mirror of
https://github.com/trufflesecurity/trufflehog.git
synced 2026-05-16 13:20:35 +00:00
Muneeb Ullah Khan
f9d1850dad
* [INS-241] New detector (datadogapikey) for datadog apikeys * Analyzer updated to cater endpoint * Added new tests for anlyzers * Removed print statement * resolved comments and fixed integration tests. * resolved comments * changed cli prompt * Fixed the comments and added app key validation in analyzer * renamed regex variable * Added found verified endpoint to ExtraData * Clean up Analyze function by removing comments Removed commented-out code for appKey and endpoint. * [INS-286] Added support to analyze just the apikey in datadog's analyzer * fixed linter issue * fixed comment and introduced snake case to make analyzer code cosistent and also fixed flaky tests * resolved bugbot comment * updated protos * resolve conflicts * updated protobuffs and resolved bugbot comments * made regex idiomatic * fixed ssrf vulnerability * fixed string formatting
Implementing Analyzers
Defining the Permissions
Permissions can be defined in:
- lower snake case as
permission_name:access_level - kebab case as
permission-name:read - dot notation as
permission.name:read
The Permissions are initially defined as a yaml file.
At the top of the analyzer implementation you specify the go generate command.
You can install the generator with go install github.com/trufflesecurity/trufflehog/v3/pkg/analyzer/generate_permissions.
Then you can run go generate ./... to generate the Permission types for the analyzer.
The generated Permission types are to be used in the AnalyzerResult struct when defining the Permissions and in your code.