0.7", default-features = false, features = ["runtime"] }
|
|
mongodb = { version = "3.2", default-features = false, features = ["rustls-tls", "aws-auth", "compat-3-0-0", "dns-resolver"] }
|
|
bson = "2.15.0"
|
|
ring = "0.17.14"
|
|
pem = "3.0.5"
|
|
aws-config = "1.8.2"
|
|
aws-credential-types = "1.2.4"
|
|
aws-sdk-sts = "1.73.0"
|
|
aws-types = "1.3.7"
|
|
byteorder = "1.5.0"
|
|
parking_lot = "0.12.4"
|
|
octorust = "0.9.0"
|
|
reqwest-middleware = "0.4.2"
|
|
tracing-subscriber = {version = "0.3.19", features = ["env-filter"] }
|
|
tracing-core = "0.1.34"
|
|
tree-sitter = "0.25.8"
|
|
aws-smithy-runtime = "1.9.1"
|
|
aws-smithy-http-client = "1.1.1"
|
|
aws-smithy-runtime-api = "1.9.0"
|
|
aws-smithy-types = "1.3.2"
|
|
tree-sitter-bash = "0.25.0"
|
|
tree-sitter-c = "0.24.1"
|
|
tree-sitter-c-sharp = "0.23.1"
|
|
tree-sitter-cpp = "0.23.4"
|
|
tree-sitter-css = "0.23.2"
|
|
tree-sitter-go = "0.23.4"
|
|
tree-sitter-html = "0.23.2"
|
|
tree-sitter-java = "0.23.5"
|
|
tree-sitter-javascript = "0.23.1"
|
|
tree-sitter-php = "0.23.11"
|
|
tree-sitter-python = "0.23.6"
|
|
tree-sitter-ruby = "0.23.1"
|
|
tree-sitter-rust = "0.24.0"
|
|
tree-sitter-toml-ng = "0.7.0"
|
|
tree-sitter-typescript = "0.23.2"
|
|
tree-sitter-yaml = "0.7.1"
|
|
streaming-iterator = "0.1.9"
|
|
tree-sitter-regex = "0.24.3"
|
|
tree_magic_mini = "3.2"
|
|
content_inspector = "0.2.4"
|
|
rustc-hash = "2.1.1"
|
|
term_size = "0.3.2"
|
|
bzip2 = "0.5.2"
|
|
zip = "2.4.2"
|
|
tar = "0.4.44"
|
|
xz2 = "0.1.7"
|
|
asar = "0.3.0"
|
|
blake3 = "1.8.2"
|
|
memchr = "2.7"
|
|
memmap2 = "0.9.7"
|
|
futures = "0.3.31"
|
|
dashmap = "6.1.0"
|
|
xxhash-rust = { version = "0.8.15", features = ["xxh3", "const_xxh3"] }
|
|
serde_yaml = "0.9.34"
|
|
hmac = "0.12.1"
|
|
sha2 = "0.10.9"
|
|
strum_macros = "0.27.1"
|
|
humantime = "2.2.0"
|
|
path-dedot = "3.1.1"
|
|
quick-xml = {version = "0.38.0", features = ["serde","serialize"] }
|
|
rustls = "0.23.29"
|
|
tokio-postgres-rustls = "0.13.0"
|
|
rustls-native-certs = "0.8.1"
|
|
predicates = "3.1.3"
|
|
assert_cmd = "2.0.17"
|
|
proptest = "1.7.0"
|
|
color-backtrace = "0.7.0"
|
|
gitlab = "0.1801.0"
|
|
mimalloc = {version = "0.1.47", features = ["override"]}
|
|
thread_local = "1.1.9"
|
|
bloomfilter = "3.0.1"
|
|
uuid = "1.17.0"
|
|
rand = "0.9.1"
|
|
percent-encoding = "2.3.1"
|
|
atty = "0.2.14"
|
|
self_update = { version = "0.42.0", default-features = false, features = ["rustls", "archive-tar", "archive-zip", "compression-flate2"] }
|
|
semver = "1.0.26"
|
|
globset = "0.4.16"
|
|
jsonwebtoken = "9.3.1"
|
|
ipnet = "2.11.0"
|
|
jira_query = "1.6.0"
|
|
oci-client = { version = "0.15", default-features = false, features = ["rustls-tls"] }
|
|
walkdir = "2.5.0"
|
|
p256 = "0.13.2"
|
|
ed25519-dalek = { version = "2.2", features = ["pkcs8"] }
|
|
aws-sdk-s3 = "1.100.0"
|
|
gcloud-storage = "1.1.1"
|
|
tokei = "12.1.2"
|
|
|
|
[target.'cfg(not(windows))'.dependencies]
|
|
sha1 = { version = "0.10.6", features = ["asm"] }
|
|
|
|
[target.'cfg(windows)'.dependencies]
|
|
sha1 = "0.10.6"
|
|
|
|
[dependencies.tikv-jemallocator]
|
|
version = "0.6"
|
|
optional = true
|
|
|
|
[features]
|
|
default = ["use-mimalloc"]
|
|
use-mimalloc = ["mimalloc/override"]
|
|
use-jemalloc = ["tikv-jemallocator"]
|
|
system-alloc = [] # forces System allocator
|
|
|
|
[dev-dependencies]
|
|
pretty_assertions = "1.4"
|
|
temp-env = "0.3.6"
|
|
wiremock = "0.6.4"
|
|
git2 = "0.20.2"
|
|
rand_chacha = "0.9.0"
|
|
|
|
[profile.release]
|
|
debug = false
|
|
strip = true #"debuginfo"
|
|
opt-level = 3 # Maximum optimization for performance
|
|
lto = true # Enable Link Time Optimization
|
|
codegen-units = 1 # Optimize for size but slower compilation
|
|
# panic = "abort" # Remove unwind tables for panics
|
|
rpath = false # Don't embed path dependencies
|
|
incremental = false
|
|
|
|
[profile.dev]
|
|
opt-level = 0
|
|
# debug = true
|
|
incremental = true
|
|
codegen-units = 256
|
|
|
|
[patch.crates-io]
|
|
vectorscan-rs = { path = "vendor/vectorscan-rs/vectorscan-rs" }
|
|
vectorscan-rs-sys = { path = "vendor/vectorscan-rs/vectorscan-rs-sys" }
|
|
jira_query = { path = "vendor/jira_query" }
|
|
|
|
[profile.profiling]
|
|
inherits = "release"
|
|
debug = true
|