From 31ad1eed302845b3d152462beef7a569791c5159 Mon Sep 17 00:00:00 2001 From: Shreyas Sriram <31931776+shreyas-sriram@users.noreply.github.com> Date: Fri, 29 Mar 2024 19:14:04 -0700 Subject: [PATCH] Add JupiterOne detector (#2446) * Add JupiterOne bootstrap * Implement verification logic * Cleanup * Fix verificationError * Undo unnecessary changes --------- Co-authored-by: Ahrav Dutta --- pkg/detectors/jupiterone/jupiterone.go | 99 +++ pkg/detectors/jupiterone/jupiterone_test.go | 162 ++++ pkg/engine/defaults.go | 4 +- pkg/pb/credentialspb/credentials.pb.go | 4 +- .../custom_detectorspb/custom_detectors.pb.go | 4 +- pkg/pb/detectorspb/detectors.pb.go | 70 +- .../source_metadatapb/source_metadata.pb.go | 4 +- .../source_metadata.pb.validate.go | 330 +++++++- pkg/pb/sourcespb/sources.pb.go | 8 +- pkg/pb/sourcespb/sources.pb.validate.go | 796 ++++++++++++++++-- proto/detectors.proto | 1 + 11 files changed, 1359 insertions(+), 123 deletions(-) create mode 100644 pkg/detectors/jupiterone/jupiterone.go create mode 100644 pkg/detectors/jupiterone/jupiterone_test.go diff --git a/pkg/detectors/jupiterone/jupiterone.go b/pkg/detectors/jupiterone/jupiterone.go new file mode 100644 index 000000000000..2e1d0eaf0452 --- /dev/null +++ b/pkg/detectors/jupiterone/jupiterone.go @@ -0,0 +1,99 @@ +package jupiterone + +import ( + "context" + "fmt" + "net/http" + "strings" + + regexp "github.com/wasilibs/go-re2" + + "github.com/trufflesecurity/trufflehog/v3/pkg/common" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" + "github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb" +) + +type Scanner struct { + client *http.Client +} + +// Ensure the Scanner satisfies the interface at compile time. +var _ detectors.Detector = (*Scanner)(nil) + +var ( + defaultClient = common.SaneHttpClient() + // Make sure that your group is surrounded in boundary characters such as below to reduce false positives. + keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"jupiterone"}) + `\b([0-9a-zA-Z]{76})\b`) +) + +// Keywords are used for efficiently pre-filtering chunks. +// Use identifiers in the secret preferably, or the provider name. +func (s Scanner) Keywords() []string { + return []string{"jupiterone"} +} + +// FromData will find and optionally verify Jupiterone secrets in a given set of bytes. +func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) { + dataStr := string(data) + + matches := keyPat.FindAllStringSubmatch(dataStr, -1) + + for _, match := range matches { + if len(match) != 2 { + continue + } + resMatch := strings.TrimSpace(match[1]) + + s1 := detectors.Result{ + DetectorType: detectorspb.DetectorType_JupiterOne, + Raw: []byte(resMatch), + } + + if verify { + client := s.client + if client == nil { + client = defaultClient + } + + payload := strings.NewReader(`{ + "query": "query J1QL($query: String! = \"find jupiterone_account\", $variables: JSON, $cursor: String, $scopeFilters: [JSON!], $flags: QueryV1Flags) { queryV1(query: $query, variables: $variables, cursor: $cursor, scopeFilters: $scopeFilters, flags: $flags) { type data cursor }}" + }`, + ) + req, err := http.NewRequestWithContext(ctx, "POST", "https://graphql.us.jupiterone.io/", payload) + if err != nil { + continue + } + + req.Header.Add("Authorization", "Bearer "+resMatch) + req.Header.Add("JupiterOne-Account", "12345678-1234-1234-1234-123412341234") // dummy account number + req.Header.Add("Content-Type", "application/json") + + res, err := client.Do(req) + if err == nil { + defer res.Body.Close() + if res.StatusCode == 200 { + s1.Verified = true + } else if res.StatusCode == 401 { + // The secret is determinately not verified (nothing to do) + } else { + s1.SetVerificationError(fmt.Errorf("unexpected HTTP response status %d", res.StatusCode), resMatch) + } + } else { + s1.SetVerificationError(err, resMatch) + } + } + + // This function will check false positives for common test words, but also it will make sure the key appears 'random' enough to be a real key. + if !s1.Verified && detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, true) { + continue + } + + results = append(results, s1) + } + + return results, nil +} + +func (s Scanner) Type() detectorspb.DetectorType { + return detectorspb.DetectorType_JupiterOne +} diff --git a/pkg/detectors/jupiterone/jupiterone_test.go b/pkg/detectors/jupiterone/jupiterone_test.go new file mode 100644 index 000000000000..c3a66395bb18 --- /dev/null +++ b/pkg/detectors/jupiterone/jupiterone_test.go @@ -0,0 +1,162 @@ +//go:build detectors +// +build detectors + +package jupiterone + +import ( + "context" + "fmt" + "testing" + "time" + + "github.com/google/go-cmp/cmp" + "github.com/google/go-cmp/cmp/cmpopts" + + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" + + "github.com/trufflesecurity/trufflehog/v3/pkg/common" + "github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb" +) + +func TestJupiterone_FromChunk(t *testing.T) { + ctx, cancel := context.WithTimeout(context.Background(), time.Second*5) + defer cancel() + testSecrets, err := common.GetSecret(ctx, "trufflehog-testing", "detectors5") + if err != nil { + t.Fatalf("could not get test secrets from GCP: %s", err) + } + secret := testSecrets.MustGetField("JUPITERONE") + inactiveSecret := testSecrets.MustGetField("JUPITERONE_INACTIVE") + + type args struct { + ctx context.Context + data []byte + verify bool + } + tests := []struct { + name string + s Scanner + args args + want []detectors.Result + wantErr bool + wantVerificationErr bool + }{ + { + name: "found, verified", + s: Scanner{}, + args: args{ + ctx: context.Background(), + data: []byte(fmt.Sprintf("You can find a jupiterone secret %s within", secret)), + verify: true, + }, + want: []detectors.Result{ + { + DetectorType: detectorspb.DetectorType_JupiterOne, + Verified: true, + }, + }, + wantErr: false, + wantVerificationErr: false, + }, + { + name: "found, unverified", + s: Scanner{}, + args: args{ + ctx: context.Background(), + data: []byte(fmt.Sprintf("You can find a jupiterone secret %s within but not valid", inactiveSecret)), // the secret would satisfy the regex but not pass validation + verify: true, + }, + want: []detectors.Result{ + { + DetectorType: detectorspb.DetectorType_JupiterOne, + Verified: false, + }, + }, + wantErr: false, + wantVerificationErr: false, + }, + { + name: "not found", + s: Scanner{}, + args: args{ + ctx: context.Background(), + data: []byte("You cannot find the secret within"), + verify: true, + }, + want: nil, + wantErr: false, + wantVerificationErr: false, + }, + { + name: "found, would be verified if not for timeout", + s: Scanner{client: common.SaneHttpClientTimeOut(1 * time.Microsecond)}, + args: args{ + ctx: context.Background(), + data: []byte(fmt.Sprintf("You can find a jupiterone secret %s within", secret)), + verify: true, + }, + want: []detectors.Result{ + { + DetectorType: detectorspb.DetectorType_JupiterOne, + Verified: false, + }, + }, + wantErr: false, + wantVerificationErr: true, + }, + { + name: "found, verified but unexpected api surface", + s: Scanner{client: common.ConstantResponseHttpClient(404, "")}, + args: args{ + ctx: context.Background(), + data: []byte(fmt.Sprintf("You can find a jupiterone secret %s within", secret)), + verify: true, + }, + want: []detectors.Result{ + { + DetectorType: detectorspb.DetectorType_JupiterOne, + Verified: false, + }, + }, + wantErr: false, + wantVerificationErr: true, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := tt.s.FromData(tt.args.ctx, tt.args.verify, tt.args.data) + if (err != nil) != tt.wantErr { + t.Errorf("Jupiterone.FromData() error = %v, wantErr %v", err, tt.wantErr) + return + } + for i := range got { + if len(got[i].Raw) == 0 { + t.Fatalf("no raw secret present: \n %+v", got[i]) + } + if (got[i].VerificationError() != nil) != tt.wantVerificationErr { + t.Fatalf("wantVerificationError = %v, verification error = %v", tt.wantVerificationErr, got[i].VerificationError()) + } + } + ignoreOpts := cmpopts.IgnoreFields(detectors.Result{}, "Raw", "verificationError") + if diff := cmp.Diff(got, tt.want, ignoreOpts); diff != "" { + t.Errorf("Jupiterone.FromData() %s diff: (-got +want)\n%s", tt.name, diff) + } + }) + } +} + +func BenchmarkFromData(benchmark *testing.B) { + ctx := context.Background() + s := Scanner{} + for name, data := range detectors.MustGetBenchmarkData() { + benchmark.Run(name, func(b *testing.B) { + b.ResetTimer() + for n := 0; n < b.N; n++ { + _, err := s.FromData(ctx, false, data) + if err != nil { + b.Fatal(err) + } + } + }) + } +} diff --git a/pkg/engine/defaults.go b/pkg/engine/defaults.go index 4066f58e4c7c..7907e1912a2e 100644 --- a/pkg/engine/defaults.go +++ b/pkg/engine/defaults.go @@ -358,6 +358,7 @@ import ( jiratokenv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jiratoken/v2" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jotform" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jumpcloud" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jupiterone" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/juro" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kanban" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kanbantool" @@ -1591,10 +1592,11 @@ func DefaultDetectors() []detectors.Detector { azuredevopspersonalaccesstoken.Scanner{}, azuresearchadminkey.Scanner{}, azuresearchquerykey.Scanner{}, + jiratokenv2.Scanner{}, googleoauth2.Scanner{}, dockerhubv2.Scanner{}, + &jupiterone.Scanner{}, } - } func DefaultDetectorTypesImplementing[T any]() map[detectorspb.DetectorType]struct{} { diff --git a/pkg/pb/credentialspb/credentials.pb.go b/pkg/pb/credentialspb/credentials.pb.go index 930a9446ca39..475c45224207 100644 --- a/pkg/pb/credentialspb/credentials.pb.go +++ b/pkg/pb/credentialspb/credentials.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.26.0 -// protoc v3.20.0 +// protoc-gen-go v1.33.0 +// protoc v4.25.3 // source: credentials.proto package credentialspb diff --git a/pkg/pb/custom_detectorspb/custom_detectors.pb.go b/pkg/pb/custom_detectorspb/custom_detectors.pb.go index 1d0a83fa3ed1..0722eff6195c 100644 --- a/pkg/pb/custom_detectorspb/custom_detectors.pb.go +++ b/pkg/pb/custom_detectorspb/custom_detectors.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.26.0 -// protoc v3.20.0 +// protoc-gen-go v1.33.0 +// protoc v4.25.3 // source: custom_detectors.proto package custom_detectorspb diff --git a/pkg/pb/detectorspb/detectors.pb.go b/pkg/pb/detectorspb/detectors.pb.go index 91dda4f45fbd..c719be836725 100644 --- a/pkg/pb/detectorspb/detectors.pb.go +++ b/pkg/pb/detectorspb/detectors.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.26.0 -// protoc v3.20.0 +// protoc-gen-go v1.33.0 +// protoc v4.25.3 // source: detectors.proto package detectorspb @@ -143,7 +143,7 @@ const ( DetectorType_DigitalOceanToken DetectorType = 64 DetectorType_DiscordBotToken DetectorType = 65 DetectorType_DiscordWebhook DetectorType = 66 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_EtsyApiKey DetectorType = 67 DetectorType_FastlyPersonalToken DetectorType = 68 DetectorType_GoogleOauth2 DetectorType = 69 @@ -317,11 +317,11 @@ const ( DetectorType_Feedier DetectorType = 238 DetectorType_Abbysale DetectorType = 239 DetectorType_Magnetic DetectorType = 240 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Nytimes DetectorType = 241 DetectorType_Polygon DetectorType = 242 DetectorType_Powrbot DetectorType = 243 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_ProspectIO DetectorType = 244 DetectorType_Skrappio DetectorType = 245 DetectorType_Monday DetectorType = 246 @@ -382,7 +382,7 @@ const ( DetectorType_Alconost DetectorType = 301 DetectorType_Blogger DetectorType = 302 DetectorType_Accuweather DetectorType = 303 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Opengraphr DetectorType = 304 DetectorType_Rawg DetectorType = 305 DetectorType_Riotgames DetectorType = 306 @@ -431,7 +431,7 @@ const ( DetectorType_Imagga DetectorType = 349 DetectorType_SMSApi DetectorType = 350 DetectorType_Distribusion DetectorType = 351 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Blablabus DetectorType = 352 DetectorType_WordsApi DetectorType = 353 DetectorType_Currencylayer DetectorType = 354 @@ -488,7 +488,7 @@ const ( DetectorType_FinancialModelingPrep DetectorType = 406 DetectorType_Geocodio DetectorType = 407 DetectorType_HereAPI DetectorType = 408 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Macaddress DetectorType = 409 DetectorType_OOPSpam DetectorType = 410 DetectorType_ProtocolsIO DetectorType = 411 @@ -515,7 +515,7 @@ const ( DetectorType_BitcoinAverage DetectorType = 432 DetectorType_CommerceJS DetectorType = 433 DetectorType_DetectLanguage DetectorType = 434 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_FakeJSON DetectorType = 435 DetectorType_Graphhopper DetectorType = 436 DetectorType_Lexigram DetectorType = 437 @@ -528,7 +528,7 @@ const ( DetectorType_Mixcloud DetectorType = 444 DetectorType_TatumIO DetectorType = 445 DetectorType_Tmetric DetectorType = 446 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Lastfm DetectorType = 447 DetectorType_Browshot DetectorType = 448 DetectorType_JSONbin DetectorType = 449 @@ -545,7 +545,7 @@ const ( DetectorType_KakaoTalk DetectorType = 460 DetectorType_RiteKit DetectorType = 461 DetectorType_Shutterstock DetectorType = 462 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Text2Data DetectorType = 463 DetectorType_YouNeedABudget DetectorType = 464 DetectorType_Cricket DetectorType = 465 @@ -571,7 +571,7 @@ const ( DetectorType_Aylien DetectorType = 485 DetectorType_Geocode DetectorType = 486 DetectorType_IconFinder DetectorType = 487 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Ipify DetectorType = 488 DetectorType_LanguageLayer DetectorType = 489 DetectorType_Lob DetectorType = 490 @@ -658,14 +658,14 @@ const ( DetectorType_Hive DetectorType = 571 DetectorType_Hiveage DetectorType = 572 DetectorType_Kickbox DetectorType = 573 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Passbase DetectorType = 574 DetectorType_PostageApp DetectorType = 575 DetectorType_PureStake DetectorType = 576 DetectorType_Qubole DetectorType = 577 DetectorType_CarbonInterface DetectorType = 578 DetectorType_Intrinio DetectorType = 579 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_QuickMetrics DetectorType = 580 DetectorType_ScrapeStack DetectorType = 581 DetectorType_TechnicalAnalysisApi DetectorType = 582 @@ -706,14 +706,14 @@ const ( DetectorType_Nylas DetectorType = 617 DetectorType_Squareup DetectorType = 618 DetectorType_Dandelion DetectorType = 619 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_DataFire DetectorType = 620 DetectorType_DeepAI DetectorType = 621 DetectorType_MeaningCloud DetectorType = 622 DetectorType_NeutrinoApi DetectorType = 623 DetectorType_Storecove DetectorType = 624 DetectorType_Shipday DetectorType = 625 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Sentiment DetectorType = 626 DetectorType_StreamChatMessaging DetectorType = 627 DetectorType_TeamworkCRM DetectorType = 628 @@ -722,7 +722,7 @@ const ( DetectorType_TheOddsApi DetectorType = 631 DetectorType_Apacta DetectorType = 632 DetectorType_GetSandbox DetectorType = 633 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Happi DetectorType = 634 DetectorType_Oanda DetectorType = 635 DetectorType_FastForex DetectorType = 636 @@ -748,7 +748,7 @@ const ( DetectorType_Meistertask DetectorType = 656 DetectorType_Mindmeister DetectorType = 657 DetectorType_PeopleDataLabs DetectorType = 658 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_ScraperSite DetectorType = 659 DetectorType_Scrapfly DetectorType = 660 DetectorType_SimplyNoted DetectorType = 661 @@ -785,7 +785,7 @@ const ( DetectorType_Chatfule DetectorType = 692 DetectorType_Aeroworkflow DetectorType = 693 DetectorType_Emailoctopus DetectorType = 694 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Fusebill DetectorType = 695 DetectorType_Geckoboard DetectorType = 696 DetectorType_Gosquared DetectorType = 697 @@ -848,7 +848,7 @@ const ( DetectorType_Image4 DetectorType = 754 DetectorType_Pinata DetectorType = 755 DetectorType_BrowserStack DetectorType = 756 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_CrossBrowserTesting DetectorType = 757 DetectorType_Loadmill DetectorType = 758 DetectorType_TestingBot DetectorType = 759 @@ -864,7 +864,7 @@ const ( DetectorType_ConversionTools DetectorType = 769 DetectorType_CraftMyPDF DetectorType = 770 DetectorType_ExportSDK DetectorType = 771 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_GlitterlyAPI DetectorType = 772 DetectorType_Hybiscus DetectorType = 773 DetectorType_Miro DetectorType = 774 @@ -874,7 +874,7 @@ const ( DetectorType_TimeCamp DetectorType = 778 DetectorType_Userflow DetectorType = 779 DetectorType_Wistia DetectorType = 780 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_SportRadar DetectorType = 781 DetectorType_UptimeRobot DetectorType = 782 DetectorType_Codequiry DetectorType = 783 @@ -900,9 +900,9 @@ const ( DetectorType_Parsehub DetectorType = 803 DetectorType_PackageCloud DetectorType = 804 DetectorType_Cloudsmith DetectorType = 805 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Flowdash DetectorType = 806 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Flowdock DetectorType = 807 DetectorType_Fibery DetectorType = 808 DetectorType_Typetalk DetectorType = 809 @@ -965,7 +965,7 @@ const ( DetectorType_Copyscape DetectorType = 866 DetectorType_Besnappy DetectorType = 867 DetectorType_Salesmate DetectorType = 868 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_Heatmapapi DetectorType = 869 DetectorType_Websitepulse DetectorType = 870 DetectorType_Uclassify DetectorType = 871 @@ -1008,7 +1008,7 @@ const ( DetectorType_BlockNative DetectorType = 908 DetectorType_Moralis DetectorType = 909 DetectorType_BscScan DetectorType = 910 - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in detectors.proto. DetectorType_CoinMarketCap DetectorType = 911 DetectorType_Percy DetectorType = 912 DetectorType_TinesWebhook DetectorType = 913 @@ -1080,6 +1080,7 @@ const ( DetectorType_AzureSQL DetectorType = 979 DetectorType_FlyIO DetectorType = 980 DetectorType_BuiltWith DetectorType = 981 + DetectorType_JupiterOne DetectorType = 982 ) // Enum value maps for DetectorType. @@ -2063,6 +2064,7 @@ var ( 979: "AzureSQL", 980: "FlyIO", 981: "BuiltWith", + 982: "JupiterOne", } DetectorType_value = map[string]int32{ "Alibaba": 0, @@ -3043,6 +3045,7 @@ var ( "AzureSQL": 979, "FlyIO": 980, "BuiltWith": 981, + "JupiterOne": 982, } ) @@ -3423,7 +3426,7 @@ var file_detectors_proto_rawDesc = []byte{ 0x4e, 0x10, 0x01, 0x12, 0x0a, 0x0a, 0x06, 0x42, 0x41, 0x53, 0x45, 0x36, 0x34, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x55, 0x54, 0x46, 0x31, 0x36, 0x10, 0x03, 0x12, 0x13, 0x0a, 0x0f, 0x45, 0x53, 0x43, 0x41, 0x50, 0x45, 0x44, 0x5f, 0x55, 0x4e, 0x49, 0x43, 0x4f, 0x44, 0x45, 0x10, 0x04, 0x2a, - 0x99, 0x7d, 0x0a, 0x0c, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x54, 0x79, 0x70, 0x65, + 0xaa, 0x7d, 0x0a, 0x0c, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x41, 0x6c, 0x69, 0x62, 0x61, 0x62, 0x61, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x41, 0x4d, 0x51, 0x50, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x41, 0x57, 0x53, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x7a, 0x75, 0x72, 0x65, 0x10, 0x03, 0x12, 0x0a, 0x0a, 0x06, 0x43, @@ -4424,12 +4427,13 @@ var file_detectors_proto_rawDesc = []byte{ 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x10, 0xd2, 0x07, 0x12, 0x0d, 0x0a, 0x08, 0x41, 0x7a, 0x75, 0x72, 0x65, 0x53, 0x51, 0x4c, 0x10, 0xd3, 0x07, 0x12, 0x0a, 0x0a, 0x05, 0x46, 0x6c, 0x79, 0x49, 0x4f, 0x10, 0xd4, 0x07, 0x12, 0x0e, 0x0a, 0x09, 0x42, - 0x75, 0x69, 0x6c, 0x74, 0x57, 0x69, 0x74, 0x68, 0x10, 0xd5, 0x07, 0x42, 0x3d, 0x5a, 0x3b, 0x67, - 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x74, 0x72, 0x75, 0x66, 0x66, 0x6c, - 0x65, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x2f, 0x74, 0x72, 0x75, 0x66, 0x66, 0x6c, - 0x65, 0x68, 0x6f, 0x67, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x62, 0x2f, 0x64, - 0x65, 0x74, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x33, + 0x75, 0x69, 0x6c, 0x74, 0x57, 0x69, 0x74, 0x68, 0x10, 0xd5, 0x07, 0x12, 0x0f, 0x0a, 0x0a, 0x4a, + 0x75, 0x70, 0x69, 0x74, 0x65, 0x72, 0x4f, 0x6e, 0x65, 0x10, 0xd6, 0x07, 0x42, 0x3d, 0x5a, 0x3b, + 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x74, 0x72, 0x75, 0x66, 0x66, + 0x6c, 0x65, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x2f, 0x74, 0x72, 0x75, 0x66, 0x66, + 0x6c, 0x65, 0x68, 0x6f, 0x67, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x62, 0x2f, + 0x64, 0x65, 0x74, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x33, } var ( diff --git a/pkg/pb/source_metadatapb/source_metadata.pb.go b/pkg/pb/source_metadatapb/source_metadata.pb.go index c9fe6356fb32..a65f7ea3c3ee 100644 --- a/pkg/pb/source_metadatapb/source_metadata.pb.go +++ b/pkg/pb/source_metadatapb/source_metadata.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.26.0 -// protoc v3.20.0 +// protoc-gen-go v1.33.0 +// protoc v4.25.3 // source: source_metadata.proto package source_metadatapb diff --git a/pkg/pb/source_metadatapb/source_metadata.pb.validate.go b/pkg/pb/source_metadatapb/source_metadata.pb.validate.go index f1d498c80377..20d090cd0535 100644 --- a/pkg/pb/source_metadatapb/source_metadata.pb.validate.go +++ b/pkg/pb/source_metadatapb/source_metadata.pb.validate.go @@ -2719,9 +2719,18 @@ func (m *Forager) validate(all bool) error { var errors []error - switch m.Metadata.(type) { - + switch v := m.Metadata.(type) { case *Forager_Github: + if v == nil { + err := ForagerValidationError{ + field: "Metadata", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetGithub()).(type) { @@ -2753,6 +2762,16 @@ func (m *Forager) validate(all bool) error { } case *Forager_Npm: + if v == nil { + err := ForagerValidationError{ + field: "Metadata", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetNpm()).(type) { @@ -2784,6 +2803,16 @@ func (m *Forager) validate(all bool) error { } case *Forager_Pypi: + if v == nil { + err := ForagerValidationError{ + field: "Metadata", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetPypi()).(type) { @@ -2814,6 +2843,8 @@ func (m *Forager) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -3390,9 +3421,18 @@ func (m *MetaData) validate(all bool) error { var errors []error - switch m.Data.(type) { - + switch v := m.Data.(type) { case *MetaData_Azure: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetAzure()).(type) { @@ -3424,6 +3464,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Bitbucket: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBitbucket()).(type) { @@ -3455,6 +3505,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Circleci: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetCircleci()).(type) { @@ -3486,6 +3546,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Confluence: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetConfluence()).(type) { @@ -3517,6 +3587,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Docker: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetDocker()).(type) { @@ -3548,6 +3628,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Ecr: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetEcr()).(type) { @@ -3579,6 +3669,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Gcs: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetGcs()).(type) { @@ -3610,6 +3710,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Github: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetGithub()).(type) { @@ -3641,6 +3751,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Gitlab: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetGitlab()).(type) { @@ -3672,6 +3792,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Jira: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetJira()).(type) { @@ -3703,6 +3833,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Npm: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetNpm()).(type) { @@ -3734,6 +3874,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Pypi: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetPypi()).(type) { @@ -3765,6 +3915,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_S3: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetS3()).(type) { @@ -3796,6 +3956,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Slack: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetSlack()).(type) { @@ -3827,6 +3997,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Filesystem: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetFilesystem()).(type) { @@ -3858,6 +4038,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Git: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetGit()).(type) { @@ -3889,6 +4079,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Test: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetTest()).(type) { @@ -3920,6 +4120,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Buildkite: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBuildkite()).(type) { @@ -3951,6 +4161,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Gerrit: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetGerrit()).(type) { @@ -3982,6 +4202,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Jenkins: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetJenkins()).(type) { @@ -4013,6 +4243,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Teams: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetTeams()).(type) { @@ -4044,6 +4284,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Artifactory: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetArtifactory()).(type) { @@ -4075,6 +4325,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Syslog: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetSyslog()).(type) { @@ -4106,6 +4366,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Forager: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetForager()).(type) { @@ -4137,6 +4407,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Sharepoint: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetSharepoint()).(type) { @@ -4168,6 +4448,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_GoogleDrive: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetGoogleDrive()).(type) { @@ -4199,6 +4489,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_AzureRepos: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetAzureRepos()).(type) { @@ -4230,6 +4530,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_TravisCI: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetTravisCI()).(type) { @@ -4261,6 +4571,16 @@ func (m *MetaData) validate(all bool) error { } case *MetaData_Postman: + if v == nil { + err := MetaDataValidationError{ + field: "Data", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetPostman()).(type) { @@ -4291,6 +4611,8 @@ func (m *MetaData) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { diff --git a/pkg/pb/sourcespb/sources.pb.go b/pkg/pb/sourcespb/sources.pb.go index 9941dc963adb..96a07b69634d 100644 --- a/pkg/pb/sourcespb/sources.pb.go +++ b/pkg/pb/sourcespb/sources.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.26.0 -// protoc v3.20.0 +// protoc-gen-go v1.33.0 +// protoc v4.25.3 // source: sources.proto package sourcespb @@ -230,7 +230,7 @@ type LocalSource struct { // human-readable format (e.g. 45s, 30m, 12h, etc.) which is not possible with a duration. // https://protobuf.dev/reference/protobuf/google.protobuf/#duration // - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in sources.proto. ScanInterval *durationpb.Duration `protobuf:"bytes,3,opt,name=scan_interval,json=scanInterval,proto3" json:"scan_interval,omitempty"` Verify bool `protobuf:"varint,4,opt,name=verify,proto3" json:"verify,omitempty"` Connection *anypb.Any `protobuf:"bytes,5,opt,name=connection,proto3" json:"connection,omitempty"` @@ -283,7 +283,7 @@ func (x *LocalSource) GetName() string { return "" } -// Deprecated: Do not use. +// Deprecated: Marked as deprecated in sources.proto. func (x *LocalSource) GetScanInterval() *durationpb.Duration { if x != nil { return x.ScanInterval diff --git a/pkg/pb/sourcespb/sources.pb.validate.go b/pkg/pb/sourcespb/sources.pb.validate.go index 29de5a3e378f..c89ecdfff6c3 100644 --- a/pkg/pb/sourcespb/sources.pb.validate.go +++ b/pkg/pb/sourcespb/sources.pb.validate.go @@ -234,9 +234,18 @@ func (m *Artifactory) validate(all bool) error { errors = append(errors, err) } - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Artifactory_BasicAuth: + if v == nil { + err := ArtifactoryValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -268,9 +277,28 @@ func (m *Artifactory) validate(all bool) error { } case *Artifactory_AccessToken: + if v == nil { + err := ArtifactoryValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for AccessToken - case *Artifactory_Unauthenticated: + if v == nil { + err := ArtifactoryValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -301,6 +329,8 @@ func (m *Artifactory) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -402,12 +432,30 @@ func (m *AzureStorage) validate(all bool) error { var errors []error - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *AzureStorage_ConnectionString: + if v == nil { + err := AzureStorageValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for ConnectionString - case *AzureStorage_BasicAuth: + if v == nil { + err := AzureStorageValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -439,9 +487,28 @@ func (m *AzureStorage) validate(all bool) error { } case *AzureStorage_ClientCertificate: + if v == nil { + err := AzureStorageValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for ClientCertificate - case *AzureStorage_Unauthenticated: + if v == nil { + err := AzureStorageValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -472,6 +539,8 @@ func (m *AzureStorage) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -589,12 +658,30 @@ func (m *Bitbucket) validate(all bool) error { // no validation rules for SkipArchives - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Bitbucket_Token: + if v == nil { + err := BitbucketValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - case *Bitbucket_Oauth: + if v == nil { + err := BitbucketValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetOauth()).(type) { @@ -626,6 +713,16 @@ func (m *Bitbucket) validate(all bool) error { } case *Bitbucket_BasicAuth: + if v == nil { + err := BitbucketValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -656,6 +753,8 @@ func (m *Bitbucket) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -769,11 +868,21 @@ func (m *CircleCI) validate(all bool) error { errors = append(errors, err) } - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *CircleCI_Token: + if v == nil { + err := CircleCIValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -887,11 +996,21 @@ func (m *TravisCI) validate(all bool) error { errors = append(errors, err) } - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *TravisCI_Token: + if v == nil { + err := TravisCIValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -1013,9 +1132,18 @@ func (m *Confluence) validate(all bool) error { // no validation rules for SkipHistory - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Confluence_Unauthenticated: + if v == nil { + err := ConfluenceValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -1047,6 +1175,16 @@ func (m *Confluence) validate(all bool) error { } case *Confluence_BasicAuth: + if v == nil { + err := ConfluenceValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -1078,8 +1216,19 @@ func (m *Confluence) validate(all bool) error { } case *Confluence_Token: + if v == nil { + err := ConfluenceValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -1180,9 +1329,18 @@ func (m *Docker) validate(all bool) error { var errors []error - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Docker_Unauthenticated: + if v == nil { + err := DockerValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -1214,6 +1372,16 @@ func (m *Docker) validate(all bool) error { } case *Docker_BasicAuth: + if v == nil { + err := DockerValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -1245,11 +1413,31 @@ func (m *Docker) validate(all bool) error { } case *Docker_BearerToken: + if v == nil { + err := DockerValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for BearerToken - case *Docker_DockerKeychain: + if v == nil { + err := DockerValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for DockerKeychain - + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -1350,9 +1538,18 @@ func (m *ECR) validate(all bool) error { var errors []error - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *ECR_AccessKey: + if v == nil { + err := ECRValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetAccessKey()).(type) { @@ -1383,6 +1580,8 @@ func (m *ECR) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -1590,15 +1789,42 @@ func (m *GCS) validate(all bool) error { // no validation rules for MaxObjectSize - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *GCS_JsonServiceAccount: + if v == nil { + err := GCSValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for JsonServiceAccount - case *GCS_ApiKey: + if v == nil { + err := GCSValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for ApiKey - case *GCS_Unauthenticated: + if v == nil { + err := GCSValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -1630,6 +1856,16 @@ func (m *GCS) validate(all bool) error { } case *GCS_Adc: + if v == nil { + err := GCSValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetAdc()).(type) { @@ -1661,9 +1897,28 @@ func (m *GCS) validate(all bool) error { } case *GCS_ServiceAccountFile: + if v == nil { + err := GCSValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for ServiceAccountFile - case *GCS_Oauth: + if v == nil { + err := GCSValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetOauth()).(type) { @@ -1694,6 +1949,8 @@ func (m *GCS) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -1814,9 +2071,18 @@ func (m *Git) validate(all bool) error { // no validation rules for SkipArchives - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Git_BasicAuth: + if v == nil { + err := GitValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -1848,6 +2114,16 @@ func (m *Git) validate(all bool) error { } case *Git_Unauthenticated: + if v == nil { + err := GitValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -1879,6 +2155,16 @@ func (m *Git) validate(all bool) error { } case *Git_SshAuth: + if v == nil { + err := GitValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetSshAuth()).(type) { @@ -1909,6 +2195,8 @@ func (m *Git) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -2025,12 +2313,30 @@ func (m *GitLab) validate(all bool) error { // no validation rules for SkipArchives - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *GitLab_Token: + if v == nil { + err := GitLabValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - case *GitLab_Oauth: + if v == nil { + err := GitLabValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetOauth()).(type) { @@ -2062,6 +2368,16 @@ func (m *GitLab) validate(all bool) error { } case *GitLab_BasicAuth: + if v == nil { + err := GitLabValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -2092,6 +2408,8 @@ func (m *GitLab) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -2224,9 +2542,18 @@ func (m *GitHub) validate(all bool) error { // no validation rules for IncludeWikis - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *GitHub_GithubApp: + if v == nil { + err := GitHubValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetGithubApp()).(type) { @@ -2258,9 +2585,28 @@ func (m *GitHub) validate(all bool) error { } case *GitHub_Token: + if v == nil { + err := GitHubValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - case *GitHub_Unauthenticated: + if v == nil { + err := GitHubValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -2292,6 +2638,16 @@ func (m *GitHub) validate(all bool) error { } case *GitHub_BasicAuth: + if v == nil { + err := GitHubValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -2322,6 +2678,8 @@ func (m *GitHub) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -2423,11 +2781,21 @@ func (m *GoogleDrive) validate(all bool) error { var errors []error - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *GoogleDrive_RefreshToken: + if v == nil { + err := GoogleDriveValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for RefreshToken - + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -2542,9 +2910,18 @@ func (m *JIRA) validate(all bool) error { // no validation rules for InsecureSkipVerifyTls - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *JIRA_BasicAuth: + if v == nil { + err := JIRAValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -2576,6 +2953,16 @@ func (m *JIRA) validate(all bool) error { } case *JIRA_Unauthenticated: + if v == nil { + err := JIRAValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -2607,6 +2994,16 @@ func (m *JIRA) validate(all bool) error { } case *JIRA_Oauth: + if v == nil { + err := JIRAValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetOauth()).(type) { @@ -2638,8 +3035,19 @@ func (m *JIRA) validate(all bool) error { } case *JIRA_Token: + if v == nil { + err := JIRAValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -2741,9 +3149,18 @@ func (m *NPMUnauthenticatedPackage) validate(all bool) error { var errors []error - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *NPMUnauthenticatedPackage_Unauthenticated: + if v == nil { + err := NPMUnauthenticatedPackageValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -2774,6 +3191,8 @@ func (m *NPMUnauthenticatedPackage) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -2878,9 +3297,18 @@ func (m *PyPIUnauthenticatedPackage) validate(all bool) error { var errors []error - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *PyPIUnauthenticatedPackage_Unauthenticated: + if v == nil { + err := PyPIUnauthenticatedPackageValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -2911,6 +3339,8 @@ func (m *PyPIUnauthenticatedPackage) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -3016,9 +3446,18 @@ func (m *S3) validate(all bool) error { // no validation rules for MaxObjectSize - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *S3_AccessKey: + if v == nil { + err := S3ValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetAccessKey()).(type) { @@ -3050,6 +3489,16 @@ func (m *S3) validate(all bool) error { } case *S3_Unauthenticated: + if v == nil { + err := S3ValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -3081,6 +3530,16 @@ func (m *S3) validate(all bool) error { } case *S3_CloudEnvironment: + if v == nil { + err := S3ValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetCloudEnvironment()).(type) { @@ -3112,6 +3571,16 @@ func (m *S3) validate(all bool) error { } case *S3_SessionToken: + if v == nil { + err := S3ValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetSessionToken()).(type) { @@ -3142,6 +3611,8 @@ func (m *S3) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -3254,12 +3725,30 @@ func (m *Slack) validate(all bool) error { errors = append(errors, err) } - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Slack_Token: + if v == nil { + err := SlackValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - case *Slack_Tokens: + if v == nil { + err := SlackValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetTokens()).(type) { @@ -3290,6 +3779,8 @@ func (m *Slack) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -3489,11 +3980,21 @@ func (m *Buildkite) validate(all bool) error { var errors []error - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Buildkite_Token: + if v == nil { + err := BuildkiteValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -3610,9 +4111,18 @@ func (m *Gerrit) validate(all bool) error { // no validation rules for SkipArchives - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Gerrit_BasicAuth: + if v == nil { + err := GerritValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -3644,6 +4154,16 @@ func (m *Gerrit) validate(all bool) error { } case *Gerrit_Unauthenticated: + if v == nil { + err := GerritValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -3674,6 +4194,8 @@ func (m *Gerrit) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -3788,9 +4310,18 @@ func (m *Jenkins) validate(all bool) error { // no validation rules for InsecureSkipVerifyTls - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Jenkins_BasicAuth: + if v == nil { + err := JenkinsValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetBasicAuth()).(type) { @@ -3822,6 +4353,16 @@ func (m *Jenkins) validate(all bool) error { } case *Jenkins_Header: + if v == nil { + err := JenkinsValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetHeader()).(type) { @@ -3852,6 +4393,8 @@ func (m *Jenkins) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -3964,12 +4507,30 @@ func (m *Teams) validate(all bool) error { errors = append(errors, err) } - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Teams_Token: + if v == nil { + err := TeamsValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - case *Teams_Authenticated: + if v == nil { + err := TeamsValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetAuthenticated()).(type) { @@ -4001,6 +4562,16 @@ func (m *Teams) validate(all bool) error { } case *Teams_Oauth: + if v == nil { + err := TeamsValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetOauth()).(type) { @@ -4031,6 +4602,8 @@ func (m *Teams) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -4270,9 +4843,18 @@ func (m *Forager) validate(all bool) error { } } - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Forager_Unauthenticated: + if v == nil { + err := ForagerValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -4303,6 +4885,8 @@ func (m *Forager) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -4404,9 +4988,18 @@ func (m *SlackRealtime) validate(all bool) error { var errors []error - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *SlackRealtime_Tokens: + if v == nil { + err := SlackRealtimeValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetTokens()).(type) { @@ -4437,6 +5030,8 @@ func (m *SlackRealtime) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -4541,9 +5136,18 @@ func (m *Sharepoint) validate(all bool) error { // no validation rules for SiteUrl - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Sharepoint_Oauth: + if v == nil { + err := SharepointValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetOauth()).(type) { @@ -4574,6 +5178,8 @@ func (m *Sharepoint) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -4693,12 +5299,30 @@ func (m *AzureRepos) validate(all bool) error { // no validation rules for SkipArchives - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *AzureRepos_Token: + if v == nil { + err := AzureReposValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - case *AzureRepos_Oauth: + if v == nil { + err := AzureReposValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetOauth()).(type) { @@ -4729,6 +5353,8 @@ func (m *AzureRepos) validate(all bool) error { } } + default: + _ = v // ensures v is used } if len(errors) > 0 { @@ -4829,9 +5455,18 @@ func (m *Postman) validate(all bool) error { var errors []error - switch m.Credential.(type) { - + switch v := m.Credential.(type) { case *Postman_Unauthenticated: + if v == nil { + err := PostmanValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } if all { switch v := interface{}(m.GetUnauthenticated()).(type) { @@ -4863,8 +5498,19 @@ func (m *Postman) validate(all bool) error { } case *Postman_Token: + if v == nil { + err := PostmanValidationError{ + field: "Credential", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } // no validation rules for Token - + default: + _ = v // ensures v is used } if len(errors) > 0 { diff --git a/proto/detectors.proto b/proto/detectors.proto index 29c3deac8b97..d5cea73db55a 100644 --- a/proto/detectors.proto +++ b/proto/detectors.proto @@ -991,6 +991,7 @@ enum DetectorType { AzureSQL = 979; FlyIO = 980; BuiltWith = 981; + JupiterOne = 982; } message Result {