forked from mirrors/kingfisher
79139e49b8
- Fixed [#344](https://github.com/mongodb/kingfisher/issues/344): baseline fingerprints no longer have to be hexadecimal. The fingerprint value emitted by scan output (JSON, JSONL, pretty, SARIF) can now be copied directly into a baseline file and will match on the next scan. --manage-baseline now writes fingerprints in decimal to match scan output, and legacy 16-char hex (and 0x-prefixed hex) entries continue to be accepted, so existing baseline files keep working unchanged.
274 lines
8.5 KiB
TOML
274 lines
8.5 KiB
TOML
[workspace]
|
|
members = [
|
|
".",
|
|
"crates/kingfisher-core",
|
|
"crates/kingfisher-rules",
|
|
"crates/kingfisher-scanner",
|
|
]
|
|
resolver = "2"
|
|
|
|
[workspace.package]
|
|
edition = "2024"
|
|
rust-version = "1.94"
|
|
license = "Apache-2.0"
|
|
authors = ["Mick Grove <mick.grove@mongodb.com>"]
|
|
homepage = "https://github.com/mongodb/kingfisher"
|
|
repository = "https://github.com/mongodb/kingfisher"
|
|
publish = false
|
|
|
|
[workspace.dependencies]
|
|
anyhow = "1.0"
|
|
thiserror = "2.0.18"
|
|
serde = { version = "1.0", features = ["derive"] }
|
|
serde_json = "1.0"
|
|
schemars = "0.8"
|
|
regex = "1.12"
|
|
bstr = { version = "1.12", features = ["serde"] }
|
|
smallvec = { version = "1", features = ["const_generics", "const_new", "union"] }
|
|
parking_lot = "0.12"
|
|
tracing = "0.1"
|
|
vectorscan-rs = "0.0.6"
|
|
xxhash-rust = { version = "0.8", features = ["xxh3"] }
|
|
ignore = "0.4"
|
|
walkdir = "2.5"
|
|
include_dir = "0.7"
|
|
sha1 = "0.10"
|
|
sha2 = "0.10"
|
|
hmac = "0.12"
|
|
base32 = "0.5.1"
|
|
base64 = "0.22"
|
|
percent-encoding = "2.3"
|
|
time = "0.3"
|
|
uuid = "1.19"
|
|
rand = "0.10"
|
|
hex = "0.4"
|
|
rustc-hash = "2.1"
|
|
http = "1.4"
|
|
|
|
|
|
[package]
|
|
name = "kingfisher"
|
|
version = "1.97.0"
|
|
description = "MongoDB's blazingly fast and accurate secret scanning and validation tool"
|
|
edition.workspace = true
|
|
rust-version.workspace = true
|
|
license.workspace = true
|
|
authors.workspace = true
|
|
homepage.workspace = true
|
|
repository.workspace = true
|
|
publish.workspace = true
|
|
|
|
[package.metadata.deb]
|
|
name = "kingfisher"
|
|
maintainer = "Mick Grove <mick.grove@mongodb.com>"
|
|
depends = "$auto"
|
|
section = "utils"
|
|
priority = "optional"
|
|
assets = [
|
|
["target/release/kingfisher", "/usr/bin/kingfisher", "755"]
|
|
]
|
|
|
|
[package.metadata.generate-rpm]
|
|
package = "kingfisher"
|
|
summary = "MongoDB's blazingly fast and accurate secret scanning and validation tool"
|
|
license = "Apache-2.0"
|
|
url = "https://github.com/mongodb/kingfisher"
|
|
assets = [
|
|
{ source = "target/release/kingfisher", dest = "/usr/bin/kingfisher", mode = "755" }
|
|
]
|
|
|
|
[dependencies]
|
|
# Library crates
|
|
kingfisher-core = { path = "crates/kingfisher-core" }
|
|
kingfisher-rules = { path = "crates/kingfisher-rules" }
|
|
kingfisher-scanner = { path = "crates/kingfisher-scanner", features = ["validation-all"] }
|
|
|
|
clap = { version = "4.5", features = [
|
|
"cargo",
|
|
"derive",
|
|
"env",
|
|
"unicode",
|
|
"wrap_help",
|
|
] }
|
|
|
|
anyhow = "1.0"
|
|
bstr = { version = "1.12", features = ["serde"] }
|
|
fixedbitset = "0.5"
|
|
gix = { version = "0.81", features = ["max-performance-safe", "serde", "blocking-network-client"] }
|
|
ignore = "0.4"
|
|
petgraph = "0.8"
|
|
roaring = "0.11.3"
|
|
schemars = "0.8"
|
|
serde = { version = "1.0", features = ["derive", "rc"] }
|
|
smallvec = { version = "1", features = [
|
|
"const_generics",
|
|
"const_new",
|
|
"union",
|
|
] }
|
|
tracing = "0.1.43"
|
|
indicatif = { version = "0.18", features = ["improved_unicode"] }
|
|
rayon = "1.11"
|
|
hex = "0.4.3"
|
|
vectorscan-rs = "0.0.6"
|
|
regex = "1.12.2"
|
|
serde_json = "1.0.145"
|
|
toon-format = { version = "0.4.4", default-features = false }
|
|
url = "2.5.7"
|
|
include_dir = { version = "0.7", features = ["glob"] }
|
|
strum = { version = "0.28", features = ["derive"] }
|
|
sysinfo = "0.38.4"
|
|
webbrowser = "1.0.5"
|
|
reqwest = { version = "0.12", default-features = false, features = [
|
|
"json",
|
|
"gzip",
|
|
"brotli",
|
|
"deflate",
|
|
"stream",
|
|
"rustls-tls",
|
|
"rustls-tls-native-roots",
|
|
"blocking",
|
|
"multipart",
|
|
] }
|
|
axum = { version = "0.8", default-features = false, features = ["tokio", "http1"] }
|
|
|
|
|
|
chrono = "0.4.42"
|
|
thiserror = "2.0.18"
|
|
tokio = { version = "1.48.0", features = ["full"] }
|
|
base64 = "0.22.1"
|
|
crossbeam-channel = "0.5.15"
|
|
indenter = "0.3.4"
|
|
serde-sarif = "0.4"
|
|
console = "0.16.3"
|
|
tempfile = "3.23.0"
|
|
http = "1.4.0"
|
|
liquid = "0.26.11"
|
|
liquid-core = "0.26.11"
|
|
flate2 = "1.1"
|
|
thousands = "0.2.0"
|
|
crossbeam-skiplist = "0.1.3"
|
|
tokio-postgres = { version = "0.7", default-features = false, features = ["runtime"] }
|
|
mongodb = { version = "3.4", default-features = false, features = ["rustls-tls", "aws-auth", "compat-3-0-0", "dns-resolver"] }
|
|
mysql_async = { version = "0.36.2", default-features = false, features = ["default-rustls"] }
|
|
aws-config = { version = "1.8.14", default-features = false, features = ["default-https-client", "rt-tokio", "credentials-process", "sso"] }
|
|
aws-credential-types = "1.2.12"
|
|
aws-sdk-sts = { version = "1.98.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-types = "1.3.12"
|
|
parking_lot = "0.12.5"
|
|
octorust = "0.10.0"
|
|
reqwest-middleware-octorust = { package = "reqwest-middleware", version = "0.4.2" }
|
|
tracing-subscriber = {version = "0.3.22", features = ["env-filter"] }
|
|
tracing-core = "0.1.35"
|
|
aws-smithy-http-client = "1.1.10"
|
|
aws-smithy-runtime-api = "1.11.4"
|
|
aws-smithy-types = "1.4.4"
|
|
cssparser = { version = "0.37.0", default-features = false }
|
|
tl = "0.7.8"
|
|
tree_magic_mini = "3.2"
|
|
content_inspector = "0.2.4"
|
|
rustc-hash = "2.1.1"
|
|
bzip2-rs = "0.1.2"
|
|
zip = { version = "8.5.0", default-features = false, features = ["deflate", "deflate64", "time"] }
|
|
tar = "0.4.44"
|
|
lzma-rs = "0.3.0"
|
|
asar = "0.3.0"
|
|
cfb = "0.14"
|
|
rusqlite = { version = "0.39", features = ["bundled"] }
|
|
blake3 = "1.8.2"
|
|
memchr = "2.7"
|
|
memmap2 = "0.9.9"
|
|
futures = "0.3.31"
|
|
dashmap = "6.1.0"
|
|
xxhash-rust = { version = "0.8.15", features = ["xxh3", "const_xxh3"] }
|
|
serde_yaml = "0.9.34"
|
|
hmac = "0.13.0"
|
|
sha1 = { workspace = true }
|
|
sha2 = "0.11.0"
|
|
humantime = "2.3.0"
|
|
path-dedot = "3.1.1"
|
|
quick-xml = { version = "0.39.2", features = ["serde", "serialize"] }
|
|
rustls = "0.23.35"
|
|
tokio-postgres-rustls = "0.13.0"
|
|
rustls-native-certs = "0.8.2"
|
|
color-backtrace = "0.7.2"
|
|
mimalloc = { version = "0.1.48", features = ["override"] }
|
|
thread_local = "1.1.9"
|
|
bloomfilter = "3.0.1"
|
|
uuid = "1.19.0"
|
|
rand = "0.10.0"
|
|
percent-encoding = "2.3.2"
|
|
self_update = { version = "0.44.0", default-features = false, features = ["reqwest", "rustls", "archive-tar", "archive-zip", "compression-flate2"] }
|
|
semver = "1.0.27"
|
|
globset = "0.4.18"
|
|
ipnet = "2.11.0"
|
|
gouqi = { version = "0.20.0", features = ["async"] }
|
|
oci-client = { version = "0.16", default-features = false, features = ["rustls-tls"] }
|
|
walkdir = "2.5.0"
|
|
aws-sdk-s3 = { version = "1.123.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-iam = { version = "1.104.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-ec2 = { version = "1.211.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-dynamodb = { version = "1.105.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-lambda = { version = "1.116.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-kms = { version = "1.100.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-secretsmanager = { version = "1.100.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-sqs = { version = "1.90.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-sns = { version = "1.89.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-rds = { version = "1.110.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-ecr = { version = "1.94.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
aws-sdk-ssm = { version = "1.102.0", default-features = false, features = ["default-https-client", "rt-tokio"] }
|
|
gcloud-storage = { version = "1.1.1", default-features = false, features = [
|
|
"rustls-tls",
|
|
"auth",
|
|
"jwt-aws-lc-rs",
|
|
] }
|
|
tokei = "14.0.0"
|
|
crc32fast = "1.5.0"
|
|
bytes = "1.11.1"
|
|
tokio-rustls = "0.26.4"
|
|
h2 = "0.4.13"
|
|
|
|
|
|
[dependencies.tikv-jemallocator]
|
|
version = "0.6"
|
|
optional = true
|
|
|
|
[features]
|
|
default = ["use-mimalloc"]
|
|
use-mimalloc = []
|
|
use-jemalloc = ["tikv-jemallocator"]
|
|
system-alloc = [] # Darwin-only: force the system allocator
|
|
|
|
[dev-dependencies]
|
|
pretty_assertions = "1.4"
|
|
temp-env = "0.3.6"
|
|
wiremock = "0.6.5"
|
|
git2 = { version = "0.20.3", default-features = false }
|
|
rand_chacha = "0.10.0"
|
|
testcontainers = "0.27.2"
|
|
predicates = "3.1.3"
|
|
assert_cmd = "2.1.1"
|
|
proptest = "1.9.0"
|
|
|
|
[profile.release]
|
|
debug = false
|
|
strip = true #"debuginfo"
|
|
opt-level = 3 # Maximum optimization for performance
|
|
lto = true # Enable Link Time Optimization
|
|
codegen-units = 1 # Optimize for size but slower compilation
|
|
panic = "abort" # Remove unwind tables for panics
|
|
rpath = false # Don't embed path dependencies
|
|
incremental = false
|
|
|
|
[profile.dev]
|
|
opt-level = 0
|
|
debug = true
|
|
incremental = true
|
|
codegen-units = 256
|
|
|
|
[patch.crates-io]
|
|
vectorscan-rs = { path = "vendor/vectorscan-rs/vectorscan-rs" }
|
|
vectorscan-rs-sys = { path = "vendor/vectorscan-rs/vectorscan-rs-sys" }
|
|
|
|
[profile.profiling]
|
|
inherits = "release"
|
|
debug = true
|