Nosey Parker v0.16.0 #99
bradlarsen
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Additions
The
scan
command now supports a new--copy-blobs={all,matching,none}
parameter. When specified asmatching
, a copy of each encountered blob that has matches will be saved to the datastore'sblobs
directory. When specified asall
, a copy of each encountered blob will be saved. The default value isnone
. This mechanism exists to aid in ad-hoc downstream investigation. Copied blobs are not used elsewhere in Nosey Parker at this point.A new advanced global command-line parameter has been exposed:
--sqlite-cache-size=SIZE
to control thepragma cache_size
value used in sqlite database connectionsThe datastore now contains two additional tables for to represent freeform comments and accept/reject status associated with findings. These additional tables are not currently populated in the open-source version of Nosey Parker. The
report
command now emits finding status and comment if populated. Note: the datastore format is not settled and is subject to change.A new "ruleset" mechanism has been added. A ruleset is a named collection of rules that can be selected as a group. The new
--ruleset=NAME
parameter toscan
can be used to enable alternative rulesets. Three built-in rulesets are provided (default
,np.assets
andnp.hashes
); the special ruleset nameall
enables all known rules. See the built-in rulesets atcrates/noseyparker/data/default/builtin/rulesets
for an example for writing your own.The default collection of rules has been pruned down to further emphasize signal-to-noise. Only rules that detect secret things are included in the default collection. Rules that detect other things, such as cloud assets, application IDs, or public keys, are not included in this set. Instead, those are in the
np.assets
ruleset, which is not enabled by default. No rules have been removed from Nosey Parker; rather, the defaults have been adjusted to support the most common use case (secrets detection).Additional checks have been added to the
rules check
command:A new
rules list
command is available, which lists available rules and rulesets. This command can emit its output in human-oriented format or in JSON format.New rules have been added:
A new global
--quiet
/-q
option has been added, which suppresses non-error feedback messages and disables progress bars.Fixes
Command-line parameters that can meaningfully accept negative numbers can now be specified without having to use
--PARAMETER=NEGATIVE_VALUE
syntax; a space can now separate the paraemter and the value.Fixed three rules that were missing capture groups:
Due to nuanced details of how scanning is performed, rules without capture groups will never produce reported matches. An additional check was added to the
rules check
command and a couple assertions were added that should help prevent this type of error in the future.Fixed several rules:
The LICENSE, README.md, and CHANGELOG.md files are now included in prebuilt binary releases.
ANSI formatting sequences are now no longer included by default by the
report
command when the output is redirected to a file using the-o
/--outfile
parameter (#55).The
scan
command should no longer emit warnings likeFailed to decode entry in tree
. These warnings were due to a bug in the Git object parsing code in thegix
dependency, which was fixed upstream.Changes
The
rules check
command invocation now behaves differently. It now no longer requires input paths to be specified. It will check the built-in rules for problems, and if additional paths are specified, will check those rules as well. This change was made so that thescan
,rules check
, andrules list
invocations have consistent interfaces.The default path-based ignore rules in Nosey Parker now ignore
packed-refs
files from Git repositories.Several rules have been changed:
Slack
rule (idnp.slack.1
) has been removed, as it was redundant withSlack Token
.Slack Token
has been split intoSlack Bot Token
,Slack Legacy Bot Token
,Slack User Token
, andSlack App Token
.CodeClimate
was enhanced to detect additional cases and was renamed toCodeClimate Reporter ID
.md5crypt Hash
(idnp.md5.1
) has been renamed toPassword Hash (md5crypt)
and re-identified asnp.pwhash.1
.bcrypt Hash
(idnp.bcrypt.1
) has been renamed toPassword Hash (bcrypt)
and re-identified asnp.pwhash.2
.Log messages are written to stderr instead of stdout.
This discussion was created from the release Nosey Parker v0.16.0.
Beta Was this translation helpful? Give feedback.
All reactions