Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Redact more source credentials #3526

Merged
merged 2 commits into from
Oct 29, 2024
Merged

Redact more source credentials #3526

merged 2 commits into from
Oct 29, 2024

Conversation

rosecodym
Copy link
Collaborator

Description:

This PR implements global log redaction for the credentials of most other source types. It doesn't redact for sources that don't load their credentials with Init as a way to keep the PR simple - we can do those separately.

Checklist:

  • Tests passing (make test-community)?
  • Lint passing (make lint this requires golangci-lint)?

@rosecodym rosecodym requested a review from a team as a code owner October 29, 2024 16:11
@rosecodym rosecodym merged commit a136e31 into main Oct 29, 2024
13 checks passed
@rosecodym rosecodym deleted the redact-more-sources branch October 29, 2024 16:42
abmussani added a commit to abmussani/trufflehog that referenced this pull request Oct 30, 2024
@abmussani
Merge branch 'main' into impl-data-model-gitlab
3860259 
* main: (76 commits)
  update aws descriptions (trufflesecurity#3529)
  enforce timeout on circleci test (trufflesecurity#3528)
  rm snifftest (trufflesecurity#3527)
  Redact more source credentials (trufflesecurity#3526)
  Create global log redaction capability (trufflesecurity#3522)
  Adding basic "what is trufflehog" to the readme (trufflesecurity#3514)
  Handle custom detector response and include in extra data (trufflesecurity#3411)
  fix: fixed validation logic for `calendarific` (trufflesecurity#3480)
  fix(deps): update github.com/tailscale/depaware digest to 3d7f3b3 (trufflesecurity#3518)
  Move DecoderType into ResultWithMetadata trufflesecurity#3502
  Addeded 403 account block status code handling for gitlab (trufflesecurity#3471)
  updated gcpapplicationdefaultcredentials detector results with RawV2 (trufflesecurity#3499)
  fix(deps): update module github.com/brianvoe/gofakeit/v7 to v7.1.1 (trufflesecurity#3512)
  fix(deps): update module github.com/schollz/progressbar/v3 to v3.17.0 (trufflesecurity#3510)
  fix(deps): update module cloud.google.com/go/secretmanager to v1.14.2 (trufflesecurity#3498)
  Adds a logging section in the contributing guidelines (trufflesecurity#3509)
  fix: fixed verifcation pattern logic for `bulksms` (trufflesecurity#3478)
  Extend `algoliaadminkey` with additional checks (trufflesecurity#3459)
  fix(deps): update module google.golang.org/api to v0.203.0 (trufflesecurity#3497)
  fix: added correct api endpoint for verification & logic for Aeroworkflow (trufflesecurity#3435)
  ...
@renovate renovate bot mentioned this pull request Dec 12, 2024
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zricethezav zricethezav zricethezav approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rosecodym @zricethezav