gitlab.com/gitlab-org/security-products/analyzers/secrets/v2
Readme
GitLab analyzer for leaked secrets. This analyzer is based on the Gitleaks, and TruffleHog tools; it reports possible secret leaks, like application tokens and cryptographic keys, in the source code and files contained in your project.
This analyzer is written in Go using the common library shared by all analyzers.
The common library contains documentation on how to run, test and modify this analyzer.
Please check the common Versioning and release process documentation.
This project adds a name and a description to the rules present in Gitleaks and TruffleHog; updating the underlying tools requires updating this information.
To update a tool:
Dockerfile.convert directory):
convert/common.go.Contributions are welcome, see CONTRIBUTING.md for more details.
This code is distributed under the GitLab Enterprise Edition (EE) license, see the LICENSE file.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cyber extortion in the US and Canada hit record levels in 2023, with ransomware attacks surging and median ransom demands skyrocketing, though fewer companies are choosing to pay ransoms.
Security News
Ecma TC39 is meeting this week and has moved key ECMAScript proposals forward, advancing Deferred Import Evaluation, Error.isError(), RegExp Escaping, and Promise.try to the next stages.
Security News
Researchers have demonstrated that teams of LLM agents can exploit zero-day vulnerabilities with a 53% success rate, and the costs of using AI to do so are rapidly becoming more affordable than hiring a human penetration tester.