package scanner

import "github.com/DefangLabs/secret-detector/pkg/scanner"

Index ¶

• Constants
• func NewDefaultScanner() secrets.Scanner
• func NewEmptyScanner() secrets.Scanner
• func NewScanner(transformers []secrets.Transformer, detectors []secrets.Detector, thresholdInBytes int) secrets.Scanner
• func NewScannerFromConfig(config Config) (secrets.Scanner, error)
• type Config
• func NewConfigFromJson(r io.Reader) (Config, error)
• func NewConfigFromYaml(r io.Reader) (Config, error)
• func NewConfigWithDefaults() Config
• type ConfigBuilder
• func NewConfigBuilder() ConfigBuilder
• func NewConfigBuilderFrom(config Config) ConfigBuilder
• func (builder ConfigBuilder) AppendDetectors(detectors ...string) ConfigBuilder
• func (builder ConfigBuilder) AppendTransformers(transformers ...string) ConfigBuilder
• func (builder ConfigBuilder) Build() Config
• func (builder ConfigBuilder) RemoveDetectors(detectors ...string) ConfigBuilder
• func (builder ConfigBuilder) RemoveTransformers(transformers ...string) ConfigBuilder
• func (builder ConfigBuilder) SetThreshold(thresholdInBytes int) ConfigBuilder

Constants ¶

const (
	DefaultThreshold int = 10 * 1e6 // 10MB
)

const (
	SizeThresholdViolationType = "Suspicious text file size"
)

Functions ¶

func NewDefaultScanner ¶

func NewDefaultScanner() secrets.Scanner

func NewEmptyScanner ¶

func NewEmptyScanner() secrets.Scanner

func NewScanner ¶

func NewScanner(transformers []secrets.Transformer, detectors []secrets.Detector, thresholdInBytes int) secrets.Scanner

func NewScannerFromConfig ¶

func NewScannerFromConfig(config Config) (secrets.Scanner, error)

Types ¶

type Config ¶

type Config struct {
	Transformers     []string            `json:"transformers" yaml:"transformers"`
	Detectors        []string            `json:"detectors" yaml:"detectors"`
	DetectorConfigs  map[string][]string `json:"detectors_configs" yaml:"detectors_configs"`
	ThresholdInBytes int                 `json:"threshold_in_bytes" yaml:"threshold_in_bytes"`
}

Config represents a scanner configuration. Omitted fields will preserve the values of the default configuration.

Notice: filesTransformers order may affect the results, because the algorithm breaks on first successful transform. So it's better to order them from most specific to the most general. e.g. json is usually a legal yaml, but not vice versa. Hence, json is more specific.

yaml is usually a valid ini, but usually not vice versa. Hence, yaml is more specific.

Notice 2: detectors order may affect the results, because the algorithm breaks on first detection for single line input. So it's better to order them from most specific to the most general. e.g. GitHub key might also be a high entropy base64 string.

func NewConfigFromJson ¶

func NewConfigFromJson(r io.Reader) (Config, error)

func NewConfigFromYaml ¶

func NewConfigFromYaml(r io.Reader) (Config, error)

func NewConfigWithDefaults ¶

func NewConfigWithDefaults() Config

type ConfigBuilder ¶

type ConfigBuilder struct {
	// contains filtered or unexported fields
}

func NewConfigBuilder ¶

func NewConfigBuilder() ConfigBuilder

func NewConfigBuilderFrom ¶

func NewConfigBuilderFrom(config Config) ConfigBuilder

func (ConfigBuilder) AppendDetectors ¶

func (builder ConfigBuilder) AppendDetectors(detectors ...string) ConfigBuilder

func (ConfigBuilder) AppendTransformers ¶

func (builder ConfigBuilder) AppendTransformers(transformers ...string) ConfigBuilder

func (ConfigBuilder) Build ¶

func (builder ConfigBuilder) Build() Config

func (ConfigBuilder) RemoveDetectors ¶

func (builder ConfigBuilder) RemoveDetectors(detectors ...string) ConfigBuilder

func (ConfigBuilder) RemoveTransformers ¶

func (builder ConfigBuilder) RemoveTransformers(transformers ...string) ConfigBuilder

func (ConfigBuilder) SetThreshold ¶

func (builder ConfigBuilder) SetThreshold(thresholdInBytes int) ConfigBuilder

Source Files ¶

config.go is_text_file.go scanner.go