-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
updated gcpapplicationdefaultcredentials detector results with RawV2 #3499
updated gcpapplicationdefaultcredentials detector results with RawV2 #3499
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@kashifkhan0771 you might need to take a look at integration test as well.
@@ -79,6 +79,8 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result | |||
s1 := detectors.Result{ | |||
DetectorType: detectorspb.DetectorType_GCPApplicationDefaultCredentials, | |||
Raw: []byte(detectedClientID), | |||
RawV2: []byte(detectedClientID + creds.RefreshToken), | |||
Redacted: creds.RefreshToken, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should redacted
field posses censored version of RefreshToken
? @zricethezav I noted there is mix strategy, Some detectors are censoring, some not. Is there any particular documentation about it ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shall we censor it or not @zricethezav @abmussani ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO, it should be, similar to what is done in OpenAI.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done @abmussani ✅
d5dd85e
to
8088855
Compare
Description:
Added refresh token in RawV2 for
gcpapplicationdefaultcredentials
detector.JIRA Ticket:
https://trufflesecurity.atlassian.net/jira/servicedesk/projects/CSM/queues/custom/43/CSM-706
Checklist:
make test-community
)?make lint
this requires golangci-lint)?