Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhanced the easyinsight detector #3384

Merged
merged 5 commits into from
Oct 9, 2024
Merged

Enhanced the easyinsight detector #3384

merged 5 commits into from
Oct 9, 2024

Conversation

kashifkhan0771
Copy link
Contributor

@kashifkhan0771 kashifkhan0771 commented Oct 8, 2024
edited
Loading

Description:

This PR enhance the following things in easyinsight detector.

  • Fixed Regex
  • Updated logic to skip processing when key and id is same
  • Skip processing remaining id's for a key when a key is successfully validated with one id.
  • Added detail pattern test cases.
  • Added comments
  • Renamed variables for better readability

Pattern Test Cases:

easyinsight

Checklist:

  • Tests passing (make test-community)?
  • Lint passing (make lint this requires golangci-lint)?

rgmz
rgmz reviewed Oct 8, 2024
View reviewed changes
Copy link
Contributor

@rgmz rgmz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some suggestions on improvement, which is applicable for any future detector changes.

pkg/detectors/easyinsight/easyinsight.go Outdated Show resolved Hide resolved
pkg/detectors/easyinsight/easyinsight.go Outdated Show resolved Hide resolved
pkg/detectors/easyinsight/easyinsight.go Outdated Show resolved Hide resolved
pkg/detectors/easyinsight/easyinsight.go Outdated Show resolved Hide resolved
abmussani
abmussani reviewed Oct 8, 2024
View reviewed changes
Copy link
Contributor

@abmussani abmussani left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for taking this up. Here are few comments regarding the selection of keywords and improvements of resources utilization.

pkg/detectors/easyinsight/easyinsight.go Show resolved Hide resolved
pkg/detectors/easyinsight/easyinsight.go Outdated
Comment on lines 67 to 69
auth := fmt.Sprintf("%s:%s", resIdMatch, resMatch)
sEnc := b64.StdEncoding.EncodeToString([]byte(auth))

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Moving the verification code will improve the resources management (memory clean-up etc) and code readability.

rgmz
rgmz approved these changes Oct 9, 2024
View reviewed changes
Copy link
Contributor

@rgmz rgmz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@zricethezav zricethezav merged commit 321813f into trufflesecurity:main Oct 9, 2024
13 checks passed
@blsaccess blsaccess mentioned this pull request Oct 11, 2024
Merged
abmussani added a commit to abmussani/trufflehog that referenced this pull request Oct 14, 2024
@abmussani
Merge branch 'main' into box-detector
9c66a31 
* main: (127 commits)
  Update SaladCloud description (trufflesecurity#3399)
  fix tests (trufflesecurity#3400)
  [chore] Update custom detector default description (trufflesecurity#3398)
  add description to salad (trufflesecurity#3397)
  Add detector for SaladCloud API Keys (trufflesecurity#3273)
  fix(deps): update module github.com/xanzy/go-gitlab to v0.111.0 (trufflesecurity#3393)
  Add SliceContainsString common util (trufflesecurity#3395)
  fix: pr template link to golangci-lint (trufflesecurity#3392)
  fix(deps): update golang.org/x/exp digest to f66d83c (trufflesecurity#3389)
  Separate detector tests into unit/integration (trufflesecurity#3274)
  Manually upgrade github dep (trufflesecurity#3387)
  Updated Fastly Personal Token Detector (trufflesecurity#3386)
  fix(deps): update module google.golang.org/api to v0.200.0 (trufflesecurity#3391)
  [Fix] Snowflake privatelink Support (trufflesecurity#3286)
  Enhanced the easyinsight detector (trufflesecurity#3384)
  Log skipped files on debug level (trufflesecurity#3383)
  build: update retracted bluemonday ver (trufflesecurity#3369)
  Fix git binary handling and add a smoke test (trufflesecurity#3379)
  fix(deps): update module google.golang.org/protobuf to v1.35.1 (trufflesecurity#3382)
  Added Cisco Meraki API Key detector (trufflesecurity#3367)
  ...

# Conflicts:
#	pkg/engine/defaults.go
#	pkg/pb/detectorspb/detectors.pb.go
#	proto/detectors.proto
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zricethezav zricethezav zricethezav approved these changes

@rgmz rgmz rgmz approved these changes

@ahrav ahrav Awaiting requested review from ahrav

@abmussani abmussani Awaiting requested review from abmussani

Assignees
No one assigned
Labels
hacktoberfest-2024-internal
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kashifkhan0771 @abmussani @zricethezav @rgmz