From fc863b93facaed5ab1b7ca887de239de9fc48fc8 Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Sun, 17 Dec 2023 20:59:01 -0500 Subject: [PATCH 01/14] upgrade base64 decoding, keyword_type -> attributes array --- internal/app/keyword_scan.go | 84 +++++++++++++++++++----------------- 1 file changed, 45 insertions(+), 39 deletions(-) diff --git a/internal/app/keyword_scan.go b/internal/app/keyword_scan.go index e491f92..e975bb6 100644 --- a/internal/app/keyword_scan.go +++ b/internal/app/keyword_scan.go @@ -1,6 +1,7 @@ package app import ( + "encoding/base64" b64 "encoding/base64" "encoding/json" "fmt" @@ -9,6 +10,7 @@ import ( "net/http" "regexp" "strings" + "unicode/utf8" "github.com/fatih/color" ) @@ -21,13 +23,13 @@ type ResultScan struct { // Match represents a keyword/API key match type Match struct { - Text string - KeywordType string - Line Line - Commit string - CommitFile string - File string - Expression string + Text string + Attributes []string + Line Line + Commit string + CommitFile string + File string + Expression string } // Line represents a text line, the context for a Match. @@ -86,7 +88,7 @@ func ScanAndPrintResult(client *http.Client, repo RepoSearchResult) { color.Green("[" + resultRepoURL + "]") } for _, result := range matches { - if result.KeywordType == "apiKey" { + if slice_contains(result.Attributes, "api_key") { if apiKeyMap[result.Text] == true { continue } @@ -96,18 +98,18 @@ func ScanAndPrintResult(client *http.Client, repo RepoSearchResult) { fmt.Println(result.Text) } else { if GetFlags().JsonOutput { - a, _ := json.Marshal(map[string]string{ - "repo": resultRepoURL, - "context": result.Line.Text, - "match": result.Line.Text[result.Line.MatchIndex:result.Line.MatchEndIndex], - "type": result.KeywordType, - "url": GetResultLink(repo, result), + a, _ := json.Marshal(map[string]interface{}{ + "repo": resultRepoURL, + "context": result.Line.Text, + "match": result.Line.Text[result.Line.MatchIndex:result.Line.MatchEndIndex], + "attributes": result.Attributes, + "url": GetResultLink(repo, result), }) fmt.Println(string(a)) } else { PrintContextLine(result.Line) PrintPatternLine(result) - PrintKeywordType(result) + PrintAttributes(result) color.New(color.Faint).Println(GetResultLink(repo, result)) } } @@ -124,6 +126,7 @@ func MatchKeywords(source string) (matches []Match) { base64Regex := "\\b[a-zA-Z0-9/+]*={0,2}\\b" regex := regexp.MustCompile(base64Regex) + // Match Keywords on decoded base64 strings base64Strings := regex.FindAllString(source, -1) if base64Strings != nil { for _, match := range base64Strings { @@ -135,8 +138,8 @@ func MatchKeywords(source string) (matches []Match) { } } } - // fmt.Println(source) - // loop over regexes from database + + // Loop over regexes from database for _, regex := range GetFlags().TextRegexes.Rules { regexp := regex.Regex.RegExp matchStrings := regexp.FindAllString(source, -1) @@ -150,10 +153,10 @@ func MatchKeywords(source string) (matches []Match) { } if shouldMatch { matches = append(matches, Match{ - KeywordType: regex.Name, - Text: string(match), - Expression: regexp.String(), - Line: GetLine(source, match), + Attributes: []string{regex.Name}, + Text: string(match), + Expression: regexp.String(), + Line: GetLine(source, match), }) } } @@ -189,27 +192,30 @@ func MatchCustomRegex(source string) (matches []Match) { if source == "" { return matches } + base64Regex := "\\b[a-zA-Z0-9/+]*={0,2}\\b" regex := regexp.MustCompile(base64Regex) - base64Strings := regex.FindAllString(source, -1) - if base64Strings != nil { - for _, match := range base64Strings { - decoded, _ := b64.StdEncoding.DecodeString(match) - decodedMatches := MatchCustomRegex(string(decoded)) - for _, decodedMatch := range decodedMatches { - matches = append(matches, decodedMatch) - } + base64Strings := regex.FindAllStringIndex(source, -1) + for _, indices := range base64Strings { + match := source[indices[0]:indices[1]] + decodedBytes, err := base64.StdEncoding.DecodeString(match) + if err == nil && utf8.Valid(decodedBytes) { + decodedStr := string(decodedBytes) + source = source[:indices[0]] + decodedStr + source[indices[1]:] + decodedMatches := MatchKeywords(source) + matches = append(matches, decodedMatches...) } } + for _, regex := range customRegexes { regMatches := regex.FindAllString(source, -1) for _, regMatch := range regMatches { matches = append(matches, Match{ - KeywordType: "custom", - Text: regMatch, - Expression: regex.String(), - Line: GetLine(source, regMatch), + Attributes: []string{"regex"}, + Text: regMatch, + Expression: regex.String(), + Line: GetLine(source, regMatch), }) } @@ -229,10 +235,10 @@ func MatchFileExtensions(source string, result RepoSearchResult) (matches []Matc for _, match := range matchStrings { if len(match) > 0 { matches = append(matches, Match{ - KeywordType: "fileExtension", - Text: string(match[0]), - Expression: regex.String(), - Line: GetLine(source, match[0]), + Attributes: []string{"interesting_filename"}, + Text: string(match[0]), + Expression: regex.String(), + Line: GetLine(source, match[0]), }) } } @@ -266,8 +272,8 @@ func PrintPatternLine(match Match) { fmt.Printf("RegEx Pattern: %s\n", match.Expression) } -func PrintKeywordType(match Match) { - fmt.Printf("Keyword Type: %s\n", match.KeywordType) +func PrintAttributes(match Match) { + fmt.Printf("Attributes: %v\n", match.Attributes) } // Entropy calculates the Shannon entropy of a string From e89e2f26e683190e3366d6f68fee8bc0cfddf8b2 Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Wed, 20 Dec 2023 00:51:19 -0500 Subject: [PATCH 02/14] update go version --- go.mod | 45 +++- go.sum | 389 +---------------------------------- internal/app/dig.go | 20 +- internal/app/github.go | 7 +- internal/app/keyword_scan.go | 100 +++------ internal/app/search.go | 28 ++- internal/app/util.go | 9 + 7 files changed, 104 insertions(+), 494 deletions(-) diff --git a/go.mod b/go.mod index 6aa07e3..cd87033 100644 --- a/go.mod +++ b/go.mod @@ -1,28 +1,55 @@ module github.com/tillson/git-hound -go 1.12 +go 1.18 require ( github.com/BurntSushi/toml v1.2.1 + github.com/fatih/color v1.13.0 + github.com/go-git/go-git/v5 v5.4.2 + github.com/google/go-github v17.0.0+incompatible + github.com/google/go-github/v57 v57.0.0 + github.com/pquerna/otp v1.3.0 + github.com/spf13/cobra v1.4.0 + github.com/spf13/viper v1.12.0 + github.com/waigani/diffparser v0.0.0-20190828052634-7391f219313d + golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e +) + +require ( github.com/Microsoft/go-winio v0.5.2 // indirect github.com/ProtonMail/go-crypto v0.0.0-20220517143526-88bb52951d5b // indirect + github.com/acomagu/bufpipe v1.0.3 // indirect github.com/boombuler/barcode v1.0.1 // indirect github.com/emirpasic/gods v1.18.1 // indirect - github.com/fatih/color v1.13.0 - github.com/go-git/go-git/v5 v5.4.2 - github.com/google/go-github v17.0.0+incompatible + github.com/fsnotify/fsnotify v1.5.4 // indirect + github.com/go-git/gcfg v1.5.0 // indirect + github.com/go-git/go-billy/v5 v5.3.1 // indirect github.com/google/go-querystring v1.1.0 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect github.com/imdario/mergo v0.3.13 // indirect + github.com/inconshreveable/mousetrap v1.0.0 // indirect + github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect + github.com/magiconair/properties v1.8.6 // indirect + github.com/mattn/go-colorable v0.1.12 // indirect + github.com/mattn/go-isatty v0.0.14 // indirect + github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/pelletier/go-toml v1.9.5 // indirect github.com/pelletier/go-toml/v2 v2.0.2 // indirect - github.com/pquerna/otp v1.3.0 github.com/sergi/go-diff v1.2.0 // indirect - github.com/spf13/cobra v1.4.0 - github.com/spf13/viper v1.12.0 + github.com/spf13/afero v1.8.2 // indirect + github.com/spf13/cast v1.5.0 // indirect + github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect github.com/subosito/gotenv v1.4.0 // indirect - github.com/waigani/diffparser v0.0.0-20190828052634-7391f219313d github.com/xanzy/ssh-agent v0.3.1 // indirect - golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e golang.org/x/net v0.9.0 // indirect + golang.org/x/sys v0.7.0 // indirect + golang.org/x/term v0.7.0 // indirect + golang.org/x/text v0.9.0 // indirect gopkg.in/ini.v1 v1.66.6 // indirect + gopkg.in/warnings.v0 v0.1.2 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 81d354f..c481dff 100644 --- a/go.sum +++ b/go.sum @@ -17,32 +17,14 @@ cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHOb cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= -cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= -cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= -cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= -cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= -cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= -cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= -cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= -cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= -cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= -cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= -cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= -cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= -cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= -cloud.google.com/go/compute v1.6.0/go.mod h1:T29tfhtVbq1wvAPo0E3+7vhgmkOYeXjhFvz/FMzPu0s= -cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLqV/jJ3thU= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/firestore v1.6.1/go.mod h1:asNXNOzBdyVQmEU+ggO8UPodTkEVFW5Qx+rwHnAz+EY= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= @@ -58,66 +40,36 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03 github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak= github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA= github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= -github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= github.com/ProtonMail/go-crypto v0.0.0-20220517143526-88bb52951d5b h1:lcbBNuQhppsc7A5gjdHmdlqUqJfgGMylBdGyDs0j7G8= github.com/ProtonMail/go-crypto v0.0.0-20220517143526-88bb52951d5b/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= -github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= -github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= -github.com/armon/go-metrics v0.3.10/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= -github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs= github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= -github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= -github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= @@ -126,22 +78,13 @@ github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.m github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= -github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= -github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 h1:BHsljHzVlRcyQhjrss6TZTdY2VfCqZPbv5k3iBFa2ZQ= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= -github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0= github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= @@ -156,21 +99,10 @@ github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= @@ -178,8 +110,6 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= -github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= -github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -194,10 +124,6 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -208,22 +134,18 @@ github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-github v17.0.0+incompatible h1:N0LgJ1j65A7kfXrZnUDaYCs/Sf4rEjNlfyDHW9dolSY= github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= +github.com/google/go-github/v57 v57.0.0 h1:L+Y3UPTY8ALM8x+TV0lg+IEBI+upibemtBD8Q9u7zHs= +github.com/google/go-github/v57 v57.0.0/go.mod h1:s0omdnye0hvK/ecLvpsGfJMiRt85PimQh4oygmLIxHw= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= @@ -234,52 +156,15 @@ github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= -github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM= -github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/OthfcblKl4IGNaM= -github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99EXz9pXxye9YM= -github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/hashicorp/consul/api v1.12.0/go.mod h1:6pVBMo0ebnYdt2S3H87XhekM/HHrUoTD2XXb/VrZVy0= -github.com/hashicorp/consul/sdk v0.8.0/go.mod h1:GBvyrGALthsZObzUGsfgHZQDXjg4lOjagTIwIR1vPms= -github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-hclog v0.12.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= -github.com/hashicorp/go-hclog v1.2.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= -github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= -github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= -github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= -github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= -github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= -github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= -github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/mdns v1.0.4/go.mod h1:mtBihi+LeNXGtG8L9dX59gAEa12BDtBQSp4v/YAJqrc= -github.com/hashicorp/memberlist v0.3.0/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= -github.com/hashicorp/serf v0.9.6/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpTwn9UV4= -github.com/hashicorp/serf v0.9.7/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpTwn9UV4= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= @@ -290,30 +175,17 @@ github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANyt github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= -github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -322,92 +194,38 @@ github.com/magiconair/properties v1.8.6 h1:5ibWZ6iY0NctNGWo87LalDlEZ6R41TqbbDamh github.com/magiconair/properties v1.8.6/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= -github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= -github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84= -github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= -github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= -github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= -github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= -github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo= github.com/pelletier/go-toml/v2 v2.0.2 h1:+jQXlF3scKIcSEKkdHzXhCTDLPFi5r1wnK6yPS+49Gw= github.com/pelletier/go-toml/v2 v2.0.2/go.mod h1:MovirKjgVRESsAvNZlAjtFwV867yGuwRkXbG66OzopI= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= -github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= github.com/pquerna/otp v1.3.0 h1:oJV/SkzR33anKXwQU3Of42rL4wbrffP4uvUf1SvS5Xs= github.com/pquerna/otp v1.3.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_golang v1.11.1/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k= -github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/sagikazarmark/crypt v0.6.0/go.mod h1:U8+INwJo3nBv1m6A/8OBXAq7Jnpspk5AxSgDyEQcea8= -github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.8.2 h1:xehSyVa0YnHWsJ49JFljMpg1HX19V6NDZ1fkm1Xznbo= github.com/spf13/afero v1.8.2/go.mod h1:CtAatgMJh6bJEIs48Ay/FOnkljP3WeGUG0MC1RfAqwo= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= @@ -426,15 +244,11 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/subosito/gotenv v1.3.0/go.mod h1:YzJjq/33h7nrwdY+iHMhEOEEbW0ovIz0tB6t6PwAXzs= github.com/subosito/gotenv v1.4.0 h1:yAzM1+SmVcz5R4tXGsNMu1jUl2aOJXoiWUCEwwnGrvs= github.com/subosito/gotenv v1.4.0/go.mod h1:mZd6rFysKEcUhUHXJk0C/08wAgyDBFuwEYL7vWWGaGo= -github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= github.com/waigani/diffparser v0.0.0-20190828052634-7391f219313d h1:xQcF7b7cZLWZG/+7A4G7un1qmEDYHIvId9qxRS1mZMs= github.com/waigani/diffparser v0.0.0-20190828052634-7391f219313d/go.mod h1:BzSc3WEF8R+lCaP5iGFRxd5kIXy4JKOZAwNe1w0cdc0= github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= @@ -444,37 +258,22 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -go.etcd.io/etcd/api/v3 v3.5.4/go.mod h1:5GB2vv4A4AOn3yk7MftYGHkUfGtDHnEraIjym4dYz5A= -go.etcd.io/etcd/client/pkg/v3 v3.5.4/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= -go.etcd.io/etcd/client/v2 v2.305.4/go.mod h1:Ud+VUwIi9/uQHOMA+4ekToJ12lTxlv0zB/+DHwTGEbU= -go.etcd.io/etcd/client/v3 v3.5.4/go.mod h1:ZaRkVgBZC+L+dLCjTcF1hRXpgZXQPOvnA/Ak/gq3kiY= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= -go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= -go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e h1:T8NU3HyQ8ClP4SEE+KbFlg6n0NhuTsN4MyznaarGsZM= golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -500,7 +299,6 @@ golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRu golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= @@ -511,12 +309,8 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -524,11 +318,9 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -545,25 +337,10 @@ golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81R golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy7fQ90B1CfIiPueXVOjqfkSzI8= -golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220520000938-2e3eb7b945c2/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -575,17 +352,6 @@ golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -596,37 +362,24 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220513210516-0976fa681c29/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -637,8 +390,6 @@ golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -647,47 +398,18 @@ golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.7.0 h1:BEvjmm5fURWqcfbSKTdpkDXYBrUS1c0m8agp14W48vQ= golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -696,10 +418,6 @@ golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -718,7 +436,6 @@ golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -743,7 +460,6 @@ golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= @@ -752,22 +468,12 @@ golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= -golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -787,26 +493,6 @@ google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz513 google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= -google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= -google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= -google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= -google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= -google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= -google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= -google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= -google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= -google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= -google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= -google.golang.org/api v0.59.0/go.mod h1:sT2boj7M9YJxZzgeZqXogmhfmRWDtPzT31xkieUbuZU= -google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= -google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= -google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g= -google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA= -google.golang.org/api v0.71.0/go.mod h1:4PyU6e6JogV1f9eA4voyrTY2batOLdgZ5qZ5HOCc4j8= -google.golang.org/api v0.74.0/go.mod h1:ZpfMZOVRMywNyvJFeqL9HRWBgAuRfSjJFpe9QtRRyDs= -google.golang.org/api v0.75.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA= -google.golang.org/api v0.78.0/go.mod h1:1Sg78yoMLOhlQTeF+ARBoytAcH1NNyyl390YMy6rKmw= -google.golang.org/api v0.81.0/go.mod h1:FA6Mb/bZxj706H2j+j2d6mHEEaHBmbbWnkfvmorOCko= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -837,7 +523,6 @@ google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= @@ -850,48 +535,7 @@ google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= -google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= -google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24= -google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= -google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= -google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= -google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= -google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w= -google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211008145708-270636b82663/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211028162531-8db9c33dc351/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220310185008-1973136f34c6/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220324131243-acbaeb5b85eb/go.mod h1:hAL49I2IFola2sVEjAn7MEwsja0xp51I0tlGAf9hz4E= -google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= -google.golang.org/genproto v0.0.0-20220413183235-5e96e2839df9/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= -google.golang.org/genproto v0.0.0-20220414192740-2d67ff6cf2b4/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= -google.golang.org/genproto v0.0.0-20220421151946-72621c1f0bd3/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= -google.golang.org/genproto v0.0.0-20220429170224-98d788798c3e/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= -google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= -google.golang.org/genproto v0.0.0-20220519153652-3a47de7e79bd/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -905,24 +549,9 @@ google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3Iji google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= -google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= -google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= -google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= -google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= -google.golang.org/grpc v1.46.2/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= -google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -933,11 +562,6 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -945,22 +569,16 @@ gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/ini.v1 v1.66.4/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.66.6 h1:LATuAqN/shcYAOkv3wl2L4rkaKqkcgTBQjOyYDvcPKI= gopkg.in/ini.v1 v1.66.6/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= @@ -974,4 +592,3 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/internal/app/dig.go b/internal/app/dig.go index b601a04..e64c951 100644 --- a/internal/app/dig.go +++ b/internal/app/dig.go @@ -97,7 +97,7 @@ func digHelper(result RepoSearchResult) (matches []Match) { return matches } - matchMap := make(map[Match]bool) + // matchMap := make(map[Match]bool) if GetFlags().DigRepo { // search current repo state root := "/tmp/githound/" + result.Repo @@ -129,7 +129,7 @@ func digHelper(result RepoSearchResult) (matches []Match) { newMatches = append(newMatches, match) score += 5 } - if float32(len(ascii))/float32(len(data)) < 0.7 { + if float32(len(ascii))/float32(len(data)) < 0.9 { // fmt.Println("skipping: " + file) } else { searchMatches, searchScore := GetMatchesForString(string(ascii), result) @@ -148,10 +148,10 @@ func digHelper(result RepoSearchResult) (matches []Match) { relPath := strings.Join(strings.Split(file[len("/tmp/githound/"):], "/")[2:], "/") match.CommitFile = relPath match.File = relPath - if !matchMap[match] { - matchMap[match] = true - matches = append(matches, match) - } + // if !matchMap[match] { + // matchMap[match] = true + // matches = append(matches, match) + // } } } } else { @@ -196,10 +196,10 @@ func digHelper(result RepoSearchResult) (matches []Match) { diffMatches := ScanDiff(lastHash, commitTree, result) for _, match := range diffMatches { match.Commit = c.Hash.String() - if !matchMap[match] { - matchMap[match] = true - matches = append(matches, match) - } + // if !matchMap[match] { + // matchMap[match] = true + // matches = append(matches, match) + // } } lastHash = commitTree return nil diff --git a/internal/app/github.go b/internal/app/github.go index 76eb824..84ef175 100644 --- a/internal/app/github.go +++ b/internal/app/github.go @@ -14,7 +14,7 @@ import ( "strings" "time" - "github.com/google/go-github/github" + "github.com/google/go-github/v57/github" "github.com/pquerna/otp/totp" ) @@ -58,15 +58,16 @@ func LoginToGitHub(credentials GitHubCredentials) (httpClient *http.Client, err // fmt.Println(resp.StatusCode) data, err := ioutil.ReadAll(resp.Body) dataStr := string(data) + // fmt.Println(dataStr) if strings.Index(dataStr, "Incorrect username or password.") > -1 { - return nil, fmt.Errorf("Incorrect username or password.") + return nil, fmt.Errorf("Incorrect username or password.") } if strings.Index(dataStr, "app_otp") > -1 { csrf, err = GrabCSRFTokenBody(dataStr) if err != nil { return nil, err } - + // fmt.Println(csrf) otp := HandleOTPCode(credentials) if strings.Index(resp.Request.URL.String(), "verified-device") > -1 { diff --git a/internal/app/keyword_scan.go b/internal/app/keyword_scan.go index e975bb6..90822b0 100644 --- a/internal/app/keyword_scan.go +++ b/internal/app/keyword_scan.go @@ -2,7 +2,6 @@ package app import ( "encoding/base64" - b64 "encoding/base64" "encoding/json" "fmt" "log" @@ -50,6 +49,7 @@ func ScanAndPrintResult(client *http.Client, repo RepoSearchResult) { if scannedRepos[repo.Repo] { return } + defer SearchWaitGroup.Done() if !GetFlags().FastMode { base := GetRawURLForSearchResult(repo) @@ -123,21 +123,6 @@ func MatchKeywords(source string) (matches []Match) { if GetFlags().NoKeywords || source == "" { return matches } - base64Regex := "\\b[a-zA-Z0-9/+]*={0,2}\\b" - regex := regexp.MustCompile(base64Regex) - - // Match Keywords on decoded base64 strings - base64Strings := regex.FindAllString(source, -1) - if base64Strings != nil { - for _, match := range base64Strings { - decoded, _ := b64.StdEncoding.DecodeString(match) - decodedMatches := MatchKeywords(string(decoded)) - - for _, decodedMatch := range decodedMatches { - matches = append(matches, decodedMatch) - } - } - } // Loop over regexes from database for _, regex := range GetFlags().TextRegexes.Rules { @@ -165,49 +150,12 @@ func MatchKeywords(source string) (matches []Match) { return matches } -// MatchAPIKeys takes a string and checks if it contains API keys using pattern matching and entropy checking. -func MatchAPIKeys(source string) (matches []Match) { - if GetFlags().NoAPIKeys || source == "" { - return matches - } - - base64Regex := "\\b[a-zA-Z0-9/+]*={0,2}\\b" - regex := regexp.MustCompile(base64Regex) - base64Strings := regex.FindAllString(source, -1) - if base64Strings != nil { - for _, match := range base64Strings { - decoded, _ := b64.StdEncoding.DecodeString(match) - decodedMatches := MatchAPIKeys(string(decoded)) - - for _, decodedMatch := range decodedMatches { - matches = append(matches, decodedMatch) - } - } - } - return matches -} - // MatchCustomRegex matches a string against a slice of regexes. func MatchCustomRegex(source string) (matches []Match) { if source == "" { return matches } - base64Regex := "\\b[a-zA-Z0-9/+]*={0,2}\\b" - regex := regexp.MustCompile(base64Regex) - - base64Strings := regex.FindAllStringIndex(source, -1) - for _, indices := range base64Strings { - match := source[indices[0]:indices[1]] - decodedBytes, err := base64.StdEncoding.DecodeString(match) - if err == nil && utf8.Valid(decodedBytes) { - decodedStr := string(decodedBytes) - source = source[:indices[0]] + decodedStr + source[indices[1]:] - decodedMatches := MatchKeywords(source) - matches = append(matches, decodedMatches...) - } - } - for _, regex := range customRegexes { regMatches := regex.FindAllString(source, -1) for _, regMatch := range regMatches { @@ -305,30 +253,30 @@ func GetResultLink(result RepoSearchResult, match Match) string { } } -func initializeCustomRegexes() { - loadedRegexes = true - regexStrings := GetFileLines(GetFlags().RegexFile) - for _, regexString := range regexStrings { - regex, err := regexp.Compile(regexString) - if err != nil { - color.Red("[!] Invalid regex: `" + regexString + " ` .") - break - } - customRegexes = append(customRegexes, regex) - } -} - // GetMatchesForString runs pattern matching and scoring checks on the given string // and returns the matches. func GetMatchesForString(source string, result RepoSearchResult) (matches []Match, score int) { - if !GetFlags().NoKeywords { - for _, match := range MatchKeywords(source) { - matches = append(matches, match) - score += 2 + + // Undecode any base64 and run again + base64Regex := "\\b[a-zA-Z0-9/+]*={0,2}\\b" + regex := regexp.MustCompile(base64Regex) + + base64_score := 0 + base64Strings := regex.FindAllStringIndex(source, -1) + for _, indices := range base64Strings { + match := source[indices[0]:indices[1]] + decodedBytes, err := base64.StdEncoding.DecodeString(match) + if err == nil && utf8.Valid(decodedBytes) { + decodedStr := string(decodedBytes) + new_source := source[:indices[0]] + decodedStr + source[indices[1]:] + decodedMatches, new_score := GetMatchesForString(new_source, result) + base64_score = new_score + matches = append(matches, decodedMatches...) } } - if !GetFlags().NoAPIKeys { - for _, match := range MatchAPIKeys(source) { + + if !GetFlags().NoKeywords { + for _, match := range MatchKeywords(source) { matches = append(matches, match) score += 2 } @@ -376,6 +324,9 @@ func GetMatchesForString(source string, result RepoSearchResult) (matches []Matc if GetFlags().NoScoring { score = 10 } + + score = score + (base64_score - len(base64Strings)*score) + return matches, score } @@ -393,10 +344,7 @@ func containsCommonWord(str string) bool { sumOfLengths += len(match) } - if float64(sumOfLengths)/float64(len(str)) > 0.5 { - return false - } - return true + return float64(sumOfLengths)/float64(len(str)) < 0.5 } func containsSequence(str string) bool { diff --git a/internal/app/search.go b/internal/app/search.go index 3ca5949..a2e86fd 100644 --- a/internal/app/search.go +++ b/internal/app/search.go @@ -9,8 +9,8 @@ import ( "regexp" "strconv" "strings" - "time" "sync" + "time" "github.com/fatih/color" ) @@ -21,7 +21,7 @@ type RepoSearchResult struct { File string Raw string Source string - Contents string + Contents string Query string URL string searchOptions *SearchOptions @@ -30,9 +30,9 @@ type RepoSearchResult struct { type NewSearchPayload struct { Payload struct { Results []struct { - RepoNwo string `json:"repo_nwo"` - RepoName string `json:"repo_name"` - Path string `json:"path"` + RepoNwo string `json:"repo_nwo"` + RepoName string `json:"repo_name"` + Path string `json:"path"` CommitSha string `json:"commit_sha"` // Repository struct { // } @@ -56,6 +56,8 @@ func Search(query string, client *http.Client) (results []RepoSearchResult, err } resultMap := make(map[string]bool) + + // Rich GitHub search if !GetFlags().NoRepos { if len(languages) > 0 { for _, language := range languages { @@ -73,6 +75,8 @@ func Search(query string, client *http.Client) (results []RepoSearchResult, err } } } + + // Gist search if !GetFlags().NoGists { resultMap = make(map[string]bool) if len(languages) > 0 { @@ -102,6 +106,7 @@ func SearchGitHub(query string, options SearchOptions, client *http.Client, resu } else { base = "/~https://github.com/search" } + // fmt.Println(base) page, pages := 0, 1 var delay = 5 orders := []string{"asc"} @@ -113,6 +118,7 @@ func SearchGitHub(query string, options SearchOptions, client *http.Client, resu } for page < pages { str := ConstructSearchURL(base, query, options) + fmt.Println(str) // fmt.Println(str) response, err := client.Get(str) // fmt.Println(response.StatusCode) @@ -138,6 +144,7 @@ func SearchGitHub(query string, options SearchOptions, client *http.Client, resu } responseData, err := ioutil.ReadAll(response.Body) responseStr := string(responseData) + // fmt.Println(responseStr) if err != nil { @@ -150,8 +157,9 @@ func SearchGitHub(query string, options SearchOptions, client *http.Client, resu if len(matches) == 0 { resultRegex = regexp.MustCompile("(?s)react-app\\.embeddedData\">(.*?)<\\/script>") match := resultRegex.FindStringSubmatch(responseStr) + // fmt.Println(match) var resultPayload NewSearchPayload - + if len(match) == 0 { page++ continue @@ -218,7 +226,7 @@ func SearchGitHub(query string, options SearchOptions, client *http.Client, resu } if result.RepoName == "" { result.RepoName = result.RepoNwo - } + } resultSet[(result.RepoName + result.Path)] = true SearchWaitGroup.Add(1) go ScanAndPrintResult(client, RepoSearchResult{ @@ -228,11 +236,11 @@ func SearchGitHub(query string, options SearchOptions, client *http.Client, resu Source: "repo", Query: query, URL: "/~https://github.com/" + result.RepoName + "/blob/" + result.CommitSha + "/" + result.Path, - }) + }) // fmt.Println(result.RepoName + "/" + result.DefaultBranch + "/" + result.Path) - } + } } - } + } options.Page = (page + 1) } diff --git a/internal/app/util.go b/internal/app/util.go index dc65153..a43008d 100644 --- a/internal/app/util.go +++ b/internal/app/util.go @@ -63,3 +63,12 @@ func GetRawURLForSearchResult(repo RepoSearchResult) string { // Left this way in case other Source values ever exist return "" } + +func slice_contains(slice []string, item string) bool { + for _, s := range slice { + if s == item { + return true + } + } + return false +} From f4e2663d14761dfd7662a9032f9d6f7f8b15f917 Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Wed, 20 Dec 2023 01:00:36 -0500 Subject: [PATCH 03/14] add search_type flag and improve error messages --- cmd/root.go | 16 ++++++++++++---- internal/app/options.go | 1 + 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/cmd/root.go b/cmd/root.go index e4ef20b..0f39fd0 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -18,6 +18,7 @@ import ( // InitializeFlags initializes GitHound's command line flags. func InitializeFlags() { + rootCmd.PersistentFlags().StringVar(&app.GetFlags().SearchType, "search-type", "", "Search interface (`api` or `ui`).") rootCmd.PersistentFlags().StringVar(&app.GetFlags().QueryFile, "query-file", "", "A file containing a list of subdomains (or other queries).") rootCmd.PersistentFlags().StringVar(&app.GetFlags().Query, "query", "", "A query stiing (default: stdin)") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().DigRepo, "dig-files", false, "Dig through the repo's files to find more secrets (CPU intensive).") @@ -79,11 +80,18 @@ var rootCmd = &cobra.Command{ } } if len(queries) == 0 { - color.Red("[!] No search queries specified.") + color.Red("[!] No search queries specified. Use flag `--query [query]`, or pipe query into GitHound.") os.Exit(1) return } + if app.GetFlags().SearchType == "ui" && viper.GetString("github_username") == "" { + color.Red("[!] GitHound run in UI mode but github_username not specified in config.yml. Update config.yml or run in API mode (flag: `--search-type api`)") + os.Exit(1) + } else if app.GetFlags().SearchType == "api" && viper.GetString("github_access_token") == "" { + color.Red("[!] GitHound run in API mode but github_access_token not specified in config.yml. Update config.yml or run in UI mode (flag: `--search-type ui`)") + os.Exit(1) + } client, err := app.LoginToGitHub(app.GitHubCredentials{ Username: viper.GetString("github_username"), Password: viper.GetString("github_password"), @@ -92,7 +100,7 @@ var rootCmd = &cobra.Command{ if err != nil { fmt.Println(err) - color.Red("[!] Unable to login to GitHub.") + color.Red("[!] Unable to login to GitHub. Please check your username/password credentials.") os.Exit(1) } if !app.GetFlags().ResultsOnly && !app.GetFlags().JsonOutput { @@ -147,10 +155,10 @@ func ReadConfig() { err := viper.ReadInConfig() if err != nil { if app.GetFlags().ConfigFile != "" { - color.Red("[!] '" + app.GetFlags().ConfigFile + "' was not found.") + color.Red("[!] '" + app.GetFlags().ConfigFile + "' was not found. Please check the file path and try again.") } else { - color.Red("[!] config.yml was not found.") + color.Red("[!] config.yml was not found. Please ensure config.yml exists in current working directory or $HOME/.githound/, or use flag `--config [config_path]`.") } os.Exit(1) return diff --git a/internal/app/options.go b/internal/app/options.go index 1dd9748..f087372 100644 --- a/internal/app/options.go +++ b/internal/app/options.go @@ -26,6 +26,7 @@ type Flags struct { NoRepos bool ManyResults bool JsonOutput bool + SearchType string OTPCode string TextRegexes config } From 262cef65f76828b9861987341d533feef3e34c44 Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Wed, 20 Dec 2023 02:08:12 -0500 Subject: [PATCH 04/14] attempt at API search mode --- cmd/root.go | 36 ++----- internal/app/dig.go | 4 +- internal/app/keyword_scan.go | 42 ++++++--- internal/app/search_api.go | 114 +++++++++++++++++++++++ internal/app/{search.go => search_ui.go} | 39 ++++++++ 5 files changed, 189 insertions(+), 46 deletions(-) create mode 100644 internal/app/search_api.go rename internal/app/{search.go => search_ui.go} (89%) diff --git a/cmd/root.go b/cmd/root.go index 0f39fd0..b4e4979 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -85,6 +85,8 @@ var rootCmd = &cobra.Command{ return } + toml.DecodeFile(app.GetFlags().RegexFile, &app.GetFlags().TextRegexes) + if app.GetFlags().SearchType == "ui" && viper.GetString("github_username") == "" { color.Red("[!] GitHound run in UI mode but github_username not specified in config.yml. Update config.yml or run in API mode (flag: `--search-type api`)") os.Exit(1) @@ -92,37 +94,13 @@ var rootCmd = &cobra.Command{ color.Red("[!] GitHound run in API mode but github_access_token not specified in config.yml. Update config.yml or run in UI mode (flag: `--search-type ui`)") os.Exit(1) } - client, err := app.LoginToGitHub(app.GitHubCredentials{ - Username: viper.GetString("github_username"), - Password: viper.GetString("github_password"), - OTP: viper.GetString("github_totp_seed"), - }) - - if err != nil { - fmt.Println(err) - color.Red("[!] Unable to login to GitHub. Please check your username/password credentials.") - os.Exit(1) - } - if !app.GetFlags().ResultsOnly && !app.GetFlags().JsonOutput { - color.Cyan("[*] Logged into GitHub as " + viper.GetString("github_username")) - } - toml.DecodeFile(app.GetFlags().RegexFile, &app.GetFlags().TextRegexes) - for _, query := range queries { - _, err = app.Search(query, client) - if err != nil { - color.Red("[!] Unable to collect search results for query '" + query + "'.") - break - } - } - size, err = app.DirSize("/tmp/githound") - if err == nil && size > 50e+6 { - app.ClearRepoStorage() - } - if !app.GetFlags().ResultsOnly && !app.GetFlags().JsonOutput { - color.Green("Finished.") + + if app.GetFlags().SearchType == "ui" { + app.SearchWithUI(queries) + } else { + app.SearchWithAPI(queries) } - app.SearchWaitGroup.Wait() }, } diff --git a/internal/app/dig.go b/internal/app/dig.go index e64c951..fdf3114 100644 --- a/internal/app/dig.go +++ b/internal/app/dig.go @@ -132,7 +132,7 @@ func digHelper(result RepoSearchResult) (matches []Match) { if float32(len(ascii))/float32(len(data)) < 0.9 { // fmt.Println("skipping: " + file) } else { - searchMatches, searchScore := GetMatchesForString(string(ascii), result) + searchMatches, searchScore := GetMatchesForString(string(ascii), result, true) score += searchScore // fmt.Println(searchMatches) if searchScore > 1 { @@ -257,7 +257,7 @@ func ScanDiff(from *object.Tree, to *object.Tree, result RepoSearchResult) (matc if err != nil { log.Fatal(err) } - matches, _ = GetMatchesForString(patchStr, result) + matches, _ = GetMatchesForString(patchStr, result, true) for _, diffFile := range diffData.Files { for _, match := range MatchFileExtensions(diffFile.NewName, result) { matches = append(matches, match) diff --git a/internal/app/keyword_scan.go b/internal/app/keyword_scan.go index 90822b0..8bd9381 100644 --- a/internal/app/keyword_scan.go +++ b/internal/app/keyword_scan.go @@ -46,20 +46,24 @@ var loadedRegexes = false // ScanAndPrintResult scans and prints information about a search result. func ScanAndPrintResult(client *http.Client, repo RepoSearchResult) { + // fmt.Println(repo) + // SearchWaitGroup.Wait() if scannedRepos[repo.Repo] { return } - - defer SearchWaitGroup.Done() + // defer SearchWaitGroup.Done() if !GetFlags().FastMode { base := GetRawURLForSearchResult(repo) - data, err := DownloadRawFile(client, base, repo) if err != nil { log.Fatal(err) } repo.Contents = string(data) } + // debug message. size of data, repo, and path + if GetFlags().Debug { + fmt.Println("downloaded", len(repo.Contents), repo.Repo, repo.File) + } if GetFlags().AllResults { if GetFlags().JsonOutput { a, _ := json.Marshal(map[string]string{ @@ -74,7 +78,7 @@ func ScanAndPrintResult(client *http.Client, repo RepoSearchResult) { color.New(color.Faint).Println(repo.Contents) } } else { - matches, score := GetMatchesForString(repo.Contents, repo) + matches, score := GetMatchesForString(repo.Contents, repo, true) if repo.Source == "repo" && (GetFlags().DigCommits || GetFlags().DigRepo) && RepoIsUnpopular(client, repo) && score > -1 { scannedRepos[repo.Repo] = true for _, match := range Dig(repo) { @@ -116,6 +120,11 @@ func ScanAndPrintResult(client *http.Client, repo RepoSearchResult) { } } } + if GetFlags().Debug { + fmt.Println("Finished scanning " + repo.Repo + "...") + } + + SearchWaitGroup.Done() } // MatchKeywords takes a string and checks if it contains sensitive information using pattern matching. @@ -255,23 +264,26 @@ func GetResultLink(result RepoSearchResult, match Match) string { // GetMatchesForString runs pattern matching and scoring checks on the given string // and returns the matches. -func GetMatchesForString(source string, result RepoSearchResult) (matches []Match, score int) { +func GetMatchesForString(source string, result RepoSearchResult, recursion bool) (matches []Match, score int) { // Undecode any base64 and run again base64Regex := "\\b[a-zA-Z0-9/+]*={0,2}\\b" regex := regexp.MustCompile(base64Regex) base64_score := 0 - base64Strings := regex.FindAllStringIndex(source, -1) - for _, indices := range base64Strings { - match := source[indices[0]:indices[1]] - decodedBytes, err := base64.StdEncoding.DecodeString(match) - if err == nil && utf8.Valid(decodedBytes) { - decodedStr := string(decodedBytes) - new_source := source[:indices[0]] + decodedStr + source[indices[1]:] - decodedMatches, new_score := GetMatchesForString(new_source, result) - base64_score = new_score - matches = append(matches, decodedMatches...) + var base64Strings [][]int + if recursion { + base64Strings = regex.FindAllStringIndex(source, -1) + for _, indices := range base64Strings { + match := source[indices[0]:indices[1]] + decodedBytes, err := base64.StdEncoding.DecodeString(match) + if err == nil && utf8.Valid(decodedBytes) { + decodedStr := string(decodedBytes) + new_source := source[:indices[0]] + decodedStr + source[indices[1]:] + decodedMatches, new_score := GetMatchesForString(new_source, result, false) + base64_score = new_score + matches = append(matches, decodedMatches...) + } } } diff --git a/internal/app/search_api.go b/internal/app/search_api.go new file mode 100644 index 0000000..933e7a6 --- /dev/null +++ b/internal/app/search_api.go @@ -0,0 +1,114 @@ +package app + +import ( + "context" + "fmt" + "math" + "net/http" + "os" + "regexp" + "strconv" + "time" + + "github.com/fatih/color" + "github.com/google/go-github/v57/github" + "github.com/spf13/viper" +) + +func SearchWithAPI(queries []string) { + token := viper.GetString("github_access_token") + client := github.NewClient(nil).WithAuthToken(token) + if client == nil { + color.Red("[!] Unable to authenticate with GitHub API. Please check that your GitHub personal access token is correct.") + os.Exit(1) + } + if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { + color.Cyan("[*] Logged into GitHub using API key") + } + + options := github.SearchOptions{ + Sort: "indexed", + ListOptions: github.ListOptions{ + PerPage: 100, + }, + } + + // TODO: need to add coding language flag support + + http_client := http.Client{} + rt := WithHeader(http_client.Transport) + rt.Set("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36") + http_client.Transport = rt + + backoff := 1.0 + for _, query := range queries { + for page := 0; page <= int(math.Min(10, float64(GetFlags().Pages))); page++ { + options.Page = page + result, _, err := client.Search.Code(context.Background(), query, &options) + if err != nil { + color.Red("Error searching GitHub: " + err.Error()) + time.Sleep(5 * time.Second) + backoff = backoff * 1.5 + continue + } + backoff = math.Sqrt(backoff) + backoff = math.Max(1, backoff) + if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { + fmt.Println("Found " + strconv.Itoa(result.GetTotal()) + " matching repos...") + } + for _, code_result := range result.CodeResults { + // fmt.Println(*code_result.GetRepository()) + author_repo_str := code_result.GetRepository().GetOwner().GetLogin() + "/" + code_result.GetRepository().GetName() + // fmt.Println(code_result.GetPath()) + + re := regexp.MustCompile(`\/([a-f0-9]{40})\/`) + matches := re.FindStringSubmatch(code_result.GetHTMLURL()) + + sha := "" + if len(matches) > 1 { + sha = matches[1] + } + + // fmt.Println(code_result.GetSHA()) + // fmt.Println(1) + SearchWaitGroup.Add(1) + go ScanAndPrintResult(&http_client, RepoSearchResult{ + Repo: author_repo_str, + File: code_result.GetPath(), + Raw: author_repo_str + "/" + sha + "/" + code_result.GetPath(), + Source: "repo", + Query: query, + URL: "/~https://github.com/" + author_repo_str + "/blob/" + sha + "/" + code_result.GetPath(), + }) + + // break + } + } + + if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { + color.Green("Finished searching... Now waiting for scanning to finish.") + } + + SearchWaitGroup.Wait() + if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { + color.Green("Finished scanning.") + } + } + +} + +// // SearchGitHubRepositories searches GitHub repositories based on the provided query +// func SearchGitHubRepositories(query string) ([]*github.Repository, error) { +// client := GitHubAPIClient() + +// opt := &github.SearchOptions{ +// ListOptions: github.ListOptions{PerPage: 10}, +// } + +// result, _, err := client.Search.Repositories(context.Background(), query, opt) +// if err != nil { +// return nil, err +// } + +// return result.Repositories, nil +// } diff --git a/internal/app/search.go b/internal/app/search_ui.go similarity index 89% rename from internal/app/search.go rename to internal/app/search_ui.go index a2e86fd..2b3b45c 100644 --- a/internal/app/search.go +++ b/internal/app/search_ui.go @@ -6,6 +6,7 @@ import ( "io/ioutil" "log" "net/http" + "os" "regexp" "strconv" "strings" @@ -13,6 +14,7 @@ import ( "time" "github.com/fatih/color" + "github.com/spf13/viper" ) // RepoSearchResult represents a result in GitHub/Gist code search. @@ -43,6 +45,43 @@ type NewSearchPayload struct { var SearchWaitGroup sync.WaitGroup +func SearchWithUI(queries []string) { + client, err := LoginToGitHub(GitHubCredentials{ + Username: viper.GetString("github_username"), + Password: viper.GetString("github_password"), + OTP: viper.GetString("github_totp_seed"), + }) + + if err != nil { + fmt.Println(err) + color.Red("[!] Unable to login to GitHub. Please check your username/password credentials.") + os.Exit(1) + } + if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { + color.Cyan("[*] Logged into GitHub as " + viper.GetString("github_username")) + } + for _, query := range queries { + _, err = Search(query, client) + if err != nil { + color.Red("[!] Unable to collect search results for query '" + query + "'.") + break + } + } + // size, err := app.DirSize("/tmp/githound") + // if err == nil && size > 50e+6 { + // app.ClearRepoStorage() + // } + if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { + color.Green("Finished searching... Now waiting for scanning to finish.") + } + + SearchWaitGroup.Wait() + if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { + color.Green("Finished scanning.") + } + +} + // Search Everything func Search(query string, client *http.Client) (results []RepoSearchResult, err error) { From f50c445d649615517ea296af60cdf0df20c247cf Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Thu, 21 Dec 2023 22:54:16 -0500 Subject: [PATCH 05/14] remove language config option --- cmd/root.go | 1 - internal/app/options.go | 1 - 2 files changed, 2 deletions(-) diff --git a/cmd/root.go b/cmd/root.go index b4e4979..75c207c 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -24,7 +24,6 @@ func InitializeFlags() { rootCmd.PersistentFlags().BoolVar(&app.GetFlags().DigRepo, "dig-files", false, "Dig through the repo's files to find more secrets (CPU intensive).") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().DigCommits, "dig-commits", false, "Dig through commit history to find more secrets (CPU intensive).") rootCmd.PersistentFlags().StringVar(&app.GetFlags().RegexFile, "regex-file", "rules.toml", "Path to a list of regexes.") - rootCmd.PersistentFlags().StringVar(&app.GetFlags().LanguageFile, "language-file", "", "Supply your own list of languages to search (java, python).") rootCmd.PersistentFlags().StringVar(&app.GetFlags().ConfigFile, "config-file", "", "Supply the path to a config file.") rootCmd.PersistentFlags().IntVar(&app.GetFlags().Pages, "pages", 100, "Maximum pages to search per query") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().GithubRepo, "github-repo", false, "Search in a specific Github Repo only.") diff --git a/internal/app/options.go b/internal/app/options.go index f087372..c4874e4 100644 --- a/internal/app/options.go +++ b/internal/app/options.go @@ -7,7 +7,6 @@ type Flags struct { DigRepo bool DigCommits bool RegexFile string - LanguageFile string ConfigFile string Pages int GithubRepo bool From 4b410751230fee4c8954d27db58e45652762bf5b Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Thu, 21 Dec 2023 22:55:54 -0500 Subject: [PATCH 06/14] remove now-removed legacy search mode --- cmd/root.go | 1 - internal/app/github.go | 8 +------- internal/app/options.go | 1 - 3 files changed, 1 insertion(+), 9 deletions(-) diff --git a/cmd/root.go b/cmd/root.go index 75c207c..4593210 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -30,7 +30,6 @@ func InitializeFlags() { rootCmd.PersistentFlags().BoolVar(&app.GetFlags().ResultsOnly, "results-only", false, "Only print match strings.") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().NoAPIKeys, "no-api-keys", false, "Don't search for generic API keys.") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().NoScoring, "no-scoring", false, "Don't use scoring to filter out false positives.") - rootCmd.PersistentFlags().BoolVar(&app.GetFlags().LegacySearch, "legacy", false, "Use the legacy search method.") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().NoFiles, "no-files", false, "Don't search for interesting files.") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().NoKeywords, "no-keywords", false, "Don't search for built-in keywords") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().ManyResults, "many-results", false, "Search >100 pages with filtering hack") diff --git a/internal/app/github.go b/internal/app/github.go index 84ef175..3d1dd10 100644 --- a/internal/app/github.go +++ b/internal/app/github.go @@ -28,7 +28,6 @@ type GitHubCredentials struct { // SearchOptions are the options that the GitHub search will use. type SearchOptions struct { MaxPages int - Language string github.SearchOptions } @@ -202,12 +201,7 @@ func ConstructSearchURL(base string, query string, options SearchOptions) string sb.WriteString("&p=" + strconv.Itoa(options.Page)) // sb.WriteString("&o=desc") // + options.Order) sb.WriteString("&s=indexed") // + options.Sort) - sb.WriteString("&l=" + options.Language) - if GetFlags().LegacySearch { - sb.WriteString("&type=codelegacy") - } else { - sb.WriteString("&type=code") - } + sb.WriteString("&type=code") return sb.String() } diff --git a/internal/app/options.go b/internal/app/options.go index c4874e4..bdfa805 100644 --- a/internal/app/options.go +++ b/internal/app/options.go @@ -20,7 +20,6 @@ type Flags struct { FastMode bool Threads int Debug bool - LegacySearch bool NoGists bool NoRepos bool ManyResults bool From 5ff933ede1e64e0eb76066cd29b522d2f71500b0 Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Fri, 22 Dec 2023 01:39:31 -0500 Subject: [PATCH 07/14] fix error with api backoff --- internal/app/search_api.go | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/internal/app/search_api.go b/internal/app/search_api.go index 933e7a6..ba7d115 100644 --- a/internal/app/search_api.go +++ b/internal/app/search_api.go @@ -45,13 +45,14 @@ func SearchWithAPI(queries []string) { for page := 0; page <= int(math.Min(10, float64(GetFlags().Pages))); page++ { options.Page = page result, _, err := client.Search.Code(context.Background(), query, &options) - if err != nil { - color.Red("Error searching GitHub: " + err.Error()) + for err != nil { + // color.Red("Error searching GitHub: " + err.Error()) time.Sleep(5 * time.Second) backoff = backoff * 1.5 - continue + result, _, err = client.Search.Code(context.Background(), query, &options) } - backoff = math.Sqrt(backoff) + + backoff = backoff / 1.5 backoff = math.Max(1, backoff) if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { fmt.Println("Found " + strconv.Itoa(result.GetTotal()) + " matching repos...") From a10a4ab942b64511c30a72949fc51e640d29a9d9 Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Mon, 1 Jan 2024 22:15:32 -0500 Subject: [PATCH 08/14] regex fixes --- cmd/root.go | 56 +++++++++++++++++++++- internal/app/dig.go | 2 +- internal/app/keyword_scan.go | 87 +++++++++++++++++++++++------------ internal/app/options.go | 2 +- internal/app/regex_decoder.go | 48 ++++++++++++------- internal/app/search_api.go | 4 +- internal/app/search_ui.go | 54 +++++++++------------- tests/search_test.go | 21 ++++++++- 8 files changed, 187 insertions(+), 87 deletions(-) diff --git a/cmd/root.go b/cmd/root.go index 4593210..37e370d 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -3,17 +3,21 @@ package cmd import ( "bufio" "fmt" + "io/ioutil" "os" + "path/filepath" - "github.com/BurntSushi/toml" "github.com/fatih/color" "github.com/spf13/viper" "golang.org/x/crypto/ssh/terminal" + "gopkg.in/yaml.v2" "strings" "github.com/spf13/cobra" "github.com/tillson/git-hound/internal/app" + + _ "net/http/pprof" ) // InitializeFlags initializes GitHound's command line flags. @@ -83,7 +87,28 @@ var rootCmd = &cobra.Command{ return } - toml.DecodeFile(app.GetFlags().RegexFile, &app.GetFlags().TextRegexes) + var allRules []app.Rule + if fileInfo, err := os.Stat(app.GetFlags().RegexFile); err == nil && fileInfo.IsDir() { + files, err := ioutil.ReadDir(app.GetFlags().RegexFile) + if err != nil { + fmt.Println(err) + os.Exit(1) + } + for _, file := range files { + if filepath.Ext(file.Name()) == ".yml" || filepath.Ext(file.Name()) == ".yaml" { + filePath := filepath.Join(app.GetFlags().RegexFile, file.Name()) + rules := LoadRegexFile(filePath) + allRules = append(allRules, rules...) + } + } + app.GetFlags().TextRegexes = append(app.GetFlags().TextRegexes, allRules...) + } else { + rules := LoadRegexFile(app.GetFlags().RegexFile) + allRules = append(allRules, rules...) + } + app.GetFlags().TextRegexes = allRules + + // fmt.Println(app.GetFlags().TextRegexes) if app.GetFlags().SearchType == "ui" && viper.GetString("github_username") == "" { color.Red("[!] GitHound run in UI mode but github_username not specified in config.yml. Update config.yml or run in API mode (flag: `--search-type api`)") @@ -96,12 +121,39 @@ var rootCmd = &cobra.Command{ if app.GetFlags().SearchType == "ui" { app.SearchWithUI(queries) } else { + fmt.Println(1) app.SearchWithAPI(queries) } }, } +func LoadRegexFile(path string) []app.Rule { + file, err := os.OpenFile(path, os.O_RDONLY, 0600) + if err != nil { + fmt.Errorf("Error opening file %v: %v", app.GetFlags().RegexFile, err) + os.Exit(1) + } + defer file.Close() + + if err != nil { + fmt.Errorf("Error opening file %v: %v", app.GetFlags().RegexFile, err) + os.Exit(1) + } + + dec := yaml.NewDecoder(file) + rule_config := app.RuleConfig{} + err = dec.Decode(&rule_config) + if err != nil { + fmt.Println(err) + // fmt.Errorf("Error loading config file %v: %v", app.GetFlags().RegexFile, err) + os.Exit(1) + } + fmt.Println(2) + return rule_config.Rules + +} + func getScanner(args []string) *bufio.Scanner { if len(args) == 2 { if args[0] == "searchKeyword" { diff --git a/internal/app/dig.go b/internal/app/dig.go index fdf3114..7cea18b 100644 --- a/internal/app/dig.go +++ b/internal/app/dig.go @@ -135,7 +135,7 @@ func digHelper(result RepoSearchResult) (matches []Match) { searchMatches, searchScore := GetMatchesForString(string(ascii), result, true) score += searchScore // fmt.Println(searchMatches) - if searchScore > 1 { + if searchScore > -1 { // fmt.Println(searchMatches) for _, newMatch := range searchMatches { newMatches = append(newMatches, newMatch) diff --git a/internal/app/keyword_scan.go b/internal/app/keyword_scan.go index 8bd9381..9e14437 100644 --- a/internal/app/keyword_scan.go +++ b/internal/app/keyword_scan.go @@ -1,6 +1,7 @@ package app import ( + "context" "encoding/base64" "encoding/json" "fmt" @@ -12,6 +13,8 @@ import ( "unicode/utf8" "github.com/fatih/color" + "github.com/google/go-github/v57/github" + "github.com/spf13/viper" ) // ResultScan is the final scan result. @@ -79,21 +82,38 @@ func ScanAndPrintResult(client *http.Client, repo RepoSearchResult) { } } else { matches, score := GetMatchesForString(repo.Contents, repo, true) - if repo.Source == "repo" && (GetFlags().DigCommits || GetFlags().DigRepo) && RepoIsUnpopular(client, repo) && score > -1 { + if (GetFlags().DigCommits || GetFlags().DigRepo) && RepoIsUnpopular(client, repo) && score > -1 { scannedRepos[repo.Repo] = true - for _, match := range Dig(repo) { - matches = append(matches, match) - } + matches = append(matches, Dig(repo)...) } if len(matches) > 0 { + // fmt.Println((repo.Raw), "score:", score) + + token := viper.GetString("github_access_token") + client := github.NewClient(nil).WithAuthToken(token) + if client != nil { + // gh_repo_obj, _, err := client.Repositories.Get(strings.Split(repo.Repo, "/")[0], strings.Split(repo.Repo, "/")[1]) + // get repo's commits + commits, _, err := client.Repositories.ListCommits(context.Background(), strings.Split(repo.Repo, "/")[0], strings.Split(repo.Repo, "/")[1], &github.CommitsListOptions{ + Path: repo.File, + }) + if err != nil { + fmt.Println(err) + repo.SourceFileLastUpdated = "" + } else { + repo.SourceFileLastUpdated = commits[0].Commit.Author.Date.String() + repo.SourceFileLastAuthorEmail = *commits[0].Commit.Author.Email + } + } + resultRepoURL := GetRepoURLForSearchResult(repo) if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { color.Green("[" + resultRepoURL + "]") } for _, result := range matches { if slice_contains(result.Attributes, "api_key") { - if apiKeyMap[result.Text] == true { + if apiKeyMap[result.Text] { continue } apiKeyMap[result.Text] = true @@ -103,11 +123,13 @@ func ScanAndPrintResult(client *http.Client, repo RepoSearchResult) { } else { if GetFlags().JsonOutput { a, _ := json.Marshal(map[string]interface{}{ - "repo": resultRepoURL, - "context": result.Line.Text, - "match": result.Line.Text[result.Line.MatchIndex:result.Line.MatchEndIndex], - "attributes": result.Attributes, - "url": GetResultLink(repo, result), + "repo": resultRepoURL, + "context": result.Line.Text, + "match": result.Line.Text[result.Line.MatchIndex:result.Line.MatchEndIndex], + "attributes": result.Attributes, + "file_last_updated": repo.SourceFileLastUpdated, + "file_last_author": repo.SourceFileLastAuthorEmail, + "url": GetResultLink(repo, result), }) fmt.Println(string(a)) } else { @@ -132,12 +154,16 @@ func MatchKeywords(source string) (matches []Match) { if GetFlags().NoKeywords || source == "" { return matches } - + // fmt.Println(len(source)) // Loop over regexes from database - for _, regex := range GetFlags().TextRegexes.Rules { - regexp := regex.Regex.RegExp - matchStrings := regexp.FindAllString(source, -1) - // fmt.Println(matchStrings) + for _, regex := range GetFlags().TextRegexes { + pcreRegex := regex.Pattern.RegExp + + var matchStrings []string + matched := pcreRegex.FindAllIndex([]byte(source), 0) + for _, match := range matched { + matchStrings = append(matchStrings, source[match[0]:match[1]]) + } for _, match := range matchStrings { shouldMatch := !regex.SmartFiltering if regex.SmartFiltering { @@ -147,9 +173,9 @@ func MatchKeywords(source string) (matches []Match) { } if shouldMatch { matches = append(matches, Match{ - Attributes: []string{regex.Name}, - Text: string(match), - Expression: regexp.String(), + Attributes: []string{regex.ID}, + Text: match, + Expression: "", // Or a method to get the string representation of the pattern Line: GetLine(source, match), }) } @@ -269,9 +295,10 @@ func GetMatchesForString(source string, result RepoSearchResult, recursion bool) // Undecode any base64 and run again base64Regex := "\\b[a-zA-Z0-9/+]*={0,2}\\b" regex := regexp.MustCompile(base64Regex) - + // fmt.Println(result) base64_score := 0 var base64Strings [][]int + // fmt.Println("RECURSION", recursion) if recursion { base64Strings = regex.FindAllStringIndex(source, -1) for _, indices := range base64Strings { @@ -281,7 +308,7 @@ func GetMatchesForString(source string, result RepoSearchResult, recursion bool) decodedStr := string(decodedBytes) new_source := source[:indices[0]] + decodedStr + source[indices[1]:] decodedMatches, new_score := GetMatchesForString(new_source, result, false) - base64_score = new_score + base64_score += new_score matches = append(matches, decodedMatches...) } } @@ -321,23 +348,23 @@ func GetMatchesForString(source string, result RepoSearchResult, recursion bool) score += 3 } } - regex := regexp.MustCompile("(alexa|urls|adblock|domain|dns|top1000|top\\-1000|httparchive" + - "|blacklist|hosts|ads|whitelist|crunchbase|tweets|tld|hosts\\.txt" + - "|host\\.txt|aquatone|recon\\-ng|hackerone|bugcrowd|xtreme|list|tracking|malicious|ipv(4|6)|host\\.txt)") - fileNameMatches := regex.FindAllString(result.File, -1) - CheckErr(err) - if len(fileNameMatches) > 0 { - score -= int(math.Pow(2, float64(len(fileNameMatches)))) - } + // regex := regexp.MustCompile("(alexa|urls|adblock|domain|dns|top1000|top\\-1000|httparchive" + + // "|blacklist|hosts|ads|whitelist|crunchbase|tweets|tld|hosts\\.txt" + + // "|host\\.txt|aquatone|recon\\-ng|hackerone|bugcrowd|xtreme|list|tracking|malicious|ipv(4|6)|host\\.txt)") + // fileNameMatches := regex.FindAllString(result.File, -1) + // CheckErr(err) + // if len(fileNameMatches) > 0 { + // score -= int(math.Pow(2, float64(len(fileNameMatches)))) + // } if score <= 0 && !GetFlags().NoScoring { matches = nil } } if GetFlags().NoScoring { - score = 10 + score = 1000 } - score = score + (base64_score - len(base64Strings)*score) + // score = score // + (base64_score - len(base64Strings)*score) return matches, score } diff --git a/internal/app/options.go b/internal/app/options.go index bdfa805..af9f3c2 100644 --- a/internal/app/options.go +++ b/internal/app/options.go @@ -26,7 +26,7 @@ type Flags struct { JsonOutput bool SearchType string OTPCode string - TextRegexes config + TextRegexes []Rule } var flags Flags diff --git a/internal/app/regex_decoder.go b/internal/app/regex_decoder.go index 5d81be3..23ef7a8 100644 --- a/internal/app/regex_decoder.go +++ b/internal/app/regex_decoder.go @@ -1,26 +1,40 @@ package app import ( - "regexp" + "fmt" + + "github.com/GRbit/go-pcre" ) -type ( - config struct { - Rules []regexrule - } - regexrule struct { - Regex regexwrapper - Name string `toml:"description"` - SmartFiltering bool `toml:"smart_filtering"` +type RuleConfig struct { + Rules []Rule `yaml:"rules"` +} + +type Rule struct { + ID string `yaml:"id"` + Pattern regexwrapper `yaml:"pattern"` + Description string `yaml:"name"` + SmartFiltering bool `yaml:"smart_filtering"` +} + +type regexwrapper struct { + RegExp pcre.Regexp +} + +func (r *regexwrapper) UnmarshalYAML(unmarshal func(interface{}) error) error { + var patternText string + // First, unmarshal the text as a string + if err := unmarshal(&patternText); err != nil { + return fmt.Errorf("failed to unmarshal pattern text: %w", err) } - regexwrapper struct { - RegExp *regexp.Regexp + + // Compile the regular expression + compiledRegex, err := pcre.Compile(patternText, 0) + if err != nil { + return fmt.Errorf("failed to compile regex '%s': %w", patternText, err) } -) -func (r *regexwrapper) UnmarshalText(text []byte) error { - var err error - r.RegExp, err = regexp.Compile(string(text)) - // r.Regex, err = mail.ParseAddress(string(text)) - return err + // Assign the compiled regex to the RegExp field + r.RegExp = compiledRegex + return nil } diff --git a/internal/app/search_api.go b/internal/app/search_api.go index ba7d115..a43a579 100644 --- a/internal/app/search_api.go +++ b/internal/app/search_api.go @@ -42,7 +42,7 @@ func SearchWithAPI(queries []string) { backoff := 1.0 for _, query := range queries { - for page := 0; page <= int(math.Min(10, float64(GetFlags().Pages))); page++ { + for page := 0; page < int(math.Min(10, float64(GetFlags().Pages))); page++ { options.Page = page result, _, err := client.Search.Code(context.Background(), query, &options) for err != nil { @@ -55,7 +55,7 @@ func SearchWithAPI(queries []string) { backoff = backoff / 1.5 backoff = math.Max(1, backoff) if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { - fmt.Println("Found " + strconv.Itoa(result.GetTotal()) + " matching repos...") + fmt.Println("Found " + strconv.Itoa(result.GetTotal()) + " matching repos on page " + strconv.Itoa(page) + "...") } for _, code_result := range result.CodeResults { // fmt.Println(*code_result.GetRepository()) diff --git a/internal/app/search_ui.go b/internal/app/search_ui.go index 2b3b45c..7090946 100644 --- a/internal/app/search_ui.go +++ b/internal/app/search_ui.go @@ -19,14 +19,16 @@ import ( // RepoSearchResult represents a result in GitHub/Gist code search. type RepoSearchResult struct { - Repo string - File string - Raw string - Source string - Contents string - Query string - URL string - searchOptions *SearchOptions + Repo string + File string + Raw string + Source string + Contents string + Query string + URL string + SourceFileLastUpdated string + SourceFileLastAuthorEmail string + searchOptions *SearchOptions } type NewSearchPayload struct { @@ -85,11 +87,6 @@ func SearchWithUI(queries []string) { // Search Everything func Search(query string, client *http.Client) (results []RepoSearchResult, err error) { - var languages []string - if GetFlags().LanguageFile != "" { - languages = GetFileLines(GetFlags().LanguageFile) - } - options := SearchOptions{ MaxPages: 100, } @@ -98,15 +95,6 @@ func Search(query string, client *http.Client) (results []RepoSearchResult, err // Rich GitHub search if !GetFlags().NoRepos { - if len(languages) > 0 { - for _, language := range languages { - options.Language = language - err = SearchGitHub(query, options, client, &results, resultMap) - if err != nil { - color.Red("[!] Error searching GitHub for `" + query + "`") - } - } - } if !GetFlags().OnlyFiltered { err = SearchGitHub(query, options, client, &results, resultMap) if err != nil { @@ -118,15 +106,15 @@ func Search(query string, client *http.Client) (results []RepoSearchResult, err // Gist search if !GetFlags().NoGists { resultMap = make(map[string]bool) - if len(languages) > 0 { - for _, language := range languages { - options.Language = language - err = SearchGist(query, options, client, &results, resultMap) - if err != nil { - color.Red("[!] Error searching Gist for `" + query + "`") - } - } - } + // if len(languages) > 0 { + // for _, language := range languages { + // options.Language = language + // err = SearchGist(query, options, client, &results, resultMap) + // if err != nil { + // color.Red("[!] Error searching Gist for `" + query + "`") + // } + // } + // } if !GetFlags().OnlyFiltered { err = SearchGist(query, options, client, &results, resultMap) if err != nil { @@ -157,7 +145,7 @@ func SearchGitHub(query string, options SearchOptions, client *http.Client, resu } for page < pages { str := ConstructSearchURL(base, query, options) - fmt.Println(str) + // fmt.Println(str) // fmt.Println(str) response, err := client.Get(str) // fmt.Println(response.StatusCode) @@ -339,7 +327,7 @@ func SearchGist(query string, options SearchOptions, client *http.Client, result } } else { if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { - color.Cyan("[*] Searching " + strconv.Itoa(pages) + " pages of results for '" + query + "'...") + color.Cyan("[*] Searching " + strconv.Itoa(pages) + " pages of Gist results for '" + query + "'...") } } } else { diff --git a/tests/search_test.go b/tests/search_test.go index 5005f8f..a570cb3 100644 --- a/tests/search_test.go +++ b/tests/search_test.go @@ -3,16 +3,35 @@ package tests import ( "testing" + "github.com/GRbit/go-pcre" "github.com/tillson/git-hound/internal/app" ) func TestMatchKeywords(t *testing.T) { - matches := app.MatchKeywords("config.yml: db_password=thisisabadpassword") + matches := app.MatchKeywords("odt_KTJlDq2AGGGlqG4riKdT7p980AW8RlU5") if len(matches) < 1 { t.Errorf("Keyword was not found in string.") } } +func TestPCRERegex(t *testing.T) { + regex := `odt_[A-Za-z0-9]{32}` + str := "odt_KTJlDq2AGGGlqG4riKdT7p980AW8RlU5odt_KTJlDq2AGGGlqG4riKdT7p980AW8RlU5odt_KTJlDq2AGGGlqG4riKdT7p980AW8RlU5" + + re, err := pcre.Compile(regex, 0) + if err != nil { + t.Fatalf("Failed to compile regex: %s", err) + } + + matched := re.FindAllIndex([]byte(str), 0) + for _, match := range matched { + t.Logf("Matched: %s", str[match[0]:match[1]]) + } + if len(matched) != 3 { + t.Errorf("Regex did not match string.") + } +} + func TestBase64EncodedKeyword(t *testing.T) { matches := app.MatchKeywords("This is a test. This is a test") if len(matches) < 1 { From 25ef8a7a98e184b49af0f0f477f5b8c819c5126e Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Thu, 25 Jan 2024 23:54:56 -0500 Subject: [PATCH 09/14] add some rules --- cmd/root.go | 4 +- rules/rules/adobe.yml | 23 +++ rules/rules/age.yml | 30 +++ rules/rules/artifactory.yml | 15 ++ rules/rules/aws.yml | 312 +++++++++++++++++++++++++++++++ rules/rules/azure.yml | 77 ++++++++ rules/rules/codeclimate.yml | 39 ++++ rules/rules/crates.io.yml | 14 ++ rules/rules/dependency_track.yml | 28 +++ rules/rules/digitalocean.yml | 48 +++++ rules/rules/dockerconfig.yml | 4 + rules/rules/dockerhub.yml | 18 ++ rules/rules/doppler.yml | 97 ++++++++++ rules/rules/dropbox.yml | 20 ++ rules/rules/dynatrace.yml | 24 +++ rules/rules/facebook.yml | 38 ++++ rules/rules/figma.yml | 26 +++ rules/rules/generic.yml | 253 +++++++++++++++++++++++++ rules/rules/github.yml | 120 ++++++++++++ rules/rules/gitlab.yml | 55 ++++++ rules/rules/google.yml | 124 ++++++++++++ rules/rules/gradle.yml | 36 ++++ rules/rules/grafana.yml | 64 +++++++ rules/rules/hashes.yml | 96 ++++++++++ rules/rules/heroku.yml | 14 ++ rules/rules/huggingface.yml | 12 ++ rules/rules/jenkins.yml | 26 +++ rules/rules/jwt.yml | 30 +++ rules/rules/linkedin.yml | 46 +++++ rules/rules/mailchimp.yml | 18 ++ rules/rules/mailgun.yml | 12 ++ rules/rules/mapbox.yml | 55 ++++++ rules/rules/microsoft_teams.yml | 32 ++++ rules/rules/netrc.yml | 32 ++++ rules/rules/newrelic.yml | 184 ++++++++++++++++++ rules/rules/npm.yml | 23 +++ rules/rules/nuget.yml | 13 ++ rules/rules/odbc.yml | 69 +++++++ rules/rules/okta.yml | 32 ++++ rules/rules/openai.yml | 18 ++ rules/rules/pem.yml | 63 +++++++ rules/rules/postman.yml | 18 ++ rules/rules/psexec.yml | 29 +++ rules/rules/pypi.yml | 32 ++++ rules/rules/react.yml | 72 +++++++ rules/rules/rubygems.yml | 19 ++ rules/rules/salesforce.yml | 30 +++ rules/rules/sauce.yml | 14 ++ rules/rules/segment.yml | 17 ++ rules/rules/sendgrid.yml | 13 ++ rules/rules/shopify.yml | 79 ++++++++ rules/rules/slack.yml | 111 +++++++++++ rules/rules/sonarqube.yml | 22 +++ rules/rules/square.yml | 26 +++ rules/rules/stackhawk.yml | 12 ++ rules/rules/stripe.yml | 27 +++ rules/rules/telegram.yml | 18 ++ rules/rules/truenas.yml | 53 ++++++ rules/rules/twilio.yml | 21 +++ rules/rules/twitter.yml | 53 ++++++ rules/rules/wireguard.yml | 39 ++++ 61 files changed, 2947 insertions(+), 2 deletions(-) create mode 100644 rules/rules/adobe.yml create mode 100644 rules/rules/age.yml create mode 100644 rules/rules/artifactory.yml create mode 100644 rules/rules/aws.yml create mode 100644 rules/rules/azure.yml create mode 100644 rules/rules/codeclimate.yml create mode 100644 rules/rules/crates.io.yml create mode 100644 rules/rules/dependency_track.yml create mode 100644 rules/rules/digitalocean.yml create mode 100644 rules/rules/dockerconfig.yml create mode 100644 rules/rules/dockerhub.yml create mode 100644 rules/rules/doppler.yml create mode 100644 rules/rules/dropbox.yml create mode 100644 rules/rules/dynatrace.yml create mode 100644 rules/rules/facebook.yml create mode 100644 rules/rules/figma.yml create mode 100644 rules/rules/generic.yml create mode 100644 rules/rules/github.yml create mode 100644 rules/rules/gitlab.yml create mode 100644 rules/rules/google.yml create mode 100644 rules/rules/gradle.yml create mode 100644 rules/rules/grafana.yml create mode 100644 rules/rules/hashes.yml create mode 100644 rules/rules/heroku.yml create mode 100644 rules/rules/huggingface.yml create mode 100644 rules/rules/jenkins.yml create mode 100644 rules/rules/jwt.yml create mode 100644 rules/rules/linkedin.yml create mode 100644 rules/rules/mailchimp.yml create mode 100644 rules/rules/mailgun.yml create mode 100644 rules/rules/mapbox.yml create mode 100644 rules/rules/microsoft_teams.yml create mode 100644 rules/rules/netrc.yml create mode 100644 rules/rules/newrelic.yml create mode 100644 rules/rules/npm.yml create mode 100644 rules/rules/nuget.yml create mode 100644 rules/rules/odbc.yml create mode 100644 rules/rules/okta.yml create mode 100644 rules/rules/openai.yml create mode 100644 rules/rules/pem.yml create mode 100644 rules/rules/postman.yml create mode 100644 rules/rules/psexec.yml create mode 100644 rules/rules/pypi.yml create mode 100644 rules/rules/react.yml create mode 100644 rules/rules/rubygems.yml create mode 100644 rules/rules/salesforce.yml create mode 100644 rules/rules/sauce.yml create mode 100644 rules/rules/segment.yml create mode 100644 rules/rules/sendgrid.yml create mode 100644 rules/rules/shopify.yml create mode 100644 rules/rules/slack.yml create mode 100644 rules/rules/sonarqube.yml create mode 100644 rules/rules/square.yml create mode 100644 rules/rules/stackhawk.yml create mode 100644 rules/rules/stripe.yml create mode 100644 rules/rules/telegram.yml create mode 100644 rules/rules/truenas.yml create mode 100644 rules/rules/twilio.yml create mode 100644 rules/rules/twitter.yml create mode 100644 rules/rules/wireguard.yml diff --git a/cmd/root.go b/cmd/root.go index 37e370d..6d6a1e5 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -121,7 +121,7 @@ var rootCmd = &cobra.Command{ if app.GetFlags().SearchType == "ui" { app.SearchWithUI(queries) } else { - fmt.Println(1) + // fmt.Println(1) app.SearchWithAPI(queries) } @@ -149,7 +149,7 @@ func LoadRegexFile(path string) []app.Rule { // fmt.Errorf("Error loading config file %v: %v", app.GetFlags().RegexFile, err) os.Exit(1) } - fmt.Println(2) + // fmt.Println(2) return rule_config.Rules } diff --git a/rules/rules/adobe.yml b/rules/rules/adobe.yml new file mode 100644 index 0000000..207ba68 --- /dev/null +++ b/rules/rules/adobe.yml @@ -0,0 +1,23 @@ +rules: + +- name: Adobe OAuth Client Secret + id: np.adobe.1 + + pattern: | + (?x)(?i) + \b + (p8e-[a-z0-9-]{32}) + (?:[^a-z0-9-]|$) + + references: + - https://developer.adobe.com/developer-console/docs/guides/authentication/ + - https://developer.adobe.com/developer-console/docs/guides/authentication/OAuthIntegration/ + - https://developer.adobe.com/developer-console/docs/guides/authentication/OAuth/ + + examples: + - | + { + "client_credentials": { + "client_id": "a65b0146769d433a835f36660881db50", + "client_secret": "p8e-ibndcvsmAp9ZgPBZ606FSlYIZVlsZ-g5" + }, diff --git a/rules/rules/age.yml b/rules/rules/age.yml new file mode 100644 index 0000000..e7e296a --- /dev/null +++ b/rules/rules/age.yml @@ -0,0 +1,30 @@ +rules: + +- name: Age Recipient (X25519 public key) + id: np.age.1 + pattern: '\b(age1[0-9a-z]{58})\b' + + examples: + - 'age1zvkyg2lqzraa2lnjvqej32nkuu0ues2s82hzrye869xeexvn73equnujwj' + + references: + - https://age-encryption.org + - https://htmlpreview.github.io/?/~https://github.com/FiloSottile/age/blob/main/doc/age.1.html + - /~https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type + + +- name: Age Identity (X22519 secret key) + id: np.age.2 + pattern: '\b(AGE-SECRET-KEY-1[0-9A-Z]{58})\b' + + examples: + - | + # created: 2022-09-26T21:55:47-05:00 + # public key: age1epzmwwzw8n09slh0c7z1z52x43nnga7lkksx3qrh07tqz5v7lcys45428t + AGE-SECRET-KEY-1HJCRJVK7EE3A5N8CRP8YSEUGZKNW90Y5UR2RGYAS8L279LFP6LCQU5ADNR + - 'AGE-SECRET-KEY-1GFPYYSJZGFPYYSJZGFPYYSJZGFPYYSJZGFPYYSJZGFPYYSJZGFPQ4EGAEX' + + references: + - https://age-encryption.org + - https://htmlpreview.github.io/?/~https://github.com/FiloSottile/age/blob/main/doc/age.1.html + - /~https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type diff --git a/rules/rules/artifactory.yml b/rules/rules/artifactory.yml new file mode 100644 index 0000000..882d136 --- /dev/null +++ b/rules/rules/artifactory.yml @@ -0,0 +1,15 @@ +rules: + +- name: Artifactory API Key + id: np.artifactory.1 + # FIXME: all the real onces start with `AKC`? + pattern: '(?i)artifactory.{0,50}\b([a-z0-9]{73})\b' + + examples: + - | + export HOMEBREW_ARTIFACTORY_API_TOKEN=AKCp8igrDNFerC357m4422e4tmu7xB983QLPxJhKFcSMfoux2RFvp8rc4jC8t9ncdmYCMFD8W + export HOMEBREW_ARTIFACTORY_API_USER=kashorn + - 'jfrog rt dl --url=http://localhost:8071/artifactory --apikey=AKCp2WXX7SDvcsmny528sSDnaB3zACkNQoRcD8D1WmxhMV9gk6Wp8mVWC8bh38kJQbXagUT8Z generic-local/hello.txt' + + references: + - https://jfrog.com/help/r/jfrog-rest-apis/introduction-to-the-artifactory-rest-apis diff --git a/rules/rules/aws.yml b/rules/rules/aws.yml new file mode 100644 index 0000000..dc18750 --- /dev/null +++ b/rules/rules/aws.yml @@ -0,0 +1,312 @@ +rules: + +- name: AWS API Key + id: np.aws.1 + + pattern: '\b((?:A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16})\b' + + references: + - https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html + - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html + - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html + - https://docs.aws.amazon.com/accounts/latest/reference/credentials-access-keys-best-practices.html + + examples: + - 'A3T0ABCDEFGHIJKLMNOP' + - 'AKIADEADBEEFDEADBEEF' + + negative_examples: + - 'A3T0ABCDEFGHIJKLMNO' + - 'A3T0ABCDEFGHIjklmnop' + - '======================' + - '//////////////////////' + - '++++++++++++++++++++++' + + +- name: AWS Secret Access Key + id: np.aws.2 + + pattern: | + (?x)(?i) + \b + aws_? (?:secret)? _? (?:access)? _? (?:key)? + ["'']? + \s{0,30} + (?::|=>|=) + \s{0,30} + ["'']? + ([a-z0-9/+=]{40}) + \b + + references: + - https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html + - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html + - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html + - https://docs.aws.amazon.com/accounts/latest/reference/credentials-access-keys-best-practices.html + + examples: + - 'aws_secret_access_key:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' + - 'aws_secret_access_key => aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' + + negative_examples: + - 'export AWS_SECRET_ACCESS_KEY=ded7db27a4558e2ea9bbf0bf36ae0e8521618f366c' + - '"aws_secret_access_key" = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaend' + - '"aws_secret_access_key" = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaendbbbbbbb' + - '"aws_sEcReT_key" = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaend' + # FIXME: modify the pattern to detect cases like the following + - 'aws_secret_key: OOzkR1+hF+1ABCsIFDJMEUtqmtnZ1234567890' + - '======================' + - '//////////////////////' + - '++++++++++++++++++++++' + + +- name: AWS Account ID + id: np.aws.3 + + pattern: '(?i)aws_?(?:account)_?(?:id)?["''`]?\s{0,30}(?::|=>|=)\s{0,30}["''`]?([0-9]{4}-?[0-9]{4}-?[0-9]{4})' + + examples: + - | + KeyMetadata: { + AWSAccountId: "324320755747", + Arn: "arn:aws:kms:us-east-2:324320755747:key/54348bc1-6e3b-4cda-8b18-c6033ca7d328", + CreationDate: 2019-07-12 18:23:13 +0000 UTC, + Description: "", + Enabled: true, + KeyId: "54348bc1-6e3b-4cda-8b18-c6033ca7d328", + KeyManager: "CUSTOMER", + KeyState: "Enabled", + KeyUsage: "ENCRYPT_DECRYPT", + Origin: "AWS_KMS" + } + - | + 4. login into ecr + + ```bash + aws_region=eu-central-1 + aws_account_id=891511536143 + aws_profile=serverless-bert + + aws ecr get-login-password \ + --region $aws_region \ + --profile $aws_profile \ + | docker login \ + --username AWS \ + --password-stdin $aws_account_id.dkr.ecr.$aws_region.amazonaws.com + ``` + + negative_examples: + - '======================' + - '//////////////////////' + - '++++++++++++++++++++++' + + +- name: AWS Session Token + id: np.aws.4 + pattern: '(?i)(?:aws.?session|aws.?session.?token|aws.?token)["''`]?\s{0,30}(?::|=>|=)\s{0,30}["''`]?([a-z0-9/+=]{16,200})[^a-z0-9/+=]' + + negative_examples: + - '======================' + - '//////////////////////' + - '++++++++++++++++++++++' + + examples: + - | + export AWS_ACCESS_KEY_ID="I08BCX2ACV45ED1DOC9J" + export AWS_SECRET_ACCESS_KEY="0qk+o7XctJMmG6ydO8537c9+TofLJU1K0PiVBXSg" + export AWS_SESSION_TOKEN="eyJhbGciOiJIUzUxMi53InR5cCI6IkpXVCJ9.eyJhY2Nlc3NLZXkiOiJJMDhCQ1gySkpWNDVFRDFET0M5SiIsImFjciI6Ij53LCJhdWQiOiJhY2NvdW50IiwiYXV0aF90aW1lIjowLCJhenAiOiJtaW5pbyIsImVtYWlsIjoiYWlkYW4uY29wZUBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImV4cCI6MTU4MDUwMDIzOCwiZmFtaWx5X25hbWUiOiJDb3BlIiwiZ2l2ZW5fbmFtZSI6IkFpZGFuIENvcGUiLCJpYXQiOjE1ODA0OTk5MzgsImlzcyI6Imh0dHBzOi8vYXV0aHN0Zy5wb3BkYXRhLmJjLmNhL2F1dGgvcmVhbG1zL3NhbXBsZSIsImp0aSI6IjU5ZTM5ODAxLWQxMmUtNDVhYS04NmQzLWVhMmNmZDU0NmE2MiIsIm1pbmlvX3BvbGljeSI6ImRhdGFzZXRfMV9ybyIsIm5hbWUiOiJBaWRhbiBDb3BlIENvcGUiLCJuYmYiOjAsInByZWZlcnJlZF91c2VybmFtZSI6ImFjb3BlLTk5LXQwNSIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJwcm9maWxlIGVtYWlsIiwic2Vzc2lvbl9zdGF0ZSI6IjcxYjczZWJjLThlMzMtNGMyMi04NmE2LWI0MzhhNDM4ZmI2MiIsInN1YiI6IjVkOTBlOTgzLTA1NDItNDYyYS1hZWIwLWYxZWVmNjcwYzdlNSIsInR5cCI6IkJlYXJlciJ9.J-a9PORJToz7MUrnPQlOywcqtVMNkXy53Gedp_V4PW-Gbf1_BAMjwuw_X7fKRd6hkNfEn43CKKju7muzi_d1Ig" + + +# Note that this service is being deprecated on March 31, 2024 +- name: Amazon MWS Auth Token + id: np.aws.5 + pattern: '(?i)(amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})' + + examples: + - | + AWS Access Key:AKIAIDQJ6PTGDFFWYX7A + secret key:IwJz1SHMccAKUKuskdVoHFfkre73BTyF80nRmcWc + MWS Authorisation Token: amzn.mws.dab428a1-ed97-fd8d-e045-950d712f6f58 + + references: + - https://docs.developer.amazonservices.com/en_US/dev_guide/index.html + + +- name: AWS S3 Bucket (subdomain style) + id: np.s3.1 + + pattern: | + (?x) + (?: ^ | [\s/"'] | %2F ) + ( + (?: [a-zA-Z0-9_-]+ \. )+ (?# bucket name as subdomain ) + (?: s3 + | s3-af-south-1 + | s3-ap-east-1 + | s3-ap-northeast-1 + | s3-ap-northeast-2 + | s3-ap-northeast-3 + | s3-ap-south-1 + | s3-ap-south-2 + | s3-ap-southeast-1 + | s3-ap-southeast-2 + | s3-ap-southeast-3 + | s3-ap-southeast-4 + | s3-ca-central-1 + | s3-eu-central-1 + | s3-eu-central-2 + | s3-eu-north-1 + | s3-eu-south-1 + | s3-eu-south-2 + | s3-eu-west-1 + | s3-eu-west-2 + | s3-eu-west-3 + | s3-me-central-1 + | s3-me-south-1 + | s3-sa-east-1 + | s3-us-east-1 + | s3-us-east-2 + | s3-us-gov-east-1 + | s3-us-gov-west-1 + | s3-us-west-1 + | s3-us-west-2 + ) + \.amazonaws\.com + ) \b + + references: + - https://docs.aws.amazon.com/general/latest/gr/rande.html + + examples: + - 'example-bucket.s3.amazonaws.com' + - 'http://bucket.s3-us-east-2.amazonaws.com' + - 'http%2F%2Fsome-bucket.s3.amazonaws.com' + + negative_examples: + - '.s3.amazonaws.com' + - 's3.amazonaws.com' + + +- name: AWS S3 Bucket (path style) + id: np.s3.2 + + pattern: | + (?x) + (?: ^ | [\s/"'] | %2F ) + ( + (?: s3 + | s3-af-south-1 + | s3-ap-east-1 + | s3-ap-northeast-1 + | s3-ap-northeast-2 + | s3-ap-northeast-3 + | s3-ap-south-1 + | s3-ap-south-2 + | s3-ap-southeast-1 + | s3-ap-southeast-2 + | s3-ap-southeast-3 + | s3-ap-southeast-4 + | s3-ca-central-1 + | s3-eu-central-1 + | s3-eu-central-2 + | s3-eu-north-1 + | s3-eu-south-1 + | s3-eu-south-2 + | s3-eu-west-1 + | s3-eu-west-2 + | s3-eu-west-3 + | s3-me-central-1 + | s3-me-south-1 + | s3-sa-east-1 + | s3-us-east-1 + | s3-us-east-2 + | s3-us-gov-east-1 + | s3-us-gov-west-1 + | s3-us-west-1 + | s3-us-west-2 + ) + \.amazonaws\.com + / + [a-zA-Z0-9_][a-zA-Z0-9_-]* (?: \. [a-zA-Z0-9_-]+)* (?# bucket name as path ) + ) + (?: [^a-zA-Z0-9_-] | $ ) (?# this instead of a \b anchor because that doesn't play nicely with `-` ) + + references: + - https://docs.aws.amazon.com/general/latest/gr/rande.html + + examples: + - 's3.amazonaws.com/example-bucket' + - 'http://s3-us-east-2.amazonaws.com/example-bucket' + + negative_examples: + - '.s3.amazonaws.com' + - 's3.amazonaws.com' + - 's3.amazonaws.com/' + - 'some-bucket-name.s3.amazonaws.com/171ea24dd241f8a2178b0374-username-Reponame-3-0' + - 'some-bucket.s3.amazonaws.com/some-object-here' + + +- name: Amazon Resource Name + id: np.arn.1 + + pattern: | + (?x) + \b + ( + arn + : + (?: aws | aws-cn | aws-us-gov ) (?# partition ) + : + [a-zA-Z0-9_-]{2,} (?# service ) + : + (?: af-south-1 + | ap-east-1 + | ap-northeast-1 + | ap-northeast-2 + | ap-northeast-3 + | ap-south-1 + | ap-south-2 + | ap-southeast-1 + | ap-southeast-2 + | ap-southeast-3 + | ap-southeast-4 + | ca-central-1 + | eu-central-1 + | eu-central-2 + | eu-north-1 + | eu-south-1 + | eu-south-2 + | eu-west-1 + | eu-west-2 + | eu-west-3 + | me-central-1 + | me-south-1 + | sa-east-1 + | us-east-1 + | us-east-2 + | us-gov-east-1 + | us-gov-west-1 + | us-west-1 + | us-west-2 + )? (?# region ) + : + (?: \d{12} )? (?# account ID sans hyphens ) + : + (?: [a-zA-Z0-9_-]+ [:/])? (?# resource type) + [^\s"'&<>\\%]+ (?# resource ID) + ) + (?: [\s"'&<>\\%] | $ ) + + references: + - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html + + examples: + - 'arn:aws:s3:::my_corporate_bucket/*' + - 'arn:aws:s3:::my_corporate_bucket/Development/*' + - 'arn:aws:iam::123456789012:user/Development/product_1234/*' + - 'alerts: "arn:aws:sns:us-west-2:123456789023:CloudwatchMetricAlarm"' + - '"Principal":{"Federated":["arn:aws:iam:::oidc-provider/localhost:8080/auth/realms/quickstart"]},' + - '"KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",' + - '"aws-kms://arn:aws:kms:us-east-1:003084325827:key/84a66985-f968-4bac-82c2-365518adf157";' + - 'return f"arn:aws:s3:::{bucket_name}"' + - 'return f"arn:aws:s3:::${bucket_name}"' diff --git a/rules/rules/azure.yml b/rules/rules/azure.yml new file mode 100644 index 0000000..7059cec --- /dev/null +++ b/rules/rules/azure.yml @@ -0,0 +1,77 @@ +rules: + +- name: Azure Connection String + id: np.azure.1 + + # XXX There are a bunch of other keys that seem to have secret content assigned to them: + # + # - SharedAccessSignature + # - Authorization + # - UserToken + # - ApplicationToken + # + # Maybe we can generalize this rule one day. + pattern: | + (?x) + (?i) + (?: AccountName | SharedAccessKeyName | SharedSecretIssuer) \s*=\s* ([^;]{1,80}) \s*;\s* + .{0,10}\s* (?# possible extra stuff, e.g., string concatenation) + (?: AccountKey | SharedAccessKey | SharedSecretValue) \s*=\s* ([^;]{1,100}) + (?: ;|$ ) + + references: + - https://azure.microsoft.com/en-us/blog/windows-azure-web-sites-how-application-strings-and-connection-strings-work/ + - https://docs.microsoft.com/en-us/azure/storage/common/storage-configure-connection-string + - https://learn.microsoft.com/en-us/azure/service-bus-messaging/service-bus-sas#best-practices-when-using-sas + + examples: + - | + # Azure Storage Connection String + AzureWebJobsStorage=DefaultEndpointsProtocol=https;AccountName=hanatour9833;AccountKey=6jqh42QQjWWBwoPGGR/Jr0PZjhBMZVbHm/gkhEfHvOj8aV6+oI8ed6ZAAwB5a6993WqyQDiuJJB0QpseJwqYxw==;EndpointSuffix=core.windows.net + - | + DefaultEndpointsProtocol=http;AccountName=testacc1; + AccountKey=1gy3lpE7Du1j5ljKiupgKzywSw2isjsa69sfsdfsdsgfsgfdgfdgfd/YThisv/OVVLfIOv9kQ==; + BlobEndpoint=http://127.0.0.1:8440/testacc1; + TableEndpoint=http://127.0.0.1:8440/testacc1; + QueueEndpoint=http://127.0.0.1:8440/testacc1; + + - | + "IOTHUB_CONNECTION_STRING": { + "value": "HostName=d1-vi-ioth521.azure-devices.net;SharedAccessKeyName=registryReadWrite;SharedAccessKey=S8ii67l3Gd1Ba69az78iP9UksewzhjvUfh1DIuDs30w=" + } + + - | + "AZURE_STORAGE_CONNECTION_STRING": { + "value": "DefaultEndpointsProtocol=https;AccountName=d1biblobstor521;AccountKey=NjEwGHd9+piK+iCi2C2XURWPmeDDjif9UKN1HAszYptL4iQ+yD7/dgjLMZc3VOpURsa53aJ4HZfbVWzL429C5g==;EndpointSuffix=core.windows.net" + } + + negative_examples: + # https://docs.microsoft.com/en-us/azure/azure-monitor/app/sdk-connection-string + - 'InstrumentationKey=00000000-0000-0000-0000-000000000000;EndpointSuffix=ai.contoso.com;' + - 'InstrumentationKey=00000000-0000-0000-0000-000000000000;IngestionEndpoint=https://custom.com:111/;LiveEndpoint=https://custom.com:222/;ProfilerEndpoint=https://custom.com:333/;SnapshotEndpoint=https://custom.com:444/;' + + +- name: Azure App Configuration Connection String + id: np.azure.2 + + pattern: | + (?x) + (https://[a-zA-Z0-9-]+\.azconfig\.io); + Id=(.{4}-.{2}-.{2}:[a-zA-Z0-9+/]{18,22}); + Secret=([a-zA-Z0-9+/]{36,50}=) + + examples: + - 'Endpoint=https://foo-nonprod-appconfig.azconfig.io;Id=ABCD-E6-s0:tl6ABcdefGHi7kLMno/p;Secret=abCD1EF+GHIJxLMnOPqRSa53VWX05zaBCdE/fg9hi4k=' + - 'https://foo-nonprod-appconfig.azconfig.io;Id=ABCD-E6-s0:tl6ABcdefGHi7kLMno/p;Secret=abCD1EF+GHIJxLMnOA53ST8uVWX05zaBCdE/fg9hi4k=' + - 'Endpoint=https://appconfig-test01.azconfig.io;Id=09pv-l0-s0:opFCQMC6+9485xJgN5Ws;Secret=GcoEA53t7GLRNJ910M46IrbHO/Vg0tt4HujRdsaCoTY=' + - ' private static string appConfigurationConnectionString = "Endpoint=https://appcs-fg-pwc.azconfig.io;Id=pi5x-l9-s0:SZLlhHA53Nz2MpAl04cU;Secret=CQ+mlfQqkzfZv4XA53gigJ/seeXMKwNsqW/rM3wmtuE=";' + + negative_examples: + - | + text: + az appconfig feature delete --connection-string Endpoint=https://contoso.azconfig.io;Id=xxx;Secret=xxx --feature color --label MyLabel + + references: + - https://docs.microsoft.com/en-us/azure/azure-app-configuration/ + - https://docs.microsoft.com/en-us/azure/azure-app-configuration/howto-best-practices + - /~https://github.com/Azure/azure-sdk-for-python/blob/main/sdk/appconfiguration/azure-appconfiguration/azure/appconfiguration/_utils.py diff --git a/rules/rules/codeclimate.yml b/rules/rules/codeclimate.yml new file mode 100644 index 0000000..6c46450 --- /dev/null +++ b/rules/rules/codeclimate.yml @@ -0,0 +1,39 @@ +rules: + +# This rule detects the appearance of a or CodeClimate Reporter ID (aka Repo Token). +# Such a token only has write access for coverage info from the corresponding +# repository, and has no other access than that. +# +# However, a leaked token could still be used to upload fraudulent code +# coverage data or cause abuse of services. +- name: CodeClimate Reporter ID + id: np.codeclimate.1 + + pattern: | + (?x) + (?: CODECLIMATE_REPO_TOKEN | CC_TEST_REPORTER_ID) + \s* [:=] \s* + ([a-f0-9]{64})\b + + references: + # Old reporters use `CODECLIMATE_REPO_TOKEN` + - /~https://github.com/codeclimate/javascript-test-reporter + - /~https://github.com/codeclimate/php-test-reporter + - /~https://github.com/codeclimate/python-test-reporter + - /~https://github.com/codeclimate/ruby-test-reporter + - /~https://github.com/codeclimate/ruby-test-reporter/issues/34 + + # New reporter uses `CC_TEST_REPORTER_ID` + - https://docs.codeclimate.com/docs/finding-your-test-coverage-token#should-i-keep-my-test-reporter-id-secret + + examples: + - ' - RAILS_ENV=test CODECLIMATE_REPO_TOKEN=d37a8b9e09642cb73cfcf4e1284815fc3d6a55a7714110187ac59856ae4ab5ad' + + - | + - uses: paambaati/codeclimate-action@v2.2.4 + env: + CC_TEST_REPORTER_ID: 945dfb58a832d233a3caeb84e3e6d3be212e8c7abcb48117fce63b9adcb43647 + + + +# XXX: should add rules for CodeClimate API keys too: https://developer.codeclimate.com/#authentication diff --git a/rules/rules/crates.io.yml b/rules/rules/crates.io.yml new file mode 100644 index 0000000..1bfaeba --- /dev/null +++ b/rules/rules/crates.io.yml @@ -0,0 +1,14 @@ +rules: + +- name: crates.io API Key + id: np.cratesio.1 + + # It's a 32-character alphanumeric identifier prefixed by `cio` + pattern: '\b(cio[a-zA-Z0-9]{32})\b' + + references: + - https://crates.io/data-access + - /~https://github.com/rust-lang/crates.io/blob/master/src/util/token.rs + + examples: + - 'Bearer: ciotgp8BGZBlX192iExSQPm0SrUlBunG8zd' diff --git a/rules/rules/dependency_track.yml b/rules/rules/dependency_track.yml new file mode 100644 index 0000000..9c575cb --- /dev/null +++ b/rules/rules/dependency_track.yml @@ -0,0 +1,28 @@ +rules: + +# This detects occurrences of a Dependency-Track API key that uses the default +# `odt_` key prefix. This prefix was set as the default in the Dependency-Track +# v4.9.0 release on October 16, 2023. +- name: Dependency-Track API Key + id: np.dtrack.1 + pattern: '\b(odt_[A-Za-z0-9]{32,255})\b' + + examples: + - 'odt_KTJlDq2AGGGlqG4riKdT7p980AW8RlU5' + - 'odt_ABCDDq2AGxGlrF4ribBT7p98AOM9TlU8' + - 'odt_FHxhQGh77JAHHIYpZ818UQ0aYjXIdMIxxgeR' + + negative_examples: + - 'KTJlDq2AGGGlqG8riKdT7p980AW8RlU5' + - 'ABCDDq2AGxGlqG 4ribBT7p98AOM9TlU8' + - 'FHxhQGh77_JAHHIYpZ818UQ0aYjXIdMIxxgeR' + + references: + - https://docs.dependencytrack.org/integrations/rest-api/ + - https://docs.dependencytrack.org/getting-started/configuration/ + + # Code that implements stuff related to the API key + - /~https://github.com/stevespringett/Alpine/blob/92fdb7de7e5623b8c986de08997480036af5f472/alpine-model/src/main/java/alpine/model/ApiKey.java + + # Issue about adding support for the `odt_` default key prefix + - /~https://github.com/DependencyTrack/dependency-track/pull/3047 diff --git a/rules/rules/digitalocean.yml b/rules/rules/digitalocean.yml new file mode 100644 index 0000000..141b40d --- /dev/null +++ b/rules/rules/digitalocean.yml @@ -0,0 +1,48 @@ +rules: + +- name: DigitalOcean Application Access Token + id: np.digitalocean.1 + + pattern: | + (?x)(?i) + \b + (doo_v1_[a-f0-9]{64}) + \b + + references: + - https://docs.digitalocean.com/reference/api/ + + examples: + - 'curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer doo_v1_c46dde8bd620fcc382e70d5d43be6eebb141fa2452e8f8fa882433377898ebf2" "https://api.digitalocean.com/v2/cdn/endpoints"' + + +- name: DigitalOcean Personal Access Token + id: np.digitalocean.2 + + pattern: | + (?x)(?i) + \b + (dop_v1_[a-f0-9]{64}) + \b + + references: + - https://docs.digitalocean.com/reference/api/ + + examples: + - 'token = "dop_v1_ef0e04edc13918192246e0c90f0735c7f4db7a5a036a857e48d6cc98f1c9576b"' + + +- name: DigitalOcean Refresh Token + id: np.digitalocean.3 + + pattern: | + (?x)(?i) + \b + (dor_v1_[a-f0-9]{64}) + \b + + references: + - https://docs.digitalocean.com/reference/api/ + + examples: + - ' "refresh_token": "dor_v1_d6ce5b93104521c47be0b580e9296454ef4a319b02b5513469f0ec71d99af2e2",' diff --git a/rules/rules/dockerconfig.yml b/rules/rules/dockerconfig.yml new file mode 100644 index 0000000..47b4bd4 --- /dev/null +++ b/rules/rules/dockerconfig.yml @@ -0,0 +1,4 @@ +rules: +- name: Docker/kube secret + id: dockersecret.custom + pattern: '"auth":\s*".*"' \ No newline at end of file diff --git a/rules/rules/dockerhub.yml b/rules/rules/dockerhub.yml new file mode 100644 index 0000000..73656c5 --- /dev/null +++ b/rules/rules/dockerhub.yml @@ -0,0 +1,18 @@ +rules: + +- name: Docker Hub Personal Access Token + id: np.dockerhub.1 + + pattern: | + (?x) + \b + (dckr_pat_[a-zA-Z0-9_-]{27}) + (?: $ | [^a-zA-Z0-9_-] ) + + examples: + - docker login -u gemesa -p dckr_pat_hc8VxYclixyTr2rDFsa2rqzkP3Y + - docker login -u gemesa -p dckr_pat_tkzBYxjNNC3R_Yg6jd_O-G8FbrJ + - docker login -u gemesa -p dckr_pat_1q8yKET1VDJTpfCwseUDzT8vFh- + + references: + - https://docs.docker.com/security/for-developers/access-tokens/ diff --git a/rules/rules/doppler.yml b/rules/rules/doppler.yml new file mode 100644 index 0000000..ff2d5a2 --- /dev/null +++ b/rules/rules/doppler.yml @@ -0,0 +1,97 @@ +rules: + +- name: Doppler CLI Token + id: np.doppler.1 + + pattern: | + (?x) + \b + (dp\.ct\.[a-zA-Z0-9]{40,44}) + \b + + examples: + - dp.ct.bAqhcVzrhy5cRHkOlNTc0Ve6w5NUDCpcutm8vGE9myi + + references: + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats + +- name: Doppler Personal Token + id: np.doppler.2 + + pattern: | + (?x) + \b + (dp\.pt\.[a-zA-Z0-9]{40,44}) + \b + + examples: + - dp.pt.bAqhcVzrhy5cRHkOlNTc0Ve6w5NUDCpcutm8vGE9myi + + references: + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats + +- name: Doppler Service Token + id: np.doppler.3 + + pattern: | + (?x) + \b + (dp\.st\.(?:[a-z0-9\-_]{2,35}\.)?[a-zA-Z0-9]{40,44}) + \b + + examples: + - dp.st.dev.bAqhcVzrhy5cRHkOlNTc0Ve6w5NUDCpcutm8vGE9myi + + references: + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats + +- name: Doppler Service Account Token + id: np.doppler.4 + + pattern: | + (?x) + \b + (dp\.sa\.[a-zA-Z0-9]{40,44}) + \b + + examples: + - dp.sa.bAqhcVzrhy5cRHkOlNTc0Ve6w5NUDCpcutm8vGE9myi + + references: + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats + +- name: Doppler SCIM Token + id: np.doppler.5 + + pattern: | + (?x) + \b + (dp\.scim\.[a-zA-Z0-9]{40,44}) + \b + + examples: + - dp.scim.bAqhcVzrhy5cRHkOlNTc0Ve6w5NUDCpcutm8vGE9myi + + references: + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats + +- name: Doppler Audit Token + id: np.doppler.6 + + pattern: | + (?x) + \b + (dp\.audit\.[a-zA-Z0-9]{40,44}) + \b + + examples: + - dp.audit.bAqhcVzrhy5cRHkOlNTc0Ve6w5NUDCpcutm8vGE9myi + + references: + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats diff --git a/rules/rules/dropbox.yml b/rules/rules/dropbox.yml new file mode 100644 index 0000000..0d120ba --- /dev/null +++ b/rules/rules/dropbox.yml @@ -0,0 +1,20 @@ +rules: + +- name: Dropbox Access Token + id: np.dropbox.1 + + pattern: | + (?x) + \b + (sl\.[a-zA-Z0-9_-]{130,152}) + (?: $ | [^a-zA-Z0-9_-] ) + + examples: + - 'curl -X POST https://api.dropboxapi.com/2/users/get_current_account --header "Authorization: Bearer sl.hAi61Jx1hs3XlhrnsCxnctrEmxK2Q-UK29hbdxxHyAykldSeHmipBAauxTzuBEIqt2jdyyUZw8kgY3t_ars-PNIPS27ySa1ab22132U3sUuqYTXHzf2XlvMxSesUhkzx2G11_9W1f-eo"' + # this one comes from dropbox example documentation; ends with a `-` + - ' "access_token": "sl.AbX9y6Fe3AuH5o66-gmJpR032jwAwQPIVVzWXZNkdzcYT02akC2de219dZi6gxYPVnYPrpvISRSf9lxKWJzYLjtMPH-d9fo_0gXex7X37VIvpty4-G8f4-WX45AcEPfRnJJDwzv-",' + + references: + - https://developers.dropbox.com/oauth-guide + - https://www.dropbox.com/developers/ + - https://www.dropbox.com/developers/documentation/http/documentation diff --git a/rules/rules/dynatrace.yml b/rules/rules/dynatrace.yml new file mode 100644 index 0000000..51fb2e3 --- /dev/null +++ b/rules/rules/dynatrace.yml @@ -0,0 +1,24 @@ +rules: + +- name: Dynatrace Token + id: np.dynatrace.1 + + pattern: '\b(dt0[a-zA-Z]{1}[0-9]{2}\.[A-Z0-9]{24}\.[A-Z0-9]{64})\b' + + examples: + - | + helmCharts: + - name: dynatrace-operator + namespace: dynatrace + version: 0.4.1 + repo: https://raw.githubusercontent.com/Dynatrace/helm-charts/master/repos/stable + releaseName: dynatrace-operator + includeCRDs: true + valuesInline: + apiUrl: https://fqp43822.live.dynatrace.com/api + apiToken: dt0c01.FJEGSO2NBAXCOEA7WOSKOA2G.GGMUK6GJDH2TWLNKQT6F68FH22252VXP2F3QAMBUVUDV5TSYYHAWZVVFCUQLF2UA + paasToken: dt0c01.QS7G6CAS5G64DLXFMEDEJ2O7.XVJQTFD2H7XG45V5RTDGA78GAI5W44MFTLZTUOMH4JEXPAV6NSEHUNGAYPIZGEIV + + references: + - https://www.dynatrace.com/support/help/dynatrace-api + - https://www.dynatrace.com/support/help/dynatrace-api/basics/dynatrace-api-authentication diff --git a/rules/rules/facebook.yml b/rules/rules/facebook.yml new file mode 100644 index 0000000..e854053 --- /dev/null +++ b/rules/rules/facebook.yml @@ -0,0 +1,38 @@ +rules: + +- name: Facebook Secret Key + id: np.facebook.1 + + pattern: | + (?x)(?i) + \b (?: facebook | fb ) + .? + (?: api | app | application | client | consumer | customer | secret | key ) + .? + (?: key | oauth | sec | secret )? + .{0,2} \s{0,20} .{0,2} \s{0,20} .{0,2} (?# string terminators, whitespace, binding operators, etc ) + \b ([a-z0-9]{32}) \b + + references: + - https://developers.facebook.com/docs/facebook-login/access-tokens/ + + examples: + - ' # config.facebook.key = "34cebc81c056a21bc66e212f947d73ec"' + - " var fbApiKey = '0278fc1adf6dc1d82a156f306ce2c5cc';" + - ' fbApiKey: "171e84fd57f430fc59afa8fad3dbda2a",' + + negative_examples: + # XXX would be nice if the following matched + - '\"fbconnectkey\";s:32:\"8f52d1586bd18a18e152289b00ed7d29\";' + + +- name: Facebook Access Token + id: np.facebook.2 + + pattern: '\b(EAACEdEose0cBA[a-zA-Z0-9]+)\b' + + references: + - https://developers.facebook.com/docs/facebook-login/access-tokens/ + + examples: + - "url = 'https://graph.facebook.com/me/friends?access_token=EAACEdEose0cBAD5XZCz5JXYvqyeJzcSvFZC42toHiWyfjhcZCMZBZCpE3uRJnEBsrhUEMRK1wWs6SsdiDCaCI1mYwyoNuMix2XZCpvsKbZB9TumtZBlcLeIpl4pa931Ce9rTinEAhtyVVZAAZAX4NmfpBUqWtzCRC0fX5GZBn7ZC28mPKAZDZD'" diff --git a/rules/rules/figma.yml b/rules/rules/figma.yml new file mode 100644 index 0000000..78e66c7 --- /dev/null +++ b/rules/rules/figma.yml @@ -0,0 +1,26 @@ +rules: + +- name: Figma Personal Access Token + id: np.figma.1 + + # The key material looks like a v4 UUID with an extra 4 hex digits up front + pattern: | + (?x)(?i) + figma.{0,20} + \b + ( + [0-9a-f]{4}- + [0-9a-f]{8}- + [0-9a-f]{4}- + [0-9a-f]{4}- + [0-9a-f]{4}- + [0-9a-f]{12} + ) + \b + + references: + - https://www.figma.com/developers/api + - https://www.figma.com/developers/api#access-tokens + + examples: + - "--header='X-Figma-Token: 1394-0ca7a5be-8e22-40ee-8c40-778d41ab2313'" diff --git a/rules/rules/generic.yml b/rules/rules/generic.yml new file mode 100644 index 0000000..98131e3 --- /dev/null +++ b/rules/rules/generic.yml @@ -0,0 +1,253 @@ +# The rules in this file detect "generic" secrets. +# Generic secrets do not have well-defined structure like most new API token schemes do. +# In particular, there isn't some notable prefix to search for, nor is there a +# fixed length and alphabet for the secret content. +# Because of all this, the patterns in these rules tend to be pretty complex, in +# an attempt to avoid false positives. +# These rules all have relatively bad precision and recall. + +rules: + +- name: Generic Secret + id: np.generic.1 + + pattern: | + (?x)(?i) + secret + .{0,20} + \b + ([0-9a-z]{32,64}) + \b + + examples: + - ' private static String CLIENT_SECRET = "6fb1cff7690db9ac066cadbbde8e3c078efdabcf";' + + # FIXME: extend this rule so these examples get matched + negative_examples: + - " client_credential='5pX8Q~MmTI8OMBJFVqMlFR4DE3Spz6Qm.xO.Gbf-'" + - " secret_access_key = 'abcdefg12346+FJQCK'" + - ' Ldap password ---- H7IKC85R#@4$' + + +- name: Generic API Key + id: np.generic.2 + + pattern: | + (?x)(?i) + (?: api_key | apikey | access_key | accesskey ) + .{0,3} + [\ \t]* (?: : | = | := | => | , | ' | " ) [\ \t]* + .{0,3} + \b + ([0-9a-z][0-9a-z\-._/+]{30,62}[0-9a-z]) + \b + + examples: + - 'API_KEY = "951bc382db9abad29c68634761dd6e19"' + - 'buildConfigField ''String'' , ''API_KEY'' , ''"951bc382db9cfee29c68634761dd6e19"'' API_KEY ' + + negative_examples: + - 'name="ws_plugin__s2member_amazon_s3_comp_files_access_key" id="ws-plugin--s2member-amazon-s3-comp-files-access-key"' + + +- name: Generic Username and Password (quoted) + id: np.generic.3 + + pattern: | + (?x) + (?: username | USERNAME | user | USER) (?# username context keyword ) + [\ \t]* = [\ \t]* (?# assignment / binder, sans newline ) + ["'] ([a-zA-Z0-9.@_\-+]{3,30}) ["'] (?# quoted username ) + \s* [,;]? \s* (?# optional assignment separator ) + (?: \s* (?: \# | //) [^\n\r]*[\n\r])* (?# optional line comments ) + (?: password | pass | PASSWORD | PASS) (?# password context keyword ) + [\ \t]* = [\ \t]* (?# assignment / binder, sans newline ) + ["'] ([^"']{5,30}) ["'] (?# quoted password ) + + examples: + - | + credential = UsernamePasswordCredential( + client_id='da34859b-2ae4-48c3-bfe0-1b28b7cf2eed', + username='donjuandemarco', + password='1qay@WXS????', + tenant_id='bc877b20-f135-4c13-a266-8ed26b8f0f4b') + + - | + hostname = '10.11.12.13' + username = 'donjuandemarco@example.com' + password = '`123QWERasdf' + + - | + hostname = '10.11.12.13' + USERNAME = 'donjuandemarco@example.com' + # some comment + # some other comment + PASS = '`123QWERasdf' + + - | + user = 'abuser' # some comment + password = 'abuser123456' # some other comment + + - | + user = 'Aladdin' + password = 'open sesame' + + + negative_examples: + - | + USERNAME=donjuan + PASSWORD=$($(dirname $0)/../bin/get-django-setting LOCAL_DATABASE_PASSWORD) + - ":authn_dbd_params => 'host=db_host port=3306 user=apache password=###### dbname=apache_auth'," + + # FIXME: extend this rule so this actually gets matched + - | + #if DEBUG + string backend_host = "amazon-subdomain-for-database.string.us-east-1.rds.amazonaws.com"; + string backend_user = "root"; + string backend_pass = "XXXXXXXXXXXXX"; + string backend_db = "database_db"; + string backend_port = "1234"; + + + +- name: Generic Username and Password (unquoted) + id: np.generic.4 + pattern: | + (?x) + (?: username | USERNAME | user | USER) (?# username context keyword ) + [\ \t]* = [\ \t]* (?# assignment / binder, sans newline ) + ([a-zA-Z0-9.@_\-+]{3,30}) (?# unquoted username ) + \s* ;? \s* (?# optional assignment separator ) + (?: \s* (?: \# | //) [^\n\r]*[\n\r])* (?# optional line comments ) + (?: password | pass | PASSWORD | PASS) (?# password context keyword ) + [\ \t]* = [\ \t]* (?# assignment / binder, sans newline ) + (\S{5,30}) (?# unquoted password ) + (?: \s | $ ) (?# end-of-password anchor ) + + examples: + - | + user = Aladdin + password = open_sesame + + - | + user = Aladdin + // some comment + // some other comment + password = open_sesame + + - ":authn_dbd_params => 'host=db_host port=3306 user=apache password=###### dbname=apache_auth'," + + negative_examples: + - | + user = 'Aladdin' + password = 'open_sesame' + + +- name: Generic Password (double quoted) + id: np.generic.5 + + pattern: | + (?x)(?i) + password["']? (?# preceding context ) + [\ \t]* (?: = | : | := | => ) [\ \t]* (?# binder ) + " + ([^$<%@.,\s+'"(){}&/\#\-][^\s+'"(){}/]{4,}) (?# password ) + " + + examples: + - | + password = "super$ecret" + - | + password="super$ecret" + - | + String usernamePassword = "application:" + appKey + ":" + appSecret; + - | + my_password: "super$ecret" + - | + "password": "super$ecret", + - | + my_password := "super$ecret" + - | + password => "super$ecret" + - | + "ApplicationServicesConnection" : { + "ServiceAddress" : "https://services-dev.examples.com", + "AdminPassword" : "thisismypassword" + } + - | + private const string DevFolkoosComPfxPassword = "thisismypassword"; + - | + "password": "YOURPASSWROD" + - | + create_random_name('sfrp-cli-cert2', 24), + 'cluster_name': self.create_random_name('sfrp-cli-', 24), + 'vm_password': "Pass123!@#", + 'policy_path': os.path.join(TEST_DIR, 'policy.json') + }) + + negative_examples: + - | + password = "123" + - | + password = super$ecret + - | + password = 'super$ecret' + - | + "password": "$super$ecret", + - | + sb.append("MasterUserPassword: " + getMasterUserPassword() + ","); + - | + "//localhost:1337/:_password = "+new Buffer("feast").toString("base64") + - | + export PGPASSWORD="$gdcapi_db_password" + - | + define wget::authfetch($source,$destination,$user,$password="",$timeout="0",$verbose=false) { + - | + - echo 'export DATABASE_PASSWORD="'$PRECOMPILE_PASSWORD'"' >> .env + - | + "/en/enterprise/3.0/authentication/keeping-your-account-and-data-secure/creating-a-strong-password":"/en/enterprise-server@3.0/auth" + - | + "password": "<YOURPASSWROD>" + - | + as: 'cms_user_password' + get '/passwords/:id/edit' => "cms/sites/passwords#edit", as: 'edit_password' + put '/forgot-password' => "cms/sites/passwords#update", as: 'update_password' + end + - | + IAMUserChangePassword = "arn:aws:iam::aws:policy/IAMUserChangePassword" + - | + this.addPassword = "#add-password"; + + + +- name: Generic Password (single quoted) + id: np.generic.6 + + pattern: | + (?x)(?i) + password["']? (?# preceding context ) + [\ \t]* (?: = | : | := | => ) [\ \t]* (?# binder ) + ' + ([^$<%@.,\s+'"(){}&/\#\-][^\s+'"(){}/]{4,}) (?# password ) + ' + + examples: + - | + :password => '4ian1234', + - | + common.then_log_in({username: 'geronimo', password: '52VeZqtHDCdAr5yM'}); + + - | + beta => { + host => 'foo.example.com', + user => 'joe', + password => 'thisismypassword', + } + + negative_examples: + - | + echo 'password = '.$p['config']['daemon_password']."\n"; + - | + usernameLabel:"Username or email:",passwordLabel:"Password:",rememberMeLabel:"Remember me:" + - | + this.addPassword = '#add-password'; diff --git a/rules/rules/github.yml b/rules/rules/github.yml new file mode 100644 index 0000000..2b2ff4b --- /dev/null +++ b/rules/rules/github.yml @@ -0,0 +1,120 @@ +rules: + +- name: GitHub Personal Access Token + id: np.github.1 + pattern: '\b(ghp_[a-zA-Z0-9]{36})\b' + + references: + - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github + - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token + - https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/ + + examples: + - 'GITHUB_KEY=ghp_XIxB7KMNdAr3zqWtQqhE94qglHqOzn1D1stg' + - "let g:gh_token='ghp_4U3LSowpDx8XvYE7A8GH56oxU5aWnY2mzIbV'" + - | + ## git devaloper settings + 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 + + +- name: GitHub OAuth Access Token + id: np.github.2 + pattern: '\b(gho_[a-zA-Z0-9]{36})\b' + + references: + - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github + - https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps + - https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/ + + examples: + - ' "url": "git+https://FelipeMestre:gho_psT9pqNFsehnc4se0ZzzR0HBxapxZD35hNHi@github.com/gontarz/PW_2021_Website-FelipeMestre.git"' + - ' oauth_token: gho_fq75OMU7UVbS9pTZmoCCzJT6TM5d1w099FgG' + + +- name: GitHub App Token + id: np.github.3 + # Note: `ghu_` prefix is for user-to-server tokens; `ghs_` is for server-to-server tokens + pattern: '\b((?:ghu|ghs)_[a-zA-Z0-9]{36})\b' + + references: + - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github + - https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps + - https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/ + + examples: + - ' "token": "ghu_16C7e42F292c69C2E7C10c838347Ae178B4a",' + - | + Example usage: + git clone http://ghs_RguXIkihJjwHAP6eXEYxaPNvywurTr5IOAbg@github.com/username/repo.git + + +- name: GitHub Refresh Token + id: np.github.4 + pattern: '\b(ghr_[a-zA-Z0-9]{76})\b' + references: + - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github + - https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps + - https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/ + + examples: + - ' "refresh_token": "ghr_1B4a2e77838347a7E420ce178F2E7c6912E169246c3CE1ccbF66C46812d16D5B1A9Dc86A1498",' + + +- name: GitHub Client ID + id: np.github.5 + pattern: | + (?x)(?i) + (?:github) + .? + (?: api | app | application | client | consumer | customer )? + .? + (?: id | identifier | key ) + .{0,2} \s{0,20} .{0,2} \s{0,20} .{0,2} (?# string terminators, whitespace, binding operators, etc ) + \b ([a-z0-9]{20}) \b + + references: + - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github + - https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps + + examples: + - | + GITHUB_CLIENT_ID=ac58d6da7d7a84c039b7 + GITHUB_SECRET=37d02377a3e9d849e18704c3ec883f9c5787d857 + + +- name: GitHub Secret Key + id: np.github.6 + pattern: | + (?x)(?i) + github + .? + (?: api | app | application | client | consumer | customer | secret | key ) + .? + (?: key | oauth | sec | secret )? + .{0,2} \s{0,20} .{0,2} \s{0,20} .{0,2} (?# string terminators, whitespace, binding operators, etc ) + \b ([a-z0-9]{40}) \b + + references: + - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github + - https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps + + examples: + - | + GITHUB_CLIENT_ID=ac58d6da7d7a84c039b7 + GITHUB_SECRET=37d02377a3e9d849e18704c3ec883f9c5787d857 + + +- name: GitHub Personal Access Token (fine-grained permissions) + id: np.github.7 + pattern: | + (?x) + \b + (github_pat_[0-9a-zA-Z_]{82}) + \b + + references: + - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github + - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token + + examples: + - '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' diff --git a/rules/rules/gitlab.yml b/rules/rules/gitlab.yml new file mode 100644 index 0000000..ab2bb69 --- /dev/null +++ b/rules/rules/gitlab.yml @@ -0,0 +1,55 @@ +rules: + +- name: GitLab Runner Registration Token + id: np.gitlab.1 + pattern: '\b(GR1348941[0-9a-zA-Z_-]{20})(?:\b|$)' + + references: + - https://docs.gitlab.com/runner/security/ + - https://docs.gitlab.com/ee/security/token_overview.html#runner-registration-tokens-deprecated + - https://docs.gitlab.com/ee/security/token_overview.html#security-considerations + + examples: + - | + sudo gitlab-runner register \ + --non-interactive \ + --url "https://gitlab.com/" \ + --registration-token "GR1348941_iAgdMy7a3NhZaa5oNoH" \ + --executor "docker" \ + --docker-image ubuntu:latest \ + --description "docker-runner" \ + --tag-list "docker, CICD, App" \ + --run-untagged="true" \ + --locked="false" \ + --access-level="not_protected" + +- name: GitLab Personal Access Token + id: np.gitlab.2 + pattern: '\b(glpat-[0-9a-zA-Z_-]{20})(?:\b|$)' + + references: + - https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html + + examples: + - | + docker build -t tweedledee \ + -f Dockerfile \ + --build-arg 'GO_REPO_TOKEN=glpat-tFrjFXD7soVU2fqxuDMh' \ + +- name: GitLab Pipeline Trigger Token + id: np.gitlab.3 + pattern: '\b(glptt-[0-9a-f]{40})\b' + + references: + - https://docs.gitlab.com/ee/ci/triggers/ + - https://gitlab.com/gitlab-org/gitlab/-/issues/371396 + - https://gitlab.com/gitlab-org/gitlab/-/issues/388379 + + examples: + - | + curl \ + -X POST \ + --fail \ + --no-progress-meter \ + -F token=glptt-0d66598d696a02da33fb65e2a041f607c68ea50d \ + -F ref=main diff --git a/rules/rules/google.yml b/rules/rules/google.yml new file mode 100644 index 0000000..26268fa --- /dev/null +++ b/rules/rules/google.yml @@ -0,0 +1,124 @@ +rules: + +- name: Google Client ID + id: np.google.1 + + pattern: '(?i)\b([0-9]+-[a-z0-9_]{32})\.apps\.googleusercontent\.com' + + examples: + - " 'clientID' : '231545488769-4d1mcev9vifvlncrern52id2pqqf5u5l.apps.googleusercontent.com'," + - " //$google_client_id = '244082345999-o6m8f1pmb1e76tjfj9v7b96j31e53ps5.apps.googleusercontent.com';" + - " GOOGLE_OAUTH2_CLIENT_ID = '607830223128-4qgthc7ofdqce232dk690t5jgkm1ce33.apps.googleusercontent.com'" + - ' $cordovaOauth.google("653512027492-5u9blotr1521fa0lo1172nhv4pmqgttq.apps.googleusercontent.com", ["email"]).then(function(result) {' + + +- name: Google OAuth Client Secret (prefixed) + id: np.google.2 + + pattern: | + (?x) + \b + (GOCSPX-[a-zA-Z0-9_-]{28}) + (?:[^a-zA-Z0-9_-] | $) + + examples: + - 'const CLIENTSECRET = "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"' + +- name: Google OAuth Client Secret + id: np.google.3 + + pattern: | + (?x)(?i) + client.?secret .{0,10} + \b + ([a-z0-9_-]{24}) + (?: [^a-z0-9_-] |$) + + examples: + - '"client_secret":"aaaaaaaaaaaaaaaaaaaaaaa-"' + - " //$google_client_secret = 'fnhqAakzWrX-mtFQ4PRdMoy0';" + - " 'clientSecret' : 'Ufvuj-d6alhwGKvvLh_8Nq0K'" + + +- name: Google OAuth Access Token + id: np.google.4 + + pattern: | + (?x) + \b + (ya29\.[0-9A-Za-z_-]{20,1024}) + (?: [^0-9A-Za-z_-]|$) (?# Used instead of `\b` because that doesn't play well with trailing `-` ) + + examples: + - | + const setupCredentials = () => { + const { encryptedData, iv } = encrypt({ + expiry_date: 1642441058842, + access_token: + 'ya29.A0ARrdaM--PV_87ebjywDJpXKb77NBFJl16meVUapYdfNv6W6ZzCu947fNaPaRjbDbOIIcp6f49cMaX5ndK9TAFnKwlVqz3nrK9nLKqgyDIhYsIq47smcAIZkK56SWPx3X3DwAFqRu2UPojpd2upWwo-3uJrod', + // This token is linked to a test Google account (typebot.test.user@gmail.com) + refresh_token: + '1//039xWRt8YaYa3CgYIARAAGAMSNwF-L9Iru9FyuTrDSa7lkSceggPho83kJt2J29Ga91EhT1C6XV1vmo6bQS9puL_R2t8FIwR3gek', + }) + - | + -- Clear login if it's a new connection. + --propertyTable.access_token = 'ya29.Ci_UA7aEsvT6-oVI8f96kvB6i8oO13WgdZUviLaCVtpEPYZqhQcQycR-u2X9xtmYGA' + + +- name: Google API Key + id: np.google.5 + + pattern: '\b(AIza[0-9A-Za-z_-]{35})\b' + references: + - https://cloud.google.com/docs/authentication/api-keys#securing + - https://support.google.com/googleapi/answer/6310037 + + examples: + - " var DEVELOPER_KEY = 'AIzaSyB4sU8lU15bR_87qNb7eUVQN72_vv8mpbU';" + + +- name: Google Cloud Storage Bucket (subdomain style) + id: np.gcs.1 + + pattern: | + (?x) + (?: ^ | [\s/"'] | %2F ) + ( + (?: [a-zA-Z0-9_-]+ \. )+ (?# bucket name as subdomain ) + storage\.googleapis\.com + ) + \b + + references: + - https://cloud.google.com/storage/docs/request-endpoints + + examples: + - 'c.storage.googleapis.com' + - 'some-bucket.example.com.storage.googleapis.com' + + negative_examples: + - 'https://storage.googleapis.com' + + +- name: Google Cloud Storage Bucket (path style) + id: np.gcs.2 + + pattern: | + (?x) + (?: ^ | [\s/"'] | %2F ) + ( + storage\.googleapis\.com + / + [a-zA-Z0-9_-]+ (?: \. [a-zA-Z0-9_-]+ )* (?# bucket name as path ) + ) + (?: [^a-zA-Z0-9_-] | $ ) (?# this instead of a \b anchor because that doesn't play nicely with `-` ) + + references: + - https://cloud.google.com/storage/docs/request-endpoints + + negative_examples: + - 'c.storage.googleapis.com/some_object' + - 'some-bucket.example.com.storage.googleapis.com/some_object' + + examples: + - 'https://storage.googleapis.com/bucket_name/object_name' diff --git a/rules/rules/gradle.yml b/rules/rules/gradle.yml new file mode 100644 index 0000000..74dde3d --- /dev/null +++ b/rules/rules/gradle.yml @@ -0,0 +1,36 @@ +rules: + +# This is intended to detect hardcoded credentials that sometimes appear in Gradle files. +- name: Hardcoded Gradle Credentials + id: np.gradle.1 + + pattern: | + (?x) + (?i) + credentials \s* \{ + (?:\s*//.*)* (?# skip line comments) + \s* (?:username|password) \s+ ['"]([^'"]{1,60})['"] + (?:\s*//.*)* (?# skip line comments) + \s* (?:username|password) \s+ ['"]([^'"]{1,60})['"] + + examples: + - | + credentials { + username 'user' + password 'password' + } + - | + publishing { + repositories { + maven { + url "http://us01cmsysart01.example.com:8081/artifactory/Mobile-Libs-Internal" + credentials { + // your password here + + username "SOME_USERNAME" + password "SOME_PASSWORD" + } + } + } + - "credentials {\n username 'user'\n password 'password'\n}" + - "credentials {\n username \"user\"\n password \"password\"\n}" diff --git a/rules/rules/grafana.yml b/rules/rules/grafana.yml new file mode 100644 index 0000000..8b1a04d --- /dev/null +++ b/rules/rules/grafana.yml @@ -0,0 +1,64 @@ +rules: + +- name: Grafana API Token + id: np.grafana.1 + + pattern: | + (?x) + \b + (eyJrIjoi [A-Za-z0-9]{60,100}) + \b + + references: + - https://grafana.com/docs/grafana/latest/developers/http_api/auth/ + + examples: + - 'Authorization: Bearer eyJrIjoiWHZiSWd5NzdCYUZnNUtibE8obUpESmE2bzJYNDRIc1UiLCJuIjoibXlrZXkiLCJpZCI7MX1' + - 'admin_client = GrafanaClient("eyJrIjoiY21sM1JRYjB6RnVYSTNLenRWQkFEaWN2bXI2V202U2IiLCJuIjoiYWRtaW5rZXkiLCJpZCI6MX0=", host=grafana_host, port=3000, protocol="http")' + + non_examples: + - 'View the latest results [here](https://heyo.powerbi.com/view?r=eyJrIjoiYTZjMTk3YjEtMzQ4Yi00NTI5LTg6ZDItNmUyMGRlOTkwMGRlIiwidCI5IjcyZjk4OGJmLTg3ZjEtNDFhZi06MWFiLTJkN2NkMDExZGI0NyIsImMiOjV9&pageName=ReportSection9567390a89a2d30b0eda).' + + +- name: Grafana Cloud API Token + id: np.grafana.2 + + pattern: | + (?x) + \b + (glc_eyJrIjoi [A-Za-z0-9]{60,100}) + \b + + references: + - https://grafana.com/docs/grafana-cloud/api-reference/cloud-api/ + + examples: + - ' "token": "glc_eyJrIjoiZjI0YzZkNGEwZDBmZmZjMmUzNTU3ODcxMmY0ZWZlNTQ1NTljMDFjOCIsIm6iOiJteXRva3VuIiwiaWQiOjF8"' + + +- name: Grafana Service Account Token + id: np.grafana.3 + + pattern: | + (?x) + \b + (glsa_[a-zA-Z0-9]{32}_[a-fA-F0-9]{8}) + \b + + references: + - https://grafana.com/docs/grafana/latest/administration/service-accounts/ + + examples: + - | + curl -H "Authorization: Bearer glsa_HOruNAb7SOiCdshU7algkrq7FDsNSLAa_55e2f8be" -X GET '/api/access-control/user/permissions' | jq + + - | + // getData() + // { + // let url="http://localhost:4200/api/search" + // const headers = new HttpHeaders({ + // 'Content-Type': 'application/json', + // 'Authorization': `Bearer glsa_Sof0HKi3agxrQP9qm5r2G98VacBNwV5P_9b638c45` + // }) + // return this.http.get(url, {headers: headers}); + // } diff --git a/rules/rules/hashes.yml b/rules/rules/hashes.yml new file mode 100644 index 0000000..839a0a5 --- /dev/null +++ b/rules/rules/hashes.yml @@ -0,0 +1,96 @@ +rules: + +- name: Password Hash (md5crypt) + id: np.pwhash.1 + pattern: '(\$1\$[./A-Za-z0-9]{8}\$[./A-Za-z0-9]{22})' + + references: + - https://en.wikipedia.org/wiki/Crypt_(C)#MD5-based_scheme + - https://unix.stackexchange.com/a/511017 + - https://hashcat.net/wiki/doku.php?id=example_hashes + - https://passwordvillage.org/salted.html#md5crypt + + examples: + # generated with `openssl passwd -1 -salt 'OKgLCmVl' 'a'` + - '$1$OKgLCmVl$d02jECa4DXn/oXX0R.MoQ/' + - '$1$28772684$iEwNOgGugqO9.bIz5sk8k/' + + +- name: Password Hash (bcrypt) + id: np.pwhash.2 + # Format from Wikipedia: + # $2$[cost]$[22 character salt][31 character hash] + pattern: '(\$2[abxy]\$\d+\$[./A-Za-z0-9]{53})' + + references: + - https://en.wikipedia.org/wiki/Bcrypt + - https://hashcat.net/wiki/doku.php?id=example_hashes + + examples: + - '$2a$12$R9h/cIPz0gi.URNNX3kh2OPST9/PgBkqquzi.Ss7KIUgO2t0jWMUW' + - '$2a$05$/VT2Xs2dMd8GJKfrXhjYP.DkTjOVrY12yDN7/6I8ZV0q/1lEohLru' + - '$2a$05$Uo385Fa0g86uUXHwZxB90.qMMdRFExaXePGka4WGFv.86I45AEjmO' + - '$2a$05$LhayLxezLhK1LhWvKxCyLOj0j1u.Kj0jZ0pEmm134uzrQlFvQJLF6' + - '$2y$12$atWJ1Nx6ep65tNx0YIJ4I.jzgI86znQbNRI3lF0qIt/XCYnEPxSc2' + + +- name: Password Hash (sha256crypt) + id: np.pwhash.3 + pattern: | + (?x) + ( + \$ 5 (?# magic ) + (?: \$ rounds=\d+ )? (?# optional rounds ) + \$ [./A-Za-z0-9]{8,16} (?# salt ) + \$ [./A-Za-z0-9]{43} (?# hash ) + ) + + references: + - https://en.wikipedia.org/wiki/Crypt_(C)#Key_derivation_functions_supported_by_crypt + - https://hashcat.net/wiki/doku.php?id=example_hashes + - https://passwordvillage.org/salted.html#sha256crypt + + examples: + - '$5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD' + - '$5$9ks3nNEqv31FX.F$gdEoLFsCRsn/WRN3wxUnzfeZLoooVlzeF4WjLomTRFD' + - '$5$KAlz5SULZNybHwil$3UgmS1pmo2r5HG.tjbjzoVxISBh8IH81d.bJh4MCC19' + + +- name: Password Hash (sha512crypt) + id: np.pwhash.4 + pattern: | + (?x) + ( + \$ 6 (?# magic ) + (?: \$ rounds=\d+ )? (?# optional rounds ) + \$ [./A-Za-z0-9]{8,16} (?# salt ) + \$ [./A-Za-z0-9]{86} (?# hash ) + ) + + references: + - https://en.wikipedia.org/wiki/Crypt_(C)#Key_derivation_functions_supported_by_crypt + - https://hashcat.net/wiki/doku.php?id=example_hashes + - https://passwordvillage.org/salted.html#sha512crypt + + examples: + - '$6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/' + - '$6$qoE2letU$wWPRl.PVczjzeMVgjiA8LLy2nOyZbf7Amj3qLIL978o18gbMySdKZ7uepq9tmMQXxyTIrS12Pln.2Q/6Xscao0' + + +- name: Password Hash (Cisco IOS PBKDF2 with SHA256) + id: np.pwhash.5 + pattern: | + (?x) + ( + \$ 8 (?# magic ) + \$ [./A-Za-z0-9]{8,16} (?# salt ) + \$ [./A-Za-z0-9]{43} (?# hash ) + ) + + references: + - https://en.wikipedia.org/wiki/Crypt_(C)#Key_derivation_functions_supported_by_crypt + - https://hashcat.net/wiki/doku.php?id=example_hashes + + examples: + - '$8$TnGX/fE4KGHOVU$pEhnEvxrvaynpi8j4f.EMHr6M.FzU8xnZnBr/tJdFWk' + - '$8$mTj4RZG8N9ZDOk$elY/asfm8kD3iDmkBe3hD2r4xcA/0oWS5V3os.O91u.' diff --git a/rules/rules/heroku.yml b/rules/rules/heroku.yml new file mode 100644 index 0000000..15129ea --- /dev/null +++ b/rules/rules/heroku.yml @@ -0,0 +1,14 @@ +rules: + +- name: Heroku API Key + id: np.heroku.1 + pattern: '(?i)heroku.{0,20}key.{0,20}\b([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b' + + references: + - https://devcenter.heroku.com/articles/authentication + + examples: + - ' HEROKU_API_KEY: c55dbac4-e0e8-4a06-b892-75cac2387ce5' + + negative_examples: + - 'curl https://kolkrabbi.heroku.com/apps/98fc74a8-ff56-4a21-85f6-7a1fcac895c9/github/push \' diff --git a/rules/rules/huggingface.yml b/rules/rules/huggingface.yml new file mode 100644 index 0000000..51e3a84 --- /dev/null +++ b/rules/rules/huggingface.yml @@ -0,0 +1,12 @@ +rules: + +- name: HuggingFace User Access Token + id: np.huggingface.1 + + pattern: '\b(hf_[a-zA-Z]{34})\b' + + references: + - https://huggingface.co/docs/hub/security-tokens + + examples: + - 'HF_TOKEN:"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"' diff --git a/rules/rules/jenkins.yml b/rules/rules/jenkins.yml new file mode 100644 index 0000000..56c4be1 --- /dev/null +++ b/rules/rules/jenkins.yml @@ -0,0 +1,26 @@ +rules: + +- name: Jenkins Token or Crumb + id: np.jenkins.1 + + pattern: '(?i)jenkins.{0,10}(?:crumb)?.{0,10}\b([0-9a-f]{32,36})\b' + + examples: + - | + jenkins_user = 'root' + # jenkins_passwd = '116365fd86d63bf507aba962606a5c8956' Pre token + jenkins_passwd = '11811f784531053132519844d047186074' # Dev Token + jenkins_url = 'http://10.1.188.121' + - | + export JENKINS_USER=justin-admin-edit-view + export JENKINS_TOKEN=11f4274ec59be12eace9a08b08ee13d54b + export JENKINS=jenkins-cicd.apps.sno.openshiftlabs.net + - | + sh "curl -X POST 'http://jenkins.lsfusion.luxsoft.by/job/${Paths.updateParentVersionsJob}/build' --user ${USERPASS} -H 'Jenkins-Crumb:440561953171ba44ace9740562d172bb'" + + negative_examples: + - '1. ~~Does not play well with [Build Token Root Plugin](https://wiki.jenkins-ci.org/display/JENKINS/Build+Token+Root+Plugin) URL formats.~~ (added with [this commit](/~https://github.com/morficus/Parameterized-Remote-Trigger-Plugin/commit/f687dbe75d1c4f39f7e14b68220890384d7c5674) )' + + references: + - https://www.jenkins.io/blog/2018/07/02/new-api-token-system/ + - https://www.jenkins.io/doc/book/security/csrf-protection/ diff --git a/rules/rules/jwt.yml b/rules/rules/jwt.yml new file mode 100644 index 0000000..a9baad0 --- /dev/null +++ b/rules/rules/jwt.yml @@ -0,0 +1,30 @@ +rules: + +- name: JSON Web Token (base64url-encoded) + id: np.jwt.1 + + # `header . payload . signature`, all base64-encoded + # Unencoded, the header and payload are JSON objects, usually starting with + # `{"`, which gets base64-encoded starting with `ey`. + pattern: | + (?x) + \b + ( + ey[a-zA-Z0-9_-]+ (?# header ) + \. + ey[a-zA-Z0-9_-]+ (?# payload ) + \. + [a-zA-Z0-9_-]+ (?# signature ) + ) + (?:[^a-zA-Z0-9_-]|$) (?# this instead of a \b anchor because that doesn't play nicely with `-` ) + + references: + - https://en.wikipedia.org/wiki/JSON_Web_Token + - https://datatracker.ietf.org/doc/html/rfc7519 + - https://en.wikipedia.org/wiki/Base64#URL_applications + - https://datatracker.ietf.org/doc/html/rfc4648 + - https://developer.okta.com/blog/2018/06/20/what-happens-if-your-jwt-is-stolen + + examples: + - 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dnZWRJbkFzIjoiYWRtaW4iLCJpYXQiOjE0MjI3Nzk2Mzh9.gzSraSYS8EXBxLN_oWnFSRgCzcmEmMjLiuyu5CSpyHI' + - 'NUCLEAR_SERVICES_ANON_KEY=eyJhbGciOiJIUzI1NiIsEnR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InFqcnVqc2lzY2Nzdnl2am5xdG5xIiwicm9sZSI6ImEub24iLCJpYXQiOjE2NTY1OTY0NjEsImV4cCI6MTk3MjE3MjQ2MX0.WQWcwBAQFNE259f2o8ruFln_UMLTFEnEaUD7KHrs9Aw' diff --git a/rules/rules/linkedin.yml b/rules/rules/linkedin.yml new file mode 100644 index 0000000..9a1dc75 --- /dev/null +++ b/rules/rules/linkedin.yml @@ -0,0 +1,46 @@ +rules: + +- name: LinkedIn Client ID + id: np.linkedin.1 + + pattern: | + (?x)(?i) + linkedin + .? + (?: api | app | application | client | consumer | customer )? + .? + (?: id | identifier | key ) + .{0,2} \s{0,20} .{0,2} \s{0,20} .{0,2} (?# string terminators, whitespace, binding operators, etc ) + \b ([a-z0-9]{12,14}) \b + + references: + - https://docs.microsoft.com/en-us/linkedin/shared/api-guide/best-practices/secure-applications + + examples: + # FIXME: this example should not actually match + - 'Email ID Last 5 Digits of your SSN LinkedIn ID Availability' + - | + LINKEDIN_KEY = "77yg7tx91p4lag" + LINKEDIN_SECRET = "zt7GeN6IH911xvRj" + + +- name: LinkedIn Secret Key + id: np.linkedin.2 + + pattern: | + (?x)(?i) + linkedin + .? + (?: api | app | application | client | consumer | customer | secret | key ) + .? + (?: key | oauth | sec | secret )? + .{0,2} \s{0,20} .{0,2} \s{0,20} .{0,2} (?# string terminators, whitespace, binding operators, etc ) + \b ([a-z0-9]{16}) \b + + references: + - https://docs.microsoft.com/en-us/linkedin/shared/api-guide/best-practices/secure-applications + + examples: + - | + LINKEDIN_KEY = "77yg7tx91p4lag" + LINKEDIN_SECRET = "zt7GeN6IH911xvRj" diff --git a/rules/rules/mailchimp.yml b/rules/rules/mailchimp.yml new file mode 100644 index 0000000..cf95648 --- /dev/null +++ b/rules/rules/mailchimp.yml @@ -0,0 +1,18 @@ +rules: + +- name: MailChimp API Key + id: np.mailchimp.1 + + pattern: | + (?x)(?i) + (?:mailchimp|mc).{0,20} + \b + ([a-f0-9]{32}-us[0-9]{1,3}) + \b + + references: + - https://mailchimp.com/help/about-api-keys/ + - https://mailchimp.com/help/about-api-keys/#API_key_security + + examples: + - "MAILCHIMP_API='bd3777708aecfee66c5335f62a6246a4-us13'" diff --git a/rules/rules/mailgun.yml b/rules/rules/mailgun.yml new file mode 100644 index 0000000..b4f1140 --- /dev/null +++ b/rules/rules/mailgun.yml @@ -0,0 +1,12 @@ +rules: + +- name: Mailgun API Key + id: np.mailgun.1 + + pattern: '(?i)(?:mailgun|mg).{0,20}key-([a-z0-9]{32})\b' + + examples: + - "var apiKey = process.env.MAILGUN_API || 'key-46cebd38c59ac222e6cf991581411eaf'" + + references: + - https://documentation.mailgun.com/en/latest/api-intro.html#authentication-1 diff --git a/rules/rules/mapbox.yml b/rules/rules/mapbox.yml new file mode 100644 index 0000000..c400bc9 --- /dev/null +++ b/rules/rules/mapbox.yml @@ -0,0 +1,55 @@ +rules: + +- name: Mapbox Public Access Token + id: np.mapbox.1 + + # NOTE: `pk` tokens are public and have read-only access. + # `sk` tokens are secret and should never be shared. + # `tk` tokens are temporary access tokens. + pattern: '(?i)(?s)mapbox.{0,30}(pk\.[a-z0-9\-+/=]{32,128}\.[a-z0-9\-+/=]{20,30})(?:[^a-z0-9\-+/=]|$)' + + examples: + - | + mapboxApiKey: + 'pk.eyJ1Ijoia3Jpc3R3IiwiYSI6ImNqbGg1N242NTFlczczdnBcf99iMjgzZ2sifQ.lUneM-o3NucXN189EYyXxQ', + + references: + - https://docs.mapbox.com/api/accounts/tokens/#token-format + - https://docs.mapbox.com/help/getting-started/access-tokens/ + - https://docs.mapbox.com/help/troubleshooting/how-to-use-mapbox-securely + + +- name: Mapbox Secret Access Token + id: np.mapbox.2 + + # NOTE: `pk` tokens are public and have read-only access. + # `sk` tokens are secret and should never be shared. + # `tk` tokens are temporary access tokens. + pattern: '(?i)(?s)mapbox.{0,30}(sk\.[a-z0-9\-+/=]{32,128}\.[a-z0-9\-+/=]{20,30})(?:[^a-z0-9\-+/=]|$)' + + examples: + - " //mapboxgl.accessToken = 'sk.eyJ1Ijoic2hlbmdsaWgiLCJhIjCf99ttaWF5bDBsMGNlaDJubGZyMGUwZXNmaCJ9.eI8KXNm5zKZXOKh0c8u9vg';" + - 'export MAPBOX_SECRET_TOKEN=sk.eyJ1IjoiY2FwcGVsYWVyZSIsImEicf99c1BaTkZnIn0.P4lD1eHeSEx7AsBq1zbJ4g' + + references: + - https://docs.mapbox.com/api/accounts/tokens/#token-format + - https://docs.mapbox.com/help/getting-started/access-tokens/ + - https://docs.mapbox.com/help/troubleshooting/how-to-use-mapbox-securely + + +- name: Mapbox Temporary Access Token + id: np.mapbox.3 + + # NOTE: `pk` tokens are public and have read-only access. + # `sk` tokens are secret and should never be shared. + # `tk` tokens are temporary access tokens. + pattern: '(?i)(?s)mapbox.{0,30}(tk\.[a-z0-9\-+/=]{32,128}\.[a-z0-9\-+/=]{20,30})(?:[^a-z0-9\-+/=]|$)' + + examples: + - " //mapboxgl.accessToken = 'tk.eyJ1Ijoic2hlbmdsaWgiLCJhIjCf99ttaWF5bDBsMGNlaDJubGZyMGUwZXNmaCJ9.eI8KXNm5zKZXOKh0c8u9vg';" + - 'export MAPBOX_SECRET_TOKEN=tk.eyJ1IjoiY2FwcGVsYWVyZSIsImEicf99c1BaTkZnIn0.P4lD1eHeSEx7AsBq1zbJ4g' + + references: + - https://docs.mapbox.com/api/accounts/tokens/#token-format + - https://docs.mapbox.com/help/getting-started/access-tokens/ + - https://docs.mapbox.com/help/troubleshooting/how-to-use-mapbox-securely diff --git a/rules/rules/microsoft_teams.yml b/rules/rules/microsoft_teams.yml new file mode 100644 index 0000000..d4945f2 --- /dev/null +++ b/rules/rules/microsoft_teams.yml @@ -0,0 +1,32 @@ +rules: + +- name: Microsoft Teams Webhook + id: np.msteams.1 + + pattern: | + (?x)(?i) + ( + https:// + outlook\.office\.com/webhook/ + [a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12} + @ + [a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12} + /IncomingWebhook/ + [a-f0-9]{32} + / + [a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12} + ) + + examples: + - "//test //url = 'https://outlook.office.com/webhook/9da5da9c-4218-4c22-aed6-b5c8baebfff5@2f2b54b7-0141-4ba7-8fcd-ab7d17a60547/IncomingWebhook/1bf66ccbb8e745e791fa6e6de0cf465b/4361420b-8fde-48eb-b62a-0e34fec63f5c';" + - " [T2`https://outlook.office.com/webhook/fa4983ab-49ea-4c1b-9297-2658ea56164c@f784fbed-7fc7-4c7a-aae9-d2f387b67c5d/IncomingWebhook/4d2b3a16113d47b080b7a083b5a5e533/74f315eb-1dde-4731-b6b5-2524b77f2acd`](https://outlook.office.com/webhook/fe4183ab-49ea-4c1b-9297-2658ea56164c%2540f784fbed-7fc7-4c7a-aae9-d2f387b67c5d/IncomingWebhook/4d2b3a16003d47b080b7a083b5a5e533/74f315eb-1dde-4731-b6b5-2524b77f2acd)" + - 'curl -H "Content-Type: application/json" -d "{\"text\": \"Debut du script deploy.sh \"}" https://outlook.office.com/webhook/555aa7fc-ea71-4fb7-ae9e-755caa4404ed@72f988bf-86f1-41af-91ab-2d7cd011db47/IncomingWebhook/16085df23e564bb9076842605ede3af2/51dab674-ad95-4f0a-8964-8bdefc25b6d9' + - ' webhooks: https://outlook.office.com/webhook/2f92c502-7feb-4a6c-86f1-477271ae576f@990414fa-d0a3-42f5-b740-21d865a44a28/IncomingWebhook/54e43eb586f14aa9984d5c0bec3d5050/539ce6fa-e9aa-413f-a79b-fb7e8998fcac' + + # FIXME: this example probably should actually match + negative_examples: + - " office365ConnectorSend message: 'Execucao Concluida.', status: 'End', webhookUrl: 'https://outlook.office.com/webhook/82fc2788-c6f4-4507-a657-36c91eccfd87@93f33571-550f-43cf-b09f-cd33c338d086/JenkinsCI/4f3bbf41e81a4f36887a1a4d7cbfb2c6/82fa2788-c6f4-45c7-a657-36f91eccfd87'" + + references: + - https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/what-are-webhooks-and-connectors + - /~https://github.com/praetorian-inc/nuclei-templates/blob/main/exposures/tokens/microsoft/microsoft-teams-webhook.yaml diff --git a/rules/rules/netrc.yml b/rules/rules/netrc.yml new file mode 100644 index 0000000..e1f0012 --- /dev/null +++ b/rules/rules/netrc.yml @@ -0,0 +1,32 @@ +rules: + +- name: netrc Credentials + id: np.netrc.1 + + pattern: | + (?x) + (?: (machine \s+ [^\s]+) | default) + \s+ + login \s+ ([^\s]+) + \s+ + password \s+ ([^\s]+) + + references: + - https://everything.curl.dev/usingcurl/netrc + - https://devcenter.heroku.com/articles/authentication#api-token-storage + + examples: + - 'machine api.github.com login ziggy^stardust password 012345abcdef' + - | + ``` + machine raw.github.com + login visionmedia + password pass123 + ``` + + - | + """ + machine api.wandb.ai + login user + password 7cc938e45e63e9014f88f811be240ba0395c02dd + """ diff --git a/rules/rules/newrelic.yml b/rules/rules/newrelic.yml new file mode 100644 index 0000000..04acca0 --- /dev/null +++ b/rules/rules/newrelic.yml @@ -0,0 +1,184 @@ +rules: + +- name: New Relic License Key + id: np.newrelic.1 + + pattern: | + (?x)(?i) + \b + ([a-z0-9]{6}[a-f0-9]{30}nral) + \b + + references: + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#license-key + + examples: + - | + # Required license key associated with your New Relic account. + license_key: 033f2f2072ca3f2cb2ec39024fa9e49cd640NRAL + + # Your application name. Renaming here affects where data displays in New + + - ' license_key: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaNRAL' + - ' license: eu01xxaa7460e1ea3abdfbbbd36e85c10cd0NRAL' + + negative_examples: + - ' license_key: xxxxxxxxxxxxxxx' + - ' --set global.licenseKey=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8NRAL `' + + +- name: New Relic License Key (non-suffixed) + id: np.newrelic.2 + pattern: | + (?x)(?i) + associated\ with\ your\ New\ Relic\ account\.\s+ + license_key:\s* + ([a-f0-9]{40}) + \b + + references: + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#license-key + + examples: + - | + # Required license key associated with your New Relic account. + license_key: 0a14254db7a1e9d29c3370dacc798cb65d25c9af + + # Your application name. Renaming here affects where data displays in New + + negative_examples: + - | + # Required license key associated with your New Relic account. + license_key: 033f2f2072ca3f2cb2ec39019fa9e49cd640NRAL + + - | + license_key: '<%= ENV["NEW_RELIC_LICENSE_KEY"] %>' + + +- name: New Relic API Service Key + id: np.newrelic.3 + pattern: | + (?x)(?i) + \b + (nrak-[a-z0-9]{27}) + \b + + references: + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#user-key + + examples: + - " PS> Get-NR1Catalog -PersonalAPIKey 'NRAK-123456788ABCDEFGHIJKLMNOPQR'" + - ' placeholder="e.g: NRAK-CIH1YVYWKA9ZP6E49WP5XYJH1G9">' + - | + ENV NODE_ENV "production" + ENV PORT 8079 + #ENV NEW_RELIC_LICENSE_KEY=NRAK-7JCF597RJ492YP6MZWST3HWRNY2 + + +- name: New Relic Admin API Key + id: np.newrelic.4 + pattern: | + (?x)(?i) + \b + (nraa-[a-f0-9]{27}) + \b + + references: + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#admin-keys + + examples: + - 'admin_access:NRAA-4780f48c47df5882dbec3fd82c7' + + +- name: New Relic Insights Insert Key + id: np.newrelic.5 + pattern: | + (?x)(?i) + \b + (nrii-[a-z0-9_-]{32}) + (?: [^a-z0-9_-] | $) + + references: + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#insights-insert-key + + examples: + - ' insertKey: "NRII-3nbcrMjHHs0RrT3GhRNqpd16YVMFHdcI")' + - ' "Api-Key": "NRII-7a6SL_Pau5Dz923jEuBEylu3clzXzfby"' + + +- name: New Relic Insights Query Key + id: np.newrelic.6 + pattern: | + (?x)(?i) + \b + (nriq-[a-z0-9_-]{32}) + (?: [^a-z0-9_-] | $) + + references: + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#insights-query-key + + examples: + - ' "querykey": "NRIQ-pD-yUGl9Z3ACIJ89V-zGkhMxFJE5O121",' + + +- name: New Relic REST API Key + id: np.newrelic.7 + pattern: | + (?x)(?i) + \b + (nrra-[a-f0-9]{42}) + \b + + references: + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#rest-api-key + + examples: + - | + curl -X POST "https://api.newrelic.com/v2/applications/380836898/deployments.json" \ + -H "X-Api-Key:NRRA-e270623d47659ff6a48ac5bde6bba223bef47c8c26" \ + -i \ + -H "Content-Type: application/json" \ + -d "{ \"deployment\": { \"revision\": \"${rev}\" }}" + + +- name: New Relic Pixie API Key + id: np.newrelic.8 + pattern: | + (?x)(?i) + \b + (px-api-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}) + \b + + references: + - https://docs.px.dev/reference/admin/api-keys/ + + examples: + - 'MW_PX_DEPLOY_KEY=px-dep-f43ae612-dc8a-4049-9553-4af1b0e17620 MW_PX_API_KEY=px-api-c20a3cba-d3c9-45c1-a557-8864040b8f79' + + negative_examples: + - ' --set newrelic-pixie.apiKey=px-api-a1b2c3d4-e5f6-g7h8-i8j0-k0l3m3n4o0p5 `' + + +- name: New Relic Pixie Deploy Key + id: np.newrelic.9 + pattern: | + (?x)(?i) + \b + (px-dep-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}) + \b + + references: + - https://docs.px.dev/reference/admin/deploy-keys/ + + examples: + - 'MW_PX_DEPLOY_KEY=px-dep-f43ae612-dc8a-4049-9553-4af1b0e17620 MW_PX_API_KEY=px-api-c20a2cba-d3c9-45c1-a556-8864040b8f79' + + negative_examples: + - ' --set pixie-chart.deployKey=px-dep-d4c3b2a1-f6e5-h8g7-j1i8-p5o0n5m3l2k1 `' diff --git a/rules/rules/npm.yml b/rules/rules/npm.yml new file mode 100644 index 0000000..57151e2 --- /dev/null +++ b/rules/rules/npm.yml @@ -0,0 +1,23 @@ +rules: + +- name: NPM Access Token (fine-grained) + id: np.npm.1 + + pattern: | + (?x) + \b + (npm_[A-Za-z0-9]{36}) + \b + + references: + - https://docs.npmjs.com/about-access-tokens + - /~https://github.com/github/roadmap/issues/557 + - https://github.blog/changelog/2022-12-06-limit-scope-of-npm-tokens-with-the-new-granular-access-tokens/ + + examples: + - 'npm_TCllNwh2WLQlMWVhybM1iQrsTj6rMQ0BOh6d' + + # There are also NPM Legacy Access Tokens, which appear to be non-prefixed v4 UUIDs. + # Matching these would require a pattern that uses heuristics against surrounding context. + negative_examples: + - '-export NPM_TOKEN="007e65c7-635d-4d54-8294-f360cb8e2e3f"' diff --git a/rules/rules/nuget.yml b/rules/rules/nuget.yml new file mode 100644 index 0000000..f29959b --- /dev/null +++ b/rules/rules/nuget.yml @@ -0,0 +1,13 @@ +rules: + +- name: NuGet API Key + id: np.nuget.1 + + pattern: '\b(oy2[a-z0-9]{43})\b' + + references: + - https://docs.microsoft.com/en-us/nuget/nuget-org/publish-a-package#create-api-keys + + examples: + - 'nuget push %filename% oy2dgb333j35kjjybcf99yzxo7hjyloera4anxn4ivcvle -Source https://api.nuget.org/v3/index.json' + - 'find . -name "*.nupkg"|xargs -I {} dotnet nuget push "{}" --api-key oy2l53fxd7xcf99dnyrqewssedgopshuticofclpespbyi -s https://api.nuget.org/v3/index.json --skip-duplicate' diff --git a/rules/rules/odbc.yml b/rules/rules/odbc.yml new file mode 100644 index 0000000..383db82 --- /dev/null +++ b/rules/rules/odbc.yml @@ -0,0 +1,69 @@ +rules: + +- name: Credentials in ODBC Connection String + id: np.odbc.1 + + pattern: | + (?x)(?i) + (?: User | User\ Id | UserId | Uid) \s*=\s* ([^\s;]{3,100}) \s* ; + [ \t]* .{0,10} [ \t]* (?# possible extra stuff, e.g., string concatenation) + (?: Password | Pwd) \s*=\s* ([^\s;]{3,100}) \s* (?: [;"'] | $) + + examples: + - 'Server=host;Port=5432;User Id=username;Password=secret;Database=databasename;' + - 'Server=host;Port=5432;SomeOtherKey=SomeOtherValue;User Id=username;Password=secret;Database=databasename;' + - 'Data Source=190.190.200.100,1433;Network Library=DBMSSOCN;Initial Catalog=myDataBase;User ID=myUsername;Password=myPassword;' + - 'Data Source=190.190.200.100,1433;Network_library=DBMSSOCN;Initial Catalog=myDataBase;User ID=myUsername;Password=myPassword;' + - 'Provider=SQLNCLI;Server=myServerName,myPortNumber;Database=myDataBase;Uid=myUsername;Pwd=myPassword;' + - ' adoConn.Open("Provider=SQLOLEDB.1;User ID=specialbill_user; " & "Password =specialbill_user;Initial Catalog=SpecialBill_PROD;Data Source=uszdba01;")' + - | + "driver={SQL Server};server=(#{datastore['DBHOST']});database=#{datastore['DBNAME']};uid=#{datastore['DBUID']};pwd=#{datastore['DBPASSWORD']}" + + negative_examples: + - "def login(self, user = '', password = '', domain = ''):" + - | + if datastore['VERBOSE'] + text = '' + text << "User=#{username}, " + text << "Password=#{password}, " + text << "Domain=#{domain}, " + text << "Full Name=#{full_name}, " + text << "E-mail=#{e_mail}" + print_good(text) + - | + if (len < ulen + wlen + 2) + break; + user = (char *) (p + 1); + pwd = (char *) (p + ulen + 2); + p += ulen + wlen + 2; + + - | + /* Set default values */ + server = xmalloc(sizeof(*server)); + server->user = "anonymous"; + server->password = "busybox@"; + + - | + System.out.println("Here we go..."); + String url = "jdbc:msf:sql://127.0.0.1:8080/sample"; + String userid = "userid"; + String password = "password"; + + - | + char *domain = NULL; + char *user = NULL; + char *password = NULL; + + - | + + + references: + - https://docs.aws.amazon.com/redshift/latest/mgmt/configure-odbc-connection.html + - https://docs.microsoft.com/en-us/azure/data-explorer/kusto/api/connection-strings/kusto + - https://docs.microsoft.com/en-us/azure/mariadb/howto-connection-string + - https://docs.microsoft.com/en-us/azure/mysql/single-server/how-to-connection-string + - https://www.connectionstrings.com/ diff --git a/rules/rules/okta.yml b/rules/rules/okta.yml new file mode 100644 index 0000000..1cf9e79 --- /dev/null +++ b/rules/rules/okta.yml @@ -0,0 +1,32 @@ +rules: + +- name: Okta API Token + id: np.okta.1 + + # Note: looks like `00` followed by a 40-character base-62 payload. We are a + # bit more restrictive here, not allowing `-` at the end, so that we can use + # the word boundary `\b` zero-width assertion, and also requiring "okta" or + # "ssws" out front. + pattern: '(?i)(?s)(?:okta|ssws).{0,40}\b(00[a-z0-9_-]{39}[a-z0-9_])\b' + references: + - https://devforum.okta.com/t/api-token-length/5519 + - https://developer.okta.com/docs/guides/create-an-api-token/main/ + + examples: + - 'okta_api_token = 00aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' + - 'OKTA_API_KEY = "00-aaaaaaaaaaaaa-aaaaaaaaaaaaaaaaaaaaaaaaa"' + - 'okta_secret: 00QCjAl4MlV-WPXM-ABCDEFGHIJKL-0HmjFx-vbGua' + - 'Authorization: SSWS 00QCjAl4MlV-WPXM-ABCDEFGHIJKL-0HmjFx-vbGua' + - | + variable "corp_okta_api_token" { + default = "004EWTpRQT_HJtG_nL-agxacgzYHjxPcF99kJsFzWg" + } + + negative_examples: + - '000000000000000000000000000000000000000000' + - 'okta_api_token: 000000000000000000000000000000000000000000aa' + - 'okta: 00QCjAl4MlV-WPXM-ABCDEFGHIJKL-0HmjFx-vbGu--' + - 'okta_api_key: 00QCjAl4MlV-WPXM-ABCDEFGHIJKL-0HmjFx-vbGu-' + + +# FIXME: also add rules for Okta OAuth 2.0 tokens diff --git a/rules/rules/openai.yml b/rules/rules/openai.yml new file mode 100644 index 0000000..b703c93 --- /dev/null +++ b/rules/rules/openai.yml @@ -0,0 +1,18 @@ +rules: + +- name: OpenAI API Key + id: np.openai.1 + + pattern: | + (?x) + \b + (sk-[a-zA-Z0-9]{48}) + \b + + examples: + - | + curl https://api.openai.com/v1/images/generations -H 'Content-Type: application/json' -H "Authorization: Bearer sk-mxIt5s1tyfCJyIKHwrqOT4BlbkFJT3VVmv6VdSwB7XXIq1TO" + + references: + - https://platform.openai.com/docs/api-reference + - https://platform.openai.com/docs/api-reference/authentication diff --git a/rules/rules/pem.yml b/rules/rules/pem.yml new file mode 100644 index 0000000..0fae43b --- /dev/null +++ b/rules/rules/pem.yml @@ -0,0 +1,63 @@ +rules: + +# FIXME: add for `-----BEGIN CERTIFICATE-----` + +- name: PEM-Encoded Private Key + id: np.pem.1 + + # Note: This is intended to match many PEM-encoded base64 payloads + pattern: | + (?x) + -----BEGIN\ .{0,20}\ ?PRIVATE\ KEY\ ?.{0,20}----- + \s* + ( (?: [a-zA-Z0-9+/=\s"',] | \\r | \\n ) {50,} ) + \s* + -----END\ .{0,20}\ ?PRIVATE\ KEY\ ?.{0,20}----- + + references: + - https://en.wikipedia.org/wiki/Privacy-Enhanced_Mail + - https://datatracker.ietf.org/doc/html/rfc7468 + + examples: + - | + -----BEGIN RSA PRIVATE KEY----- + b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAlwAAAAdzc2gtcn + NhAAAAAwEAAQAAAIEAtDSHFO5tfN+jYMJuiNvBaplkSI3eFqKMLOvXyVu+dmSEic6xyKWQ + qjQiFpXogArvAq2tBxWOq7F+a6rNhDKdICD2amRwDHqKD1bzXVSZ5c1XnpCFsBiQaEyX2i + qyjScnntFHIpTCVHNxILDxsStocj64YS0C7hfCGVhft/Ts/O0AAAIQJOKnUyTip1MAAAAH + c3NoLXJzYQAAAIEAtDSHFO5tfN+jYMJuiNvBaplkSI3eFqKMLOvXyVu+dmSEic6xyKWQqj + QiFpXogArvAq2tBxWOq7F+a6rNhDKdICD2amRwDHqKD1bzXVSZ5c1XnpCFsBiQaEyX2iqy + jScnntFHIpTCVHNxILDxsStocj6Cf99C7hfCGVhft/Ts/O0AAAADAQABAAAAgBcaTN8gGi + VSPo3fH3CoS8mw1KyAk6JvQG1Z5xZHjsl65YsNVrmUkFFh0aT3nxEbVb0QKwineN0GKmD/ + Ss3R91a573gzli7TJPFCHhhBbE7FRC4KQMTc1/UANwFYQVcfZ4n9IVHr3jiWToSY3XbC66 + Zcd0sg+d+YRjIxUktuNFHBAAAAQQCOOKbSUJAWzcTDbxImwDCAfBMlEeMAnJrwobL/zxbT + GhKdnqnomoreFdYL8vOcOlwZG0hUKIA6AM1GsMzp6aCwAAAAQQDmAABpOQnkDy8v8kTDhP + dW3lAqRGOU4WRWj7WystQv/VjuJpceekhOyhNJBuNHDKZ3IT1agAZHIhhL+webE2S1AAAA + QQDIk4H1agCohlHUg50PcyKzE/zZ85Gw0ErTmgqIIGd4B1AqUtjwVe1qFoqHuZPtq2cbVF + 1HTHh6GX//J6rKWVJZAAAAGWJsYXJzZW5AYnJhZGZvcmRzLW1icC5sYW4B + -----END RSA PRIVATE KEY----- + + # Sometimes keys are written as string concatenation in source code; + # this rule can match those too. + - | + "-----BEGIN RSA PRIVATE KEY-----" + + "b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAlwAAAAdzc2gtcn" + + "NhAAAAAwEAAQAAAIEAtDSHFO5tfN+jYMJuiNvBaplkSI3eFqKMLOvXyVu+dmSEic6xyKWQ" + + "qjQiFpXogArvAq2tBxWOq7F+a6rNhDKdICD2amRwDHqKD1bzXVSZ5c1XnpCFsBiQaEyX2i" + + "qyjScnntFHIpTCVHNxILDxsStocj64YS0C7hfCGVhft/Ts/O0AAAIQJOKnUyTip1MAAAAH" + + "c3NoLXJzYQAAAIEAtDSHFO5tfN+jYMJuiNvBaplkSI3eFqKMLOvXyVu+dmSEic6xyKWQqj" + + "QiFpXogArvAq2tBxWOq7F+a6rNhDKdICD2amRwDHqKD1bzXVSZ5c1XnpCFsBiQaEyX2iqy" + + "jScnntFHIpTCVHNxILDxsStocj6Cf99C7hfCGVhft/Ts/O0AAAADAQABAAAAgBcaTN8gGi" + + "VSPo3fH3CoS8mw1KyAk6JvQG1Z5xZHjsl65YsNVrmUkFFh0aT3nxEbVb0QKwineN0GKmD/" + + "Ss3R91a573gzli7TJPFCHhhBbE7FRC4KQMTc1/UANwFYQVcfZ4n9IVHr3jiWToSY3XbC66" + + "Zcd0sg+d+YRjIxUktuNFHBAAAAQQCOOKbSUJAWzcTDbxImwDCAfBMlEeMAnJrwobL/zxbT" + + "GhKdnqnomoreFdYL8vOcOlwZG0hUKIA6AM1GsMzp6aCwAAAAQQDmAABpOQnkDy8v8kTDhP" + + "dW3lAqRGOU4WRWj7WystQv/VjuJpceekhOyhNJBuNHDKZ3IT1agAZHIhhL+webE2S1AAAA" + + "QQDIk4H1agCohlHUg50PcyKzE/zZ85Gw0ErTmgqIIGd4B1AqUtjwVe1qFoqHuZPtq2cbVF" + + "1HTHh6GX//J6rKWVJZAAAAGWJsYXJzZW5AYnJhZGZvcmRzLW1icC5sYW4B" + + "-----END RSA PRIVATE KEY-----" + + # Other times keys are embedded as literal strings in source code; + # this rule can match those too. + - | + "-----BEGIN RSA PRIVATE KEY-----\r\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAlwAAAAdzc2gtcn\r\nNhAAAAAwEAAQAAAIEAtDSHFO5tfN+jYMJuiNvBaplkSI3eFqKMLOvXyVu+dmSEic6xyKWQ\r\nqjQiFpXogArvAq2tBxWOq7F+a6rNhDKdICD2amRwDHqKD1bzXVSZ5c1XnpCFsBiQaEyX2i\r\nqyjScnntFHIpTCVHNxILDxsStocj64YS0C7hfCGVhft/Ts/O0AAAIQJOKnUyTip1MAAAAH\r\nc3NoLXJzYQAAAIEAtDSHFO5tfN+jYMJuiNvBaplkSI3eFqKMLOvXyVu+dmSEic6xyKWQqj\r\nQiFpXogArvAq2tBxWOq7F+a6rNhDKdICD2amRwDHqKD1bzXVSZ5c1XnpCFsBiQaEyX2iqy\r\njScnntFHIpTCVHNxILDxsStocj6Cf99C7hfCGVhft/Ts/O0AAAADAQABAAAAgBcaTN8gGi\r\nVSPo3fH3CoS8mw1KyAk6JvQG1Z5xZHjsl65YsNVrmUkFFh0aT3nxEbVb0QKwineN0GKmD/\r\nSs3R91a573gzli7TJPFCHhhBbE7FRC4KQMTc1/UANwFYQVcfZ4n9IVHr3jiWToSY3XbC66\r\nZcd0sg+d+YRjIxUktuNFHBAAAAQQCOOKbSUJAWzcTDbxImwDCAfBMlEeMAnJrwobL/zxbT\r\nGhKdnqnomoreFdYL8vOcOlwZG0hUKIA6AM1GsMzp6aCwAAAAQQDmAABpOQnkDy8v8kTDhP\r\ndW3lAqRGOU4WRWj7WystQv/VjuJpceekhOyhNJBuNHDKZ3IT1agAZHIhhL+webE2S1AAAA\r\nQQDIk4H1agCohlHUg50PcyKzE/zZ85Gw0ErTmgqIIGd4B1AqUtjwVe1qFoqHuZPtq2cbVF\r\n1HTHh6GX//J6rKWVJZAAAAGWJsYXJzZW5AYnJhZGZvcmRzLW1icC5sYW4B\r\n-----END RSA PRIVATE KEY-----" diff --git a/rules/rules/postman.yml b/rules/rules/postman.yml new file mode 100644 index 0000000..ade3583 --- /dev/null +++ b/rules/rules/postman.yml @@ -0,0 +1,18 @@ +rules: + +- name: Postman API Key + id: np.postman.1 + + pattern: | + (?x) + \b + (PMAK-[a-zA-Z0-9]{24}-[a-zA-Z0-9]{34}) + \b + + examples: + - "// ('x-api-key', 'PMAK-629c73facbc064567cbf6970-f56e8b4cd0bb14d00962f17afc158dc2a2')" + + references: + - https://learning.postman.com/docs/developer/intro-api/ + - https://learning.postman.com/docs/developer/postman-api/authentication/ + - https://learning.postman.com/docs/administration/managing-your-team/managing-api-keys/ diff --git a/rules/rules/psexec.yml b/rules/rules/psexec.yml new file mode 100644 index 0000000..61b7b0b --- /dev/null +++ b/rules/rules/psexec.yml @@ -0,0 +1,29 @@ +rules: + +- name: Credentials in PsExec + id: np.psexec.1 + + pattern: | + (?x) + (?i) + psexec .{0,100} + -u \s* (\S+) \s+ (?# username ) + -p \s* (\S+) (?# password ) + + examples: + - 'cmd.exe /C PSEXEC \\10.0.94.120 -u Administrator -p dev_admin CMD /C ECHO' + - 'PSEXEC.EXE \\LocalComputerIPAddress -u DOMAIN\my-user -p mypass CMD' + - 'psExec \\OAIJCTDU8024272 -u User -p $Password -i -d calc.exe' + - | + :: satmodel2 + %RUNTIMEDIR%\PsExec.exe \\satmodel2 -u SATMODEL2\MTCPB -p %nothing% -i 2 -c -f %TEMP%\psexec_helper.bat %RUNTIMEDIR% .\JavaOnly_runNode2.cmd + %RUNTIMEDIR%\pslist.exe \\satmodel2 java + if %ERRORLEVEL% NEQ 0 goto done + - | + ASSEMBLE THE BATCH FILE TO COPY THE FILE ACROSS THE DOMAIN + start PsExec.exe /accepteula @C:\share$\comps1.txt -u DOMAIN\ADMINISTRATOR -p PASSWORD cmd /c COPY "\PRIMARY DOMAIN CONTROLLER\share$\fx166.exe" "C:\windows\temp\" + SAVE IT AS "COPY.BAT" + - 'system("psexec \\\\192.168.3.77 -u Administrator -p braksha shutdown -r -f -t 0");' + + references: + - https://learn.microsoft.com/en-us/sysinternals/downloads/psexec diff --git a/rules/rules/pypi.yml b/rules/rules/pypi.yml new file mode 100644 index 0000000..274fc3c --- /dev/null +++ b/rules/rules/pypi.yml @@ -0,0 +1,32 @@ +rules: + +- name: PyPI Upload Token + id: np.pypi.1 + + # NOTE: these can actually be arbitrarily long + pattern: | + (?x) + \b + (pypi-AgEIcHlwaS5vcmc[a-zA-Z0-9_-]{50,}) + (?:[^a-zA-Z0-9_-]|$) + + references: + # GitHub Secrets Scanning implementation issue and discussion + - /~https://github.com/pypa/warehouse/issues/6051 + # A library that generates PyPI tokens (which are b64-encoded macaroons) + - https://pypi.org/project/pypitoken/ + # The library that PyPi uses in its backend? + - /~https://github.com/ecordell/pymacaroons + - https://en.wikipedia.org/wiki/Macaroons_(computer_science) + - /~https://github.com/pypa/warehouse/blob/82815b06d9f98deed5f205c66e054de59d22a10d/docs/development/token-scanning.rst + - https://research.google/pubs/pub41892/ + + examples: + - '# password = pypi-AgEIcHlwaS5vcmcCJDkwNzYwNzU1LWMwOTUtNGNkOC1iYjQzLTU3OWNhZjI1NDQ1MwACJXsicGVybWCf99lvbnMiOiAidXNlciIsICJ2ZXJzaW9uIjogMX0AAAYgSpW5PAywXvchMUQnkF5H6-SolJysfUvIWopMsxE4hCM' + - | + - name: Publish package + uses: pypa/gh-action-pypi-publish@27b31702a0e7fc50959f5ad993c78deac1bdfc29 + with: + user: santoshp + password: ${{ secrets.pypi-AgEIcHlwaS5vcmcCJDA1NTdiYzI2LTQ3N2QtNDAyYy04YzBjLTVmODU4ZTFkMjACf99COXsicGVybWlzc2lvbnMiOiB7InByb2plY3RzIjogWyJlbXB5cmlhbCJdfSwgInZlcnNpb24iOiAxfQAABiAx85KUjr83dNyI9uO0RVMmH7DKqoXNH4_rMkO5SQYItA}} + - 'password: pypi-AgEIcHlwaS5vcmcCJGExMDIxZjRhLTFhZDMtNDc4YS1iOWNmLWQwCf99OTIwZjFjNwACSHsicGVybWlzc2lvbnMiOiB7InByb2plY3RzIjogWyJkamFuZ28tY2hhbm5lbHMtanNvbnJwYyJdfSwgInZlcnNpb24iOiAxfQAABiBZg48cIBQt7HckwM4G3q-462xphsLbm7IZvjqMS4jvQw' diff --git a/rules/rules/react.yml b/rules/rules/react.yml new file mode 100644 index 0000000..790c637 --- /dev/null +++ b/rules/rules/react.yml @@ -0,0 +1,72 @@ +# These rules are designed to detect certain username and password patterns +# that sometimes appear within .env files used within React apps via the +# `create-react-app` program. +# +# Note that secrets are _not_ supposed to appear in such .env files, even if +# they are .gitignored, as the contents will be embedded within the generated +# React code (which is visible to clients). +# +# The variable names within one of these .env files are arbitrary, other than +# that they have to start with `REACT_APP_`. + + +rules: + + +- name: React App Username + id: np.reactapp.1 + + pattern: | + (?x)(?i) + \b + REACT_APP (?: _[A-Z0-9]+)* _USER (?: NAME)? (?# variable name ) + \s* = \s* + ['"]? + ( [^\s'"$]{3,} ) (?# value ) + (?: [\s'"$] | $ ) + + + references: + - https://create-react-app.dev/docs/adding-custom-environment-variables/ + - https://stackoverflow.com/questions/48699820/how-do-i-hide-an-api-key-in-create-react-app + + examples: + - '# REACT_APP_GUEST_USERNAME=guest' + - '# REACT_APP_USER=postgres' + - 'REACT_APP_AUTH_USER=postgres' + - 'REACT_APP_AUTH_USERNAME=bowie' + - ' REACT_APP_AUTH_USERNAME=bowie # some comment' + - 'REACT_APP_MAILER_USERNAME=smtp_username # Enter your SMTP email username' + + negative_examples: + - 'REACT_APP_FRONTEND_LOGIN_FORGOT_USERNAME=$REACT_APP_MATRIX_BASE_URL/classroom/#/forgot_username' + + +- name: React App Password + id: np.reactapp.2 + + pattern: | + (?x)(?i) + \b + REACT_APP (?: _[A-Z0-9]+)* _PASS (?: WORD)? (?# variable name ) + \s* = \s* + ['"]? + ( [^\s'"$]{6,} ) (?# value ) + (?: [\s'"$] | $ ) + + + references: + - https://create-react-app.dev/docs/adding-custom-environment-variables/ + - https://stackoverflow.com/questions/48699820/how-do-i-hide-an-api-key-in-create-react-app + + examples: + - '# REACT_APP_GUEST_PASSWORD=mycoin!1' + - '# REACT_APP_PASS=whiteduke' + - 'REACT_APP_AUTH_PASS=whiteduke' + - 'REACT_APP_AUTH_PASSWORD=whiteduke' + - ' REACT_APP_AUTH_PASSWORD=whiteduke # some comment' + - 'REACT_APP_MAILER_PASSWORD=smtp_password # Enter your SMTP email password' + + negative_examples: + - ' const password = process.env.REACT_APP_FIREBASE_DEV_PASSWORD || "not-set"' + - 'REACT_APP_FRONTEND_LOGIN_FORGOT_PASSWORD=$REACT_APP_MATRIX_BASE_URL/classroom/#/forgot_password' diff --git a/rules/rules/rubygems.yml b/rules/rules/rubygems.yml new file mode 100644 index 0000000..26e4823 --- /dev/null +++ b/rules/rules/rubygems.yml @@ -0,0 +1,19 @@ +rules: + +- name: RubyGems API Key + id: np.rubygems.1 + + pattern: | + (?x)(?i) + \b + (rubygems_[a-f0-9]{48}) + \b + + references: + - https://guides.rubygems.org/rubygems-org-api/ + - https://guides.rubygems.org/api-key-scopes/ + + examples: + - | + $ curl -H 'Authorization:rubygems_b9ce70c306b3a2e248679fbbbd66723d408d3c8c5f00566c' \ + https://rubygems.org/api/v1/web_hooks.json diff --git a/rules/rules/salesforce.yml b/rules/rules/salesforce.yml new file mode 100644 index 0000000..cf4169c --- /dev/null +++ b/rules/rules/salesforce.yml @@ -0,0 +1,30 @@ +rules: + +- name: Salesforce Access Token + id: np.salesforce.1 + pattern: | + (?x) + \b + ( + 00[a-zA-Z0-9]{13} (?# organization ID ) + ! + [a-zA-Z0-9._]{96} (?# opaque token ) + ) + (?: \b | $ | [^a-zA-Z0-9._] ) + + references: + - https://help.salesforce.com/s/articleView?id=sf.remoteaccess_access_tokens.htm&type=5 + - https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/quickstart_oauth.htm + + examples: + - 00DE0X0A0M0PeLE!CJoAQOx1GCLf1UIt4UU9y0VOPLUZAYN6I8DsdGEDyHh5cO02egObcAhIDHYiGCfi94c53oFbr4HB.xZfuYRGhvNuxobAAXRe + - | + === Org Description + KEY VALUE + ──────────────── ──────────────────────────────────────────────────────────────────────────────────────────────────────────────── + Access Token 00DE0X0A0M0PeLE!AQcAQH0dMHEXAMPLEzmpkb58urFRkgeBGsxL_QJWwYMfAbUeeG7c1EXAMPLEDUkWe6H34r1AAwOR8B8fLEz6nEXAMPLEAAAA + Client Id PlatformCLI + Connected Status Connected + Id 00D5fORGIDEXAMPLE + Instance Url https://MyDomainName.my.salesforce.com + Username juliet.capulet@empathetic-wolf-g5qddtr.com diff --git a/rules/rules/sauce.yml b/rules/rules/sauce.yml new file mode 100644 index 0000000..4ece959 --- /dev/null +++ b/rules/rules/sauce.yml @@ -0,0 +1,14 @@ +rules: + +- name: Sauce Token + id: np.sauce.1 + + pattern: '(?i)sauce.{0,50}\b([a-f0-9-]{36})\b' + + examples: + - | + - SAUCE_USERNAME=vitess + - SAUCE_ACCESS_KEY=2397f603-c2c4-4897-a8ca-587ace5dc8dd + + # FIXME: add references for this rule + # FIXME: review the stuff about tokens in https://docs.saucelabs.com/test-results/sharing-test-results and make sure this pattern is both good and comprehensive diff --git a/rules/rules/segment.yml b/rules/rules/segment.yml new file mode 100644 index 0000000..c1cc5ad --- /dev/null +++ b/rules/rules/segment.yml @@ -0,0 +1,17 @@ +rules: + +- name: Segment Public API Token + id: np.segment.1 + + pattern: | + (?x) + \b + (sgp_[a-zA-Z0-9]{64}) + \b + + references: + - https://segment.com/docs/api/public-api/ + - https://segment.com/blog/how-segment-proactively-protects-customer-api-tokens/ + + examples: + - '"token": "sgp_b8eaD5d9Ae59a15a407bb7C88350bc85dc959EBE8277883d50Bc84dc960eE826"' diff --git a/rules/rules/sendgrid.yml b/rules/rules/sendgrid.yml new file mode 100644 index 0000000..080a7d7 --- /dev/null +++ b/rules/rules/sendgrid.yml @@ -0,0 +1,13 @@ +rules: + +- name: SendGrid API Key + id: np.sendgrid.1 + + pattern: '\b(SG\.[0-9A-Za-z_-]{22}\.[0-9A-Za-z_-]{43})\b' + + examples: + - " 'SENDGRID_API_KEYSID': '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'" + - "var sendgrid = require('sendgrid')('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');" + + references: + - https://docs.sendgrid.com/ui/account-and-settings/api-keys diff --git a/rules/rules/shopify.yml b/rules/rules/shopify.yml new file mode 100644 index 0000000..635e167 --- /dev/null +++ b/rules/rules/shopify.yml @@ -0,0 +1,79 @@ +rules: + +- name: Shopify Domain + id: np.shopify.1 + catgegories: [identifier] + + pattern: | + (?x) + \b + ( + (?:[a-zA-Z0-9-]+\.)* [a-zA-Z0-9-]+ \.myshopify\.com + ) + \b + + references: + - https://help.shopify.com/en/manual/domains + + examples: + - 'handsomestranger.myshopify.com' + - 'store.handsomestranger.myshopify.com' + + +- name: Shopify App Secret + id: np.shopify.2 + catgegories: [secret] + + pattern: '\b(shpss_[a-fA-F0-9]{32})\b' + + references: + - https://shopify.dev/apps/auth + - https://shopify.dev/changelog/app-secret-key-length-has-increased + + examples: + - | + SHOPIFY_API_KEY='66eaacb546afcad32162d40acb6bd2b0' + SHOPIFY_API_SECRET_KEY='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' + - | + SHOPIFY_API_KEY: 38d5b9a8b6c0a3d3ad3f2c422c77db80 + SHOPIFY_API_SECRET: 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 + + +- name: Shopify Access Token (Public App) + id: np.shopify.3 + pattern: '\b(shpat_[a-fA-F0-9]{32})\b' + + references: + - https://shopify.dev/apps/auth + - https://shopify.dev/changelog/length-of-the-shopify-access-token-is-increasing + + examples: + - | + include('layouts/header.php'); + $shop = $_GET['shop']; + $token = "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"; + $query = array( + + +- name: Shopify Access Token (Custom App) + id: np.shopify.4 + pattern: '\b(shpca_[a-fA-F0-9]{32})\b' + + references: + - https://shopify.dev/apps/auth + - https://shopify.dev/changelog/length-of-the-shopify-access-token-is-increasing + + examples: + - "const TEMP_CONTENT = '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 handsomestranger.myshopify.com'" + + +- name: Shopify Access Token (Legacy Private App) + id: np.shopify.5 + pattern: '\b(shppa_[a-fA-F0-9]{32})\b' + + references: + - https://shopify.dev/apps/auth + - https://shopify.dev/changelog/length-of-the-shopify-access-token-is-increasing + + examples: + - 'SHOP_PASSWORD=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' diff --git a/rules/rules/slack.yml b/rules/rules/slack.yml new file mode 100644 index 0000000..89716cb --- /dev/null +++ b/rules/rules/slack.yml @@ -0,0 +1,111 @@ +rules: + +# XXX what are these? +# pattern: '\b(xoxa-[0-9]{12}-[0-9]{12}-[a-f0-9]{32})\b' +# pattern: '\b(xoxa-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-f0-9]{32})\b' +# pattern: '\b(xoxr-[0-9]{12}-[0-9]{12}-[a-z0-9]{24})\b' + +- name: Slack Bot Token + id: np.slack.2 + pattern: '\b(xoxb-[0-9]{12}-[0-9]{12}-[a-zA-Z0-9]{24})\b' + + references: + - https://api.slack.com/authentication + - https://api.slack.com/authentication/best-practices + - https://api.slack.com/authentication/token-types + + examples: + - 'SLACK_API_TOKEN=xoxb-893582989554-899326518131-JRHeVv1o9Cf99fwDpuortR2D' + + negative_examples: + - 'python log_announce.py xoxp-513768634356-513201028496-513937500594-185e196ace562dd6443b5d29b1d817c2 "This is a test run. Ignore"' + - | + this is the api token to connect to the bot user + + xoxb-153445930147-Tjy11gGxUW6Cf99YOYwtzG0K + - | + def send_slack_notification(message): + token = "xoxb-47834520726-N3otsrwj8Cf99cs8GhiRZsX1" + + +- name: Slack User Token + id: np.slack.4 + pattern: '\b(xoxp-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-f0-9]{32})\b' + + references: + - https://api.slack.com/authentication + - https://api.slack.com/authentication/best-practices + - https://api.slack.com/authentication/token-types + + examples: + - 'python log_announce.py xoxp-513768634356-513201028496-513937500594-185e196ace562dd6443b5d29b1d817c2 "This is a test run. Ignore"' + - 'curl -X POST -H "Content-type: application/json" -H "Authorization: Bearer xoxp-283316862324-298911817009-298923149681-44f585044dace54f5701618e97cd1c0b" --data @data.json https://wirecard-issuing.slack.com/api/chat.postMessage' + - ' url := "https://slack.com/api/channels.history?token=xoxp-113726990690-113803571044-155105854433-53ffb9d16ace50aa79aa1c425a68b131&channel=C4D8D3XMX&count=1&pretty=1"' + + negative_examples: + - | + this is the api token to connect to the bot user + + xoxb-153445930147-Tjy11gGxUW6Cf99YOYwtzG0K + - 'SLACK_API_TOKEN=xoxb-893582989554-899326518131-JRHeVv1o9Cf99fwDpuortR2D' + - | + def send_slack_notification(message): + token = "xoxb-47834520726-N3otsrwj8Cf99cs8GhiRZsX1" + + +- name: Slack App Token + id: np.slack.5 + pattern: '\b(xapp-[0-9]{12}-[a-zA-Z0-9/+]{24})\b' + + references: + - https://api.slack.com/authentication + - https://api.slack.com/authentication/best-practices + - https://api.slack.com/authentication/token-types + + examples: + - 'ENV SLACK_TOKEN="xapp-083452001657-ShAYwge/87H4lC3j7lZ48pAL" \' + +- name: Slack Legacy Bot Token + id: np.slack.6 + pattern: '\b(xoxb-[0-9]{10,13}-[a-zA-Z0-9]{24})\b' + + references: + - https://api.slack.com/authentication + - https://api.slack.com/authentication/best-practices + - https://api.slack.com/authentication/token-types + - https://api.slack.com/legacy/custom-integrations/legacy-tokens + + examples: + - | + this is the api token to connect to the bot user + + xoxb-153445930147-Tjy11gGxUW6Cf99YOYwtzG0K + - | + def send_slack_notification(message): + token = "xoxb-47834520726-N3otsrwj8Cf99cs8GhiRZsX1" + + negative_examples: + - 'SLACK_API_TOKEN=xoxb-893582989554-899326518131-JRHeVv1o9Cf99fwDpuortR2D' + - 'python log_announce.py xoxp-513768634356-513201028496-513937500594-185e196ace562dd6443b5d29b1d817c2 "This is a test run. Ignore"' + - 'curl -X POST -H "Content-type: application/json" -H "Authorization: Bearer xoxp-283316862324-298911817009-298923149681-44f585044dace54f5701618e97cd1c0b" --data @data.json https://wirecard-issuing.slack.com/api/chat.postMessage' + - ' url := "https://slack.com/api/channels.history?token=xoxp-113726990690-113803571044-155105854433-53ffb9d16ace50aa79aa1c425a68b131&channel=C4D8D3XMX&count=1&pretty=1"' + + +- name: Slack Webhook + id: np.slack.3 + pattern: '(?i)(https://hooks.slack.com/services/T[a-z0-9_]{8}/B[a-z0-9_]{8,12}/[a-z0-9_]{24})' + + references: + - https://api.slack.com/messaging/webhooks + + examples: + - '#notifications_marcus: https://hooks.slack.com/services/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' + - | + // Import and Configure Console.Slack (Thanks David <3) + // const slack = require('console-slack'); + // slack.options = { + // webhook : "https://hooks.slack.com/services/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", + // username: "console.slack.bot", + // emoji : ":trollface:", + // channel : "#payx-logs" + // }; diff --git a/rules/rules/sonarqube.yml b/rules/rules/sonarqube.yml new file mode 100644 index 0000000..a660efd --- /dev/null +++ b/rules/rules/sonarqube.yml @@ -0,0 +1,22 @@ +rules: + +- name: SonarQube Token + id: np.sonarqube.1 + + pattern: '(?i)sonar.{0,5}login.{0,5}\s*\b([a-f0-9]{40})\b' + + references: + - https://docs.sonarqube.org/latest/user-guide/user-token/ + + examples: + - 'sonar.host.url=https://sonarcloud.io -Dsonar.login=5524bf449ca45fcace54698371466398321f3a82' + - "sonar.login', '826de5590c75919a8317fdface58206eebe7ebbc" + - '$sonarLogin = "4924be8f51f3e738c97db2c4ace51db7e938f28b"' + + negative_examples: + - 'sonarqube-reporter-1.2.4.tgz#3b335d612137949d2f21fcc6c8c8164db7603227' + - 'sonarqube-reporter-1.4.0.tgz#eb9e15deb83e4ca532989df12b40fedd434ef89a' + - 'sonarqube-scanner/-/sonarqube-scanner-2.5.0.tgz#ff704cbddf355d38a52c5e9479d6bb5c1ff28eac' + - | + /d:sonar.host.url=$(SONAR_HOST) /d:sonar.login=$(SONAR_LOGIN) \ + /d:sonar.coverage.exclusions="**Tests*.cs" diff --git a/rules/rules/square.yml b/rules/rules/square.yml new file mode 100644 index 0000000..2fd2454 --- /dev/null +++ b/rules/rules/square.yml @@ -0,0 +1,26 @@ +rules: + +- name: Square Access Token + id: np.square.1 + pattern: '(?i)\b(sq0atp-[a-z0-9_-]{22})\b' + examples: + - ' personal access token sq0atp-qUlZzae8wVMc5P5NZdf5DA
' + - | + var applicationId = 'sq0idp-r34HdSnJVWaCesH3dnJrGA'; + var accessToken = 'sq0atp-RdSPeJa5qDMaCesxHOjeRQ'; + + +- name: Square OAuth Secret + id: np.square.2 + pattern: '(?i)\b(sq0csp-[a-z0-9_-]{43})\b' + examples: + - | + app_secret: sq0csp-VQgEphNJFVxfoEtJ1M_2KaCesfzP2_ugNWnlMPwZaZk + sandbox_app_id: sandbox-sq0idp-wWAaCesVx0PhRbXkdUUg9Q + sandbox_access_token: sandbox-sq0atb-KVmmWPaCesnJkFsvje76sQ + production_app_id: sq0idp-wWACO1oVx0aCesXkdUUg9Q + - | + private String accessTokenEndpoint = "https://connect.squareup.com/oauth2/token"; + private String baseURL = "https://connect.squareup.com"; + private String clientId = "sq0idp-Ux0S-9iMfaCeszTkDpSjDw"; + private String clientSecret = "sq0csp-lBGGHNQmcaCesLfa3x6W7jJj8SQ-Fx5Y0yQiCrUWM40"; diff --git a/rules/rules/stackhawk.yml b/rules/rules/stackhawk.yml new file mode 100644 index 0000000..2f5707b --- /dev/null +++ b/rules/rules/stackhawk.yml @@ -0,0 +1,12 @@ +rules: + +- name: StackHawk API Key + id: np.stackhawk.1 + + pattern: '\b(hawk\.[0-9A-Za-z_-]{20}\.[0-9A-Za-z_-]{20})\b' + + examples: + - 'HAWK_API_KEY="hawk.nHAOHdJjXoNyzAcTDC5M.R2gqQh2aCesrh0yCGB7q"' + + references: + - https://docs.stackhawk.com/web-app/ diff --git a/rules/rules/stripe.yml b/rules/rules/stripe.yml new file mode 100644 index 0000000..14a7901 --- /dev/null +++ b/rules/rules/stripe.yml @@ -0,0 +1,27 @@ +rules: + +# FIXME: also add an entry for stripe "Publishable Keys"? Those are public, but having it along with the secret key would be problematic. +# Example: STRIPE_PUBLISHABLE_KEY=pk_test_aQbfVWeaCesES5FRSY7iIjk9 + +- name: Stripe API Key + id: np.stripe.1 + + pattern: '(?i)\b((?:sk|rk)_live_[a-z0-9]{24})\b' + + references: + - https://stripe.com/docs/keys + + examples: + - 'Stripe.api_key = "sk_live_dhhfUUyfrAace5dBAZ10JrAD"' + - 'var stripe = require("stripe")("sk_live_qdyFazIVmace52bThiOzbEVT");' + +- name: Stripe API Test Key + id: np.stripe.2 + + pattern: '(?i)\b((?:sk|rk)_test_[a-z0-9]{24})\b' + + references: + - https://stripe.com/docs/keys + + examples: + - '//var stripe = require("stripe")("sk_test_nxOdTTuEace5Ajbh3svpG32m");' diff --git a/rules/rules/telegram.yml b/rules/rules/telegram.yml new file mode 100644 index 0000000..88bfcb6 --- /dev/null +++ b/rules/rules/telegram.yml @@ -0,0 +1,18 @@ +rules: + +- name: Telegram Bot Token + id: np.telegram.1 + + pattern: | + (?x) + \b + (\d+:AA[a-zA-Z0-9_-]{32,33}) + (?: [^a-zA-Z0-9_-] | $) + + examples: + - '4839574813:AAFD39kkdpWt3ywyRZergyOLMaJhac61qc' + - '4839574813:AAE4A6Rz0CSnIGzeu897OjQnjzsMEG2_uso' + + references: + - https://core.telegram.org/bots/api + - https://core.telegram.org/bots/features#botfather diff --git a/rules/rules/truenas.yml b/rules/rules/truenas.yml new file mode 100644 index 0000000..767439e --- /dev/null +++ b/rules/rules/truenas.yml @@ -0,0 +1,53 @@ +rules: + +- name: TrueNAS API Key (WebSocket) + id: np.truenas.1 + + pattern: | + (?x) + "params"\s*:\s*\[\s*" + (\d+-[a-zA-Z0-9]{64}) + "\s*\] + + examples: + - '{"id":"3286a508-a6ca-278a-c078-85b2b515d8d2", "msg":"method", "method":"auth.login_with_api_key", "params":["8-Lp22ov7halMBLUpG97Wg4y7fibQi3CW19VJiZcCu746zgCs0mdDdTCoOcpgEucgu"]}' + - '{"id":"677d9914-f598-f497-e77e-2a3aadbb822e", "msg":"method", "method":"auth.login_with_api_key", "params" : ["9-hTSZDBPyg0PjRZvWb8omoxJ7X2gAjRGmiPKql9ENGIUP9OPtEAzz5f6g9YIMVbZT"]}' + - '{"id":"2755dad4-cc12-94bb-a894-ba0f85c3fdbf", "msg":"method", "method":"auth.login_with_api_key", "params" : [ "10-6LZBVhNq8zze0rzXJptfSWDBoskWuThnQb3fUVw4sVNgJ7GKT3ITVIovhwPf34oL" ]}' + - | + { + "id": "2755dad4-cc12-94bb-a894-ba0f85c3fdbf", + "msg": "method", + "method": "auth.login_with_api_key", + "params": [ + "10-6LZBVhNq8zze0rzXJptfSWDBoskWuThnQb3fUVw4sVNgJ7GKT3ITVIovhwPf34oL" + ] + } + + references: + - https://www.truenas.com/docs/api/core_websocket_api.html + - https://www.truenas.com/docs/api/scale_rest_api.html + - https://www.truenas.com/docs/scale/scaletutorials/toptoolbar/managingapikeys/ + - https://www.truenas.com/docs/scale/scaleclireference/auth/cliapikey/ + - https://www.truenas.com/docs/scale/api/ + - https://www.truenas.com/community/threads/api-examples-in-perl-python.108053/ + +- name: TrueNAS API Key (REST API) + id: np.truenas.2 + + pattern: | + (?x) + Bearer\s* + (\d+-[a-zA-Z0-9]{64}) + \b + + examples: + # only "Bearer" is accepted by TrueNAS API (no "bearer" etc.) + - 'curl -X POST "http://192.168.0.30/api/v2.0/device/get_info" -H "Content-Type: application/json" -H "Authorization: Bearer 8-Lp22ov7halMBLUpG97Wg4y7fibQi3CW19VJiZcCu746zgCs0mdDdTCoOcpgEucgu" -d "\"SERIAL\""' + + references: + - https://www.truenas.com/docs/api/core_websocket_api.html + - https://www.truenas.com/docs/api/scale_rest_api.html + - https://www.truenas.com/docs/scale/scaletutorials/toptoolbar/managingapikeys/ + - https://www.truenas.com/docs/scale/scaleclireference/auth/cliapikey/ + - https://www.truenas.com/docs/scale/api/ + - https://www.truenas.com/community/threads/api-examples-in-perl-python.108053/ diff --git a/rules/rules/twilio.yml b/rules/rules/twilio.yml new file mode 100644 index 0000000..8793a39 --- /dev/null +++ b/rules/rules/twilio.yml @@ -0,0 +1,21 @@ +rules: + +- name: Twilio API Key + id: np.twilio.1 + + pattern: '(?i)twilio.{0,20}\b(sk[a-f0-9]{32})\b' + + examples: + - | + const twilioAccountSid = 'AC712594f590c0d8ace55c04858f7398f9' // Your Account SID from www.twilio.com/console + const twilioApiKeySID = 'SK9b4cc552783500ace5414a1ed3e9fd1a' + const twilioApiKeySecret = 'l6LUelKF2BUtMLace5oShZSmRppadYqI' + - | + // https://www.twilio.com/console/video/dev-tools/api-keys + 'API' => env('TWILIO_API','SK6e84981d07ace5c9df33e1ab043a2fb2'), + 'API_KEY' => env('TWILIO_API_KEY', 'wbTs1SUt6Aace5eKeNCxuYvJa6PhaRd0') + + references: + - https://www.twilio.com/docs/usage/api + - https://www.twilio.com/docs/usage/api#authenticate-with-http + - https://www.twilio.com/docs/usage/api#authenticate-using-the-twilio-sdks diff --git a/rules/rules/twitter.yml b/rules/rules/twitter.yml new file mode 100644 index 0000000..5e586f0 --- /dev/null +++ b/rules/rules/twitter.yml @@ -0,0 +1,53 @@ +rules: + +- name: Twitter Client ID + id: np.twitter.1 + + pattern: | + (?x)(?i) + \b twitter + .? + (?: api | app | application | client | consumer | customer )? + .? + (?: id | identifier | key ) + .{0,2} \s{0,20} .{0,2} \s{0,20} .{0,2} (?# string terminators, whitespace, binding operators, etc ) + \b ([a-z0-9]{18,25}) \b + + references: + - https://developer.twitter.com/en/docs/authentication/overview + + examples: + - ' TWITTER_ID: "DkWLqcP3ace3wHuJ7fiw",' + - | + # TWITTER_API_KEY = 'UZYoBAfBzNace3mBwPOGYw' + # TWITTER_API_SECRET = 'ngHaeaRPKA5BDQNXace3LWA1PvTA1kBGDaAJmc517E' + + +- name: Twitter Secret Key + id: np.twitter.2 + + pattern: | + (?x)(?i) + twitter + .? + (?: api | app | application | client | consumer | customer | secret | key ) + .? + (?: key | oauth | sec | secret )? + .{0,2} \s{0,20} .{0,2} \s{0,20} .{0,2} (?# string terminators, whitespace, binding operators, etc ) + \b ([a-z0-9]{35,44}) \b + + references: + - https://developer.twitter.com/en/docs/authentication/overview + + examples: + - | + # TWITTER_API_KEY = 'UZYoBAfBzNace3mBwPOGYw' + # TWITTER_API_SECRET = 'ngHaeaRPKA5BDQNXace3LWA1PvTA1kBGDaAJmc517E' + + # XXX It would be nice if this actually matched + negative_examples: + - | + Twitter(auth=OAuth('MjuHWoGbzYmJv3ZuHaBvSENfyevu00NQuBc40VM', + 'anJLBCOALCXl7aXeybmNA5oae9E03Cm23cKNMLaScuXwk', + 'kl3E14NQx84qxO1dy247V0b2W', + '5VFVXVMq9bDJzFAKPfWOiYmJZin2F7YLhSfoyLBXf6Bc9ngX3g')) diff --git a/rules/rules/wireguard.yml b/rules/rules/wireguard.yml new file mode 100644 index 0000000..15cc1f4 --- /dev/null +++ b/rules/rules/wireguard.yml @@ -0,0 +1,39 @@ +# These rules are specifically designed to identify WireGuard .conf files, +# with a focus on detecting private and preshared keys contained within them. + +rules: + +- name: WireGuard Private Key + id: np.wireguard.1 + + pattern: PrivateKey\s*=\s*([A-Za-z0-9+/]{43}=) + + examples: + - | + [Interface] + Address = 10.200.200.3/32 + PrivateKey = AsaFot43bfs1fEWjvtty+rGcjh3rP1H6sug1l3u19ix= + DNS = 8.8.8.8 + + references: + - https://www.wireguard.com/quickstart/ + - https://manpages.debian.org/testing/wireguard-tools/wg.8.en.html + - https://gist.github.com/lanceliao/5d2977f417f34dda0e3d63ac7e217fd6 + +- name: WireGuard Preshared Key + id: np.wireguard.2 + + pattern: PresharedKey\s*=\s*([A-Za-z0-9+/]{43}=) + + examples: + - | + [Peer] + PublicKey = [Server's public key] + PresharedKey = uRsfsZ2Ts1rach4Zv3hhwcx6wa5fuIo2u3w7sa+7j81= + AllowedIPs = 0.0.0.0/0, ::/0 + Endpoint = [Server Addr:Server Port] + + references: + - https://www.wireguard.com/quickstart/ + - https://manpages.debian.org/testing/wireguard-tools/wg.8.en.html + - https://gist.github.com/lanceliao/5d2977f417f34dda0e3d63ac7e217fd6 From 7552c9df5ea1db814b1906713a24dbe5baba4c1b Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Sat, 28 Sep 2024 01:19:52 -0400 Subject: [PATCH 10/14] Update config.example.yml --- config.example.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/config.example.yml b/config.example.yml index df55a41..dc00cf6 100644 --- a/config.example.yml +++ b/config.example.yml @@ -2,8 +2,14 @@ # DO NOT CHECK YOUR USERNAME AND PASSWORD INTO GIT! # Required +# Use with `--search-type api` flag +github_access_token: "API_TOKEN" + +# Use with `--search-type ui` flag github_username: "username" github_password: "your_password" + + # Optional (comment out if not using) # github_totp_seed: "ABCDEF1234567890" # Obtained via /~https://github.com/settings/security From 6fe3be05695ab0dc608141b74f6cff01069c4af6 Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Sat, 28 Sep 2024 01:21:19 -0400 Subject: [PATCH 11/14] Update config.example.yml --- config.example.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config.example.yml b/config.example.yml index dc00cf6..84773ca 100644 --- a/config.example.yml +++ b/config.example.yml @@ -6,8 +6,8 @@ github_access_token: "API_TOKEN" # Use with `--search-type ui` flag -github_username: "username" -github_password: "your_password" +#github_username: "username" +#github_password: "your_password" From 520f01764c47017af03300d68e8e84af626b3611 Mon Sep 17 00:00:00 2001 From: Tillson Galloway Date: Thu, 10 Oct 2024 20:45:46 +0000 Subject: [PATCH 12/14] Fix #69 (some URLs crash githound) --- internal/app/github.go | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/internal/app/github.go b/internal/app/github.go index 3d1dd10..e76ad3a 100644 --- a/internal/app/github.go +++ b/internal/app/github.go @@ -138,15 +138,27 @@ func GrabCSRFTokenBody(pageBody string) (token string, err error) { // DownloadRawFile downloads files from the githubusercontent CDN. func DownloadRawFile(client *http.Client, base string, searchResult RepoSearchResult) (data []byte, err error) { - resp, err := client.Get(base + "/" + searchResult.Raw) - if err != nil { - return nil, err - } - data, err = ioutil.ReadAll(resp.Body) - resp.Body.Close() - return data, err + // URL encode the path to handle any special characters + rawURL := url.PathEscape(searchResult.Raw) + + if strings.Contains(searchResult.Raw, "%") { + fmt.Println(searchResult.Raw + " contains % and is problem") + return []byte{}, err + } + + // Perform the GET request + resp, err := client.Get(base + "/" + rawURL) + if err != nil { + return nil, err + } + defer resp.Body.Close() + + // Read the response body + data, err = ioutil.ReadAll(resp.Body) + return data, err } + // RepoIsUnpopular uses stars/forks/watchers to determine the popularity of a repo. func RepoIsUnpopular(client *http.Client, result RepoSearchResult) bool { resp, err := client.Get("/~https://github.com/" + result.Repo) From 52b454759f4dcd3faacbc28009b41b17d016ccad Mon Sep 17 00:00:00 2001 From: tillson Date: Sat, 4 Jan 2025 23:57:50 -0500 Subject: [PATCH 13/14] Finish implementing new rules selector --- .gitignore | 2 + README.md | 74 ++- cmd/root.go | 91 +++- go.mod | 1 + go.sum | 2 + internal/app/regex_decoder.go | 15 +- internal/app/search_api.go | 2 +- rules/rules-gitleaks.toml | 480 ++++++++++++++++++ rules/{rules => rules-noseyparker}/adobe.yml | 0 rules/{rules => rules-noseyparker}/age.yml | 0 .../artifactory.yml | 0 rules/{rules => rules-noseyparker}/aws.yml | 0 rules/{rules => rules-noseyparker}/azure.yml | 0 .../codeclimate.yml | 0 .../crates.io.yml | 0 .../dependency_track.yml | 0 .../digitalocean.yml | 0 .../dockerconfig.yml | 0 .../dockerhub.yml | 0 .../{rules => rules-noseyparker}/doppler.yml | 0 .../{rules => rules-noseyparker}/dropbox.yml | 0 .../dynatrace.yml | 0 .../{rules => rules-noseyparker}/facebook.yml | 0 rules/{rules => rules-noseyparker}/figma.yml | 0 .../{rules => rules-noseyparker}/generic.yml | 0 rules/{rules => rules-noseyparker}/github.yml | 0 rules/{rules => rules-noseyparker}/gitlab.yml | 0 rules/{rules => rules-noseyparker}/google.yml | 0 rules/{rules => rules-noseyparker}/gradle.yml | 0 .../{rules => rules-noseyparker}/grafana.yml | 0 rules/{rules => rules-noseyparker}/hashes.yml | 0 rules/{rules => rules-noseyparker}/heroku.yml | 0 .../huggingface.yml | 0 .../{rules => rules-noseyparker}/jenkins.yml | 0 rules/{rules => rules-noseyparker}/jwt.yml | 0 .../{rules => rules-noseyparker}/linkedin.yml | 0 .../mailchimp.yml | 0 .../{rules => rules-noseyparker}/mailgun.yml | 0 rules/{rules => rules-noseyparker}/mapbox.yml | 0 .../microsoft_teams.yml | 0 rules/{rules => rules-noseyparker}/netrc.yml | 0 .../{rules => rules-noseyparker}/newrelic.yml | 0 rules/{rules => rules-noseyparker}/npm.yml | 0 rules/{rules => rules-noseyparker}/nuget.yml | 0 rules/{rules => rules-noseyparker}/odbc.yml | 0 rules/{rules => rules-noseyparker}/okta.yml | 0 rules/{rules => rules-noseyparker}/openai.yml | 0 rules/{rules => rules-noseyparker}/pem.yml | 0 .../{rules => rules-noseyparker}/postman.yml | 0 rules/{rules => rules-noseyparker}/psexec.yml | 0 rules/{rules => rules-noseyparker}/pypi.yml | 0 rules/{rules => rules-noseyparker}/react.yml | 0 .../{rules => rules-noseyparker}/rubygems.yml | 0 .../salesforce.yml | 0 rules/{rules => rules-noseyparker}/sauce.yml | 0 .../{rules => rules-noseyparker}/segment.yml | 0 .../{rules => rules-noseyparker}/sendgrid.yml | 0 .../{rules => rules-noseyparker}/shopify.yml | 0 rules/{rules => rules-noseyparker}/slack.yml | 0 .../sonarqube.yml | 0 rules/{rules => rules-noseyparker}/square.yml | 0 .../stackhawk.yml | 0 rules/{rules => rules-noseyparker}/stripe.yml | 0 .../{rules => rules-noseyparker}/telegram.yml | 0 .../{rules => rules-noseyparker}/truenas.yml | 0 rules/{rules => rules-noseyparker}/twilio.yml | 0 .../{rules => rules-noseyparker}/twitter.yml | 0 .../wireguard.yml | 0 rules/rules-regexlist.txt | 1 + 69 files changed, 601 insertions(+), 67 deletions(-) create mode 100644 rules/rules-gitleaks.toml rename rules/{rules => rules-noseyparker}/adobe.yml (100%) rename rules/{rules => rules-noseyparker}/age.yml (100%) rename rules/{rules => rules-noseyparker}/artifactory.yml (100%) rename rules/{rules => rules-noseyparker}/aws.yml (100%) rename rules/{rules => rules-noseyparker}/azure.yml (100%) rename rules/{rules => rules-noseyparker}/codeclimate.yml (100%) rename rules/{rules => rules-noseyparker}/crates.io.yml (100%) rename rules/{rules => rules-noseyparker}/dependency_track.yml (100%) rename rules/{rules => rules-noseyparker}/digitalocean.yml (100%) rename rules/{rules => rules-noseyparker}/dockerconfig.yml (100%) rename rules/{rules => rules-noseyparker}/dockerhub.yml (100%) rename rules/{rules => rules-noseyparker}/doppler.yml (100%) rename rules/{rules => rules-noseyparker}/dropbox.yml (100%) rename rules/{rules => rules-noseyparker}/dynatrace.yml (100%) rename rules/{rules => rules-noseyparker}/facebook.yml (100%) rename rules/{rules => rules-noseyparker}/figma.yml (100%) rename rules/{rules => rules-noseyparker}/generic.yml (100%) rename rules/{rules => rules-noseyparker}/github.yml (100%) rename rules/{rules => rules-noseyparker}/gitlab.yml (100%) rename rules/{rules => rules-noseyparker}/google.yml (100%) rename rules/{rules => rules-noseyparker}/gradle.yml (100%) rename rules/{rules => rules-noseyparker}/grafana.yml (100%) rename rules/{rules => rules-noseyparker}/hashes.yml (100%) rename rules/{rules => rules-noseyparker}/heroku.yml (100%) rename rules/{rules => rules-noseyparker}/huggingface.yml (100%) rename rules/{rules => rules-noseyparker}/jenkins.yml (100%) rename rules/{rules => rules-noseyparker}/jwt.yml (100%) rename rules/{rules => rules-noseyparker}/linkedin.yml (100%) rename rules/{rules => rules-noseyparker}/mailchimp.yml (100%) rename rules/{rules => rules-noseyparker}/mailgun.yml (100%) rename rules/{rules => rules-noseyparker}/mapbox.yml (100%) rename rules/{rules => rules-noseyparker}/microsoft_teams.yml (100%) rename rules/{rules => rules-noseyparker}/netrc.yml (100%) rename rules/{rules => rules-noseyparker}/newrelic.yml (100%) rename rules/{rules => rules-noseyparker}/npm.yml (100%) rename rules/{rules => rules-noseyparker}/nuget.yml (100%) rename rules/{rules => rules-noseyparker}/odbc.yml (100%) rename rules/{rules => rules-noseyparker}/okta.yml (100%) rename rules/{rules => rules-noseyparker}/openai.yml (100%) rename rules/{rules => rules-noseyparker}/pem.yml (100%) rename rules/{rules => rules-noseyparker}/postman.yml (100%) rename rules/{rules => rules-noseyparker}/psexec.yml (100%) rename rules/{rules => rules-noseyparker}/pypi.yml (100%) rename rules/{rules => rules-noseyparker}/react.yml (100%) rename rules/{rules => rules-noseyparker}/rubygems.yml (100%) rename rules/{rules => rules-noseyparker}/salesforce.yml (100%) rename rules/{rules => rules-noseyparker}/sauce.yml (100%) rename rules/{rules => rules-noseyparker}/segment.yml (100%) rename rules/{rules => rules-noseyparker}/sendgrid.yml (100%) rename rules/{rules => rules-noseyparker}/shopify.yml (100%) rename rules/{rules => rules-noseyparker}/slack.yml (100%) rename rules/{rules => rules-noseyparker}/sonarqube.yml (100%) rename rules/{rules => rules-noseyparker}/square.yml (100%) rename rules/{rules => rules-noseyparker}/stackhawk.yml (100%) rename rules/{rules => rules-noseyparker}/stripe.yml (100%) rename rules/{rules => rules-noseyparker}/telegram.yml (100%) rename rules/{rules => rules-noseyparker}/truenas.yml (100%) rename rules/{rules => rules-noseyparker}/twilio.yml (100%) rename rules/{rules => rules-noseyparker}/twitter.yml (100%) rename rules/{rules => rules-noseyparker}/wireguard.yml (100%) create mode 100644 rules/rules-regexlist.txt diff --git a/.gitignore b/.gitignore index 25e3351..df8c640 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ git-hound .goreleaser.yaml dist/ +.venv +output* diff --git a/README.md b/README.md index d3f9f21..799aee9 100644 --- a/README.md +++ b/README.md @@ -43,7 +43,7 @@ GitHound utilizes a database of API key regexes maintained by the [Gitleaks](htt Knowing the pattern for a specific service's API keys enables you to search GitHub for these keys. You can then pipe matches for your custom key regex into your own script to test the API key against the service and to identify the at-risk account. -`echo "api.halcorp.biz" | githound --dig-files --dig-commits --many-results --regex-file halcorp-api-regexes.txt --results-only | python halapitester.py` +`echo "api.halcorp.biz" | githound --dig-files --dig-commits --many-results --rules halcorp-api-regexes.txt --results-only | python halapitester.py` For detecting future API key leaks, GitHub offers [Push Token Scanning](https://help.github.com/en/articles/about-token-scanning) to immediately detect API keys as they are posted. @@ -62,34 +62,43 @@ For files that encode secrets, decodes base64 strings and searches the encoded s Check out this [blog post](https://tillsongalloway.com/finding-sensitive-information-on-github/) for more details on use cases and methodologies. ## Flags +GitHound makes it easy to find exposed API keys on GitHub using pattern matching, targetted querying, and a robust scoring system. ``` Usage: githound [flags] Flags: - --config-file string Supply the path to a config file. - --debug Enables verbose debug logging. - --dig-commits Dig through commit history to find more secrets (CPU intensive). - --dig-files Dig through the repo's files to find more secrets (CPU intensive). - --filtered-only Only print filtered results (language files) - --github-repo Search in a specific Github Repo only. - -h, --help help for githound - --json Print results in JSON format - --language-file string Supply your own list of languages to search (java, python). - --legacy Use the legacy search method. - --many-results Search >100 pages with filtering hack - --no-api-keys Don't search for generic API keys. - --no-files Don't search for interesting files. - --no-gists Don't search Gists - --no-keywords Don't search for built-in keywords - --no-repos Don't search repos - --no-scoring Don't use scoring to filter out false positives. - --otp-code string Github account 2FA token used for sign-in. (Only use if you have 2FA enabled on your account via authenticator app) - --pages int Maximum pages to search per query (default 100) - --regex-file string Path to a list of regexes. (default "rules.toml") - --results-only Only print match strings. - --subdomain-file string A file containing a list of subdomains (or other queries). - --threads int Threads to dig with (default 20) + --query string A query stiing (alternativ, pass through stdin) + --config-file string Supply the path to a config file. + --json Print results in JSON format + --rules string Path to a list of regexes or a GitLeaks rules folder. + -h, --help help for githound + + --pages int Maximum pages to search per query (default 100) + --github-repo Search in a specific Github Repo only. + --fast Skip file grepping and only return search preview + --all-results Print all results, even if they do not contain secrets + --many-results Search >100 pages with results sorting hack + + --dig-commits Dig through commit history to find more secrets (CPU intensive). + --dig-files Dig through the repo's files to find more secrets (CPU intensive). + --threads int Threads to dig with (default 20)``` + + --results-only Only print match strings. + --search-type api Search interface (api or `ui`). API requires api_key in config, UI requires username/password + + --otp-code string Github account 2FA token used for sign-in. (Only use if you have 2FA enabled on your account via authenticator app) + + --query-file string A file containing a list of subdomains (or other queries). + --filtered-only Only print filtered results (language files) + --debug Enables verbose debug logging. + + --no-api-keys Don't search for generic API keys. + --no-files Don't search for interesting files. + --no-gists Don't search Gists + --no-keywords Don't search for built-in keywords + --no-repos Don't search repos + --no-scoring Don't use scoring to filter out false positives. ``` ## Development @@ -146,23 +155,10 @@ docker run -v /path/to/config.yaml:/root/.githound/config.yaml -v $(pwd)/data:/d Replace `/path/to/config.yaml` with the actual path to your `config.yaml` file. The `-v $(pwd)/data:/data` part mounts a directory containing your input files (`subdomains.txt`) into the container. -#### Notes -- Ensure your `config.yaml` and input files' paths are correct when running the Docker container. -- This setup assumes `git-hound` is compatible with the provided configuration and command-line arguments. -- For any updates or changes to `git-hound`, rebuild the Docker image. - --- - -## User feedback - -These are discussions about how people use GitHound in their workflows and how we can GitHound to fufill those needs. If you use GitHound, consider leaving a note in one of the active issues. -[List of issues requesting user feedback](/~https://github.com/tillson/git-hound/issues?q=is%3Aissue+is%3Aopen+label%3A%22user+feedback+requested%22) - -## 💰 Premium Monitoring & Engagements -Would you like to gain greater visibility into your company's GitHub presence? We use GitHound as one small part of a larger system that can find credential leaks and sensitive/proprietary information across open-source websites like GitHub and DockerHub. We offer continuous monitoring services of *all of GitHub* (not just accounts you know are held by employees!) and red-team engagements/consulting services. - -Reach out here to learn more: https://secretsurfer.xyz. +## Premium Support Options +Bug fixes and occasional feature enhancements are provided open-source. Technical support and integration requests are available at a rate of 35 USD/hour and can be arranged by contacting tillson@secretsurfer.xyz. ## References diff --git a/cmd/root.go b/cmd/root.go index 6d6a1e5..728ddc7 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -7,6 +7,7 @@ import ( "os" "path/filepath" + "github.com/GRbit/go-pcre" "github.com/fatih/color" "github.com/spf13/viper" "golang.org/x/crypto/ssh/terminal" @@ -14,6 +15,7 @@ import ( "strings" + "github.com/BurntSushi/toml" "github.com/spf13/cobra" "github.com/tillson/git-hound/internal/app" @@ -27,7 +29,9 @@ func InitializeFlags() { rootCmd.PersistentFlags().StringVar(&app.GetFlags().Query, "query", "", "A query stiing (default: stdin)") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().DigRepo, "dig-files", false, "Dig through the repo's files to find more secrets (CPU intensive).") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().DigCommits, "dig-commits", false, "Dig through commit history to find more secrets (CPU intensive).") - rootCmd.PersistentFlags().StringVar(&app.GetFlags().RegexFile, "regex-file", "rules.toml", "Path to a list of regexes.") + rootCmd.PersistentFlags().StringVar(&app.GetFlags().RegexFile, "rules", "rules/rules-noseyparker", "Path to a list of regexes or a GitLeaks rules folder.") + rootCmd.PersistentFlags().StringVar(&app.GetFlags().RegexFile, "regex-file", "rules/rules-noseyparker", "Alias for the 'rules' flag.") + rootCmd.PersistentFlags().MarkHidden("regex-file") rootCmd.PersistentFlags().StringVar(&app.GetFlags().ConfigFile, "config-file", "", "Supply the path to a config file.") rootCmd.PersistentFlags().IntVar(&app.GetFlags().Pages, "pages", 100, "Maximum pages to search per query") rootCmd.PersistentFlags().BoolVar(&app.GetFlags().GithubRepo, "github-repo", false, "Search in a specific Github Repo only.") @@ -88,6 +92,8 @@ var rootCmd = &cobra.Command{ } var allRules []app.Rule + // fmt.Println(app.GetFlags().RegexFile) + // If rules is a directory, load all rules files in GitLeaks YML format if fileInfo, err := os.Stat(app.GetFlags().RegexFile); err == nil && fileInfo.IsDir() { files, err := ioutil.ReadDir(app.GetFlags().RegexFile) if err != nil { @@ -95,17 +101,22 @@ var rootCmd = &cobra.Command{ os.Exit(1) } for _, file := range files { - if filepath.Ext(file.Name()) == ".yml" || filepath.Ext(file.Name()) == ".yaml" { - filePath := filepath.Join(app.GetFlags().RegexFile, file.Name()) - rules := LoadRegexFile(filePath) - allRules = append(allRules, rules...) - } + // if filepath.Ext(file.Name()) == ".yml" || filepath.Ext(file.Name()) == ".yml" { + filePath := filepath.Join(app.GetFlags().RegexFile, file.Name()) + rules := LoadRegexFile(filePath) + allRules = append(allRules, rules...) + // } } app.GetFlags().TextRegexes = append(app.GetFlags().TextRegexes, allRules...) } else { + // Otherwise, resort to regex list in txt file or legacy TOML files rules := LoadRegexFile(app.GetFlags().RegexFile) allRules = append(allRules, rules...) } + if len(allRules) == 0 { + color.Yellow("[!] 0 rules loaded. Using an empty ruleset may result in lousy performance. Consider using one of the rulesets provided with the GitHound installation or available from /~https://github.com/tillson/git-hound.") + } + app.GetFlags().TextRegexes = allRules // fmt.Println(app.GetFlags().TextRegexes) @@ -131,26 +142,66 @@ var rootCmd = &cobra.Command{ func LoadRegexFile(path string) []app.Rule { file, err := os.OpenFile(path, os.O_RDONLY, 0600) if err != nil { - fmt.Errorf("Error opening file %v: %v", app.GetFlags().RegexFile, err) - os.Exit(1) + color.Yellow("[!} Error opening rules file %v: %v", app.GetFlags().RegexFile+"", err) } defer file.Close() - if err != nil { - fmt.Errorf("Error opening file %v: %v", app.GetFlags().RegexFile, err) - os.Exit(1) - } - dec := yaml.NewDecoder(file) - rule_config := app.RuleConfig{} - err = dec.Decode(&rule_config) + ruleConfig := app.RuleConfig{} + err = dec.Decode(&ruleConfig) if err != nil { - fmt.Println(err) - // fmt.Errorf("Error loading config file %v: %v", app.GetFlags().RegexFile, err) - os.Exit(1) + _, err := toml.DecodeFile(path, &ruleConfig) + + if err != nil { + // fmt.Println("Resorting to .txt") + file, _ := os.Open(path) + defer file.Close() + scanner := bufio.NewScanner(file) + idCount := 1 + + for scanner.Scan() { + line := scanner.Text() + // fmt.Println(line) + // Assuming each line is a regex pattern, we create a Rule from it + compiled, err := pcre.Compile(line, 0) + if err != nil { + fmt.Printf("Unable to parse regex `%s` in TXT file.\n", line) + continue + } + + // Create a new rule + rule := app.Rule{ + ID: fmt.Sprintf("Rule-%d", idCount), // Incremental ID + Pattern: app.RegexWrapper{RegExp: compiled}, + StringPattern: line, // Store the original pattern as StringPattern + Description: fmt.Sprintf("Description for Rule-%d", idCount), // Incremental description + SmartFiltering: false, // Default to false, you can modify if needed + } + + // Add the rule to the config + ruleConfig.Rules = append(ruleConfig.Rules, rule) + + idCount++ // Increment the rule ID counter + } + } else { + // Convert StringPattern to Pattern for TOML + for i, rule := range ruleConfig.Rules { + if rule.StringPattern != "" { + compiled, err := pcre.Compile(rule.StringPattern, 0) + if err != nil { + // fmt.Println("Unable to parse regex `" + rule.StringPattern + "` in TOML file.") + } + ruleConfig.Rules[i].Pattern = app.RegexWrapper{RegExp: compiled} + + } + } + // fmt.Println("Parsed as TOML") + } + } else { + // fmt.Println("Parsed as YML") } // fmt.Println(2) - return rule_config.Rules + return ruleConfig.Rules } @@ -183,7 +234,7 @@ func ReadConfig() { err := viper.ReadInConfig() if err != nil { if app.GetFlags().ConfigFile != "" { - color.Red("[!] '" + app.GetFlags().ConfigFile + "' was not found. Please check the file path and try again.") + color.Red("[!] Config file '" + app.GetFlags().ConfigFile + "' was not found. Please specify a correct config path with `--config-file`.") } else { color.Red("[!] config.yml was not found. Please ensure config.yml exists in current working directory or $HOME/.githound/, or use flag `--config [config_path]`.") diff --git a/go.mod b/go.mod index cd87033..85efd98 100644 --- a/go.mod +++ b/go.mod @@ -16,6 +16,7 @@ require ( ) require ( + github.com/GRbit/go-pcre v1.0.1 // indirect github.com/Microsoft/go-winio v0.5.2 // indirect github.com/ProtonMail/go-crypto v0.0.0-20220517143526-88bb52951d5b // indirect github.com/acomagu/bufpipe v1.0.3 // indirect diff --git a/go.sum b/go.sum index c481dff..dd46a23 100644 --- a/go.sum +++ b/go.sum @@ -40,6 +40,8 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03 github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak= github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/GRbit/go-pcre v1.0.1 h1:8F7Wj1rxIq8ejKSXVVW2wE+4I4VnZbuOemrMk8kn3hc= +github.com/GRbit/go-pcre v1.0.1/go.mod h1:0g7qVGbMpd2Odevd92x1RpaLpR3c3F/Gv2HEnI7CwEA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= diff --git a/internal/app/regex_decoder.go b/internal/app/regex_decoder.go index 23ef7a8..2c2d153 100644 --- a/internal/app/regex_decoder.go +++ b/internal/app/regex_decoder.go @@ -7,21 +7,22 @@ import ( ) type RuleConfig struct { - Rules []Rule `yaml:"rules"` + Rules []Rule `yaml:"rules,omitempty"` } type Rule struct { - ID string `yaml:"id"` - Pattern regexwrapper `yaml:"pattern"` - Description string `yaml:"name"` - SmartFiltering bool `yaml:"smart_filtering"` + ID string `yaml:"id" toml:"id"` + Pattern RegexWrapper `yaml:"pattern"` + StringPattern string `toml:"regex"` + Description string `yaml:"name" toml:"description"` + SmartFiltering bool `yaml:"smart_filtering" toml:"smart_filtering"` } -type regexwrapper struct { +type RegexWrapper struct { RegExp pcre.Regexp } -func (r *regexwrapper) UnmarshalYAML(unmarshal func(interface{}) error) error { +func (r *RegexWrapper) UnmarshalYAML(unmarshal func(interface{}) error) error { var patternText string // First, unmarshal the text as a string if err := unmarshal(&patternText); err != nil { diff --git a/internal/app/search_api.go b/internal/app/search_api.go index a43a579..0c6d1c2 100644 --- a/internal/app/search_api.go +++ b/internal/app/search_api.go @@ -55,7 +55,7 @@ func SearchWithAPI(queries []string) { backoff = backoff / 1.5 backoff = math.Max(1, backoff) if !GetFlags().ResultsOnly && !GetFlags().JsonOutput { - fmt.Println("Found " + strconv.Itoa(result.GetTotal()) + " matching repos on page " + strconv.Itoa(page) + "...") + fmt.Println("Analyzing " + strconv.Itoa(result.GetTotal()) + " repos on page " + strconv.Itoa(page+1) + "...") } for _, code_result := range result.CodeResults { // fmt.Println(*code_result.GetRepository()) diff --git a/rules/rules-gitleaks.toml b/rules/rules-gitleaks.toml new file mode 100644 index 0000000..6f3d7a7 --- /dev/null +++ b/rules/rules-gitleaks.toml @@ -0,0 +1,480 @@ +[[rules]] +description = "Generic API Key" +id = "generic-api-key" +smart_filtering = true # GitHound code that removes common words/low entropy strings/repeating sequences to reduce false positives +regex = '''(?i)(?:key|api|token|secret|client|passwd|password|auth|access)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-z\-_.=]{10,150})(?:['|\"|\n|\r|\s|\x60|;]|$)''' + +# The following rules are from GitLeaks (/~https://github.com/zricethezav/gitleaks), which is released under an MIT license (/~https://github.com/zricethezav/gitleaks/blob/master/LICENSE) +# BEGIN GITLEAKS RULES 2022-10-28 +[[rules]] +description = "Adafruit API Key" +id = "adafruit-api-key" +regex = '''(?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "DigitalOcean Personal Access Token" +id = "digitalocean-pat" +regex = '''(?i)\b(dop_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "DigitalOcean OAuth Refresh Token" +id = "digitalocean-refresh-token" +regex = '''(?i)\b(dor_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Discord API key" +id = "discord-api-token" +regex = '''(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Discord client ID" +id = "discord-client-id" +regex = '''(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Discord client secret" +id = "discord-client-secret" +regex = '''(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Doppler API token" +id = "doppler-api-token" +regex = '''(dp\.pt\.)(?i)[a-z0-9]{43}''' +[[rules]] +description = "Droneci Access Token" +id = "droneci-access-token" +regex = '''(?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Dropbox API secret" +id = "dropbox-api-token" +regex = '''(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Dropbox long lived API token" +id = "dropbox-long-lived-api-token" +regex = '''(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Dropbox short lived API token" +id = "dropbox-short-lived-api-token" +regex = '''(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Duffel API token" +id = "duffel-api-token" +regex = '''duffel_(test|live)_(?i)[a-z0-9_\-=]{43}''' +[[rules]] +description = "Dynatrace API token" +id = "dynatrace-api-token" +regex = '''dt0c01\.(?i)[a-z0-9]{24}\.[a-z0-9]{64}''' +[[rules]] +description = "EasyPost API token" +id = "easypost-api-token" +regex = '''EZAK(?i)[a-z0-9]{54}''' +[[rules]] +description = "EasyPost test API token" +id = "easypost-test-api-token" +regex = '''EZTK(?i)[a-z0-9]{54}''' +[[rules]] +description = "Etsy Access Token" +id = "etsy-access-token" +regex = '''(?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Facebook" +id = "facebook" +regex = '''(?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Fastly API key" +id = "fastly-api-token" +regex = '''(?i)(?:fastly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Finicity API token" +id = "finicity-api-token" +regex = '''(?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Finicity Client Secret" +id = "finicity-client-secret" +regex = '''(?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Finnhub Access Token" +id = "finnhub-access-token" +regex = '''(?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Flickr Access Token" +id = "flickr-access-token" +regex = '''(?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Flutterwave Encryption Key" +id = "flutterwave-encryption-key" +regex = '''FLWSECK_TEST-(?i)[a-h0-9]{12}''' +[[rules]] +description = "Finicity Public Key" +id = "flutterwave-public-key" +regex = '''FLWPUBK_TEST-(?i)[a-h0-9]{32}-X''' +[[rules]] +description = "Flutterwave Secret Key" +id = "flutterwave-secret-key" +regex = '''FLWSECK_TEST-(?i)[a-h0-9]{32}-X''' +[[rules]] +description = "Frame.io API token" +id = "frameio-api-token" +regex = '''fio-u-(?i)[a-z0-9\-_=]{64}''' +[[rules]] +description = "Freshbooks Access Token" +id = "freshbooks-access-token" +regex = '''(?i)(?:freshbooks)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "GCP API key" +id = "gcp-api-key" +regex = '''(?i)\b(AIza[0-9A-Za-z\\-_]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "GitHub App Token" +id = "github-app-token" +regex = '''(ghu|ghs)_[0-9a-zA-Z]{36}''' +[[rules]] +description = "GitHub OAuth Access Token" +id = "github-oauth" +regex = '''gho_[0-9a-zA-Z]{36}''' +[[rules]] +description = "GitHub Personal Access Token" +id = "github-pat" +regex = '''ghp_[0-9a-zA-Z]{36}''' +[[rules]] +description = "GitHub Refresh Token" +id = "github-refresh-token" +regex = '''ghr_[0-9a-zA-Z]{36}''' +[[rules]] +description = "GitLab Personal Access Token" +id = "gitlab-pat" +regex = '''glpat-[0-9a-zA-Z\-\_]{20}''' +[[rules]] +description = "Gitter Access Token" +id = "gitter-access-token" +regex = '''(?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "GoCardless API token" +id = "gocardless-api-token" +regex = '''(?i)(?:gocardless)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(live_(?i)[a-z0-9\-_=]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Grafana api key (or Grafana cloud api key)" +id = "grafana-api-key" +regex = '''(?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Grafana cloud api token" +id = "grafana-cloud-api-token" +regex = '''(?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Grafana service account token" +id = "grafana-service-account-token" +regex = '''(?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "HashiCorp Terraform user/org API token" +id = "hashicorp-tf-api-token" +regex = '''(?i)[a-z0-9]{14}\.atlasv1\.[a-z0-9\-_=]{60,70}''' +[[rules]] +description = "Heroku API Key" +id = "heroku-api-key" +regex = '''(?i)(?:heroku)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "HubSpot API Token" +id = "hubspot-api-key" +regex = '''(?i)(?:hubspot)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Intercom API Token" +id = "intercom-api-key" +regex = '''(?i)(?:intercom)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{60})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "JSON Web Token" +id = "jwt" +regex = '''(?i)\b(ey[0-9a-z]{30,34}\.ey[0-9a-z-\/_]{30,500}\.[0-9a-zA-Z-\/_]{10,200})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Kraken Access Token" +id = "kraken-access-token" +regex = '''(?i)(?:kraken)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9\/=_\+\-]{80,90})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Kucoin Access Token" +id = "kucoin-access-token" +regex = '''(?i)(?:kucoin)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Kucoin Secret Key" +id = "kucoin-secret-key" +regex = '''(?i)(?:kucoin)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Launchdarkly Access Token" +id = "launchdarkly-access-token" +regex = '''(?i)(?:launchdarkly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Linear API Token" +id = "linear-api-key" +regex = '''lin_api_(?i)[a-z0-9]{40}''' +[[rules]] +description = "Linear Client Secret" +id = "linear-client-secret" +regex = '''(?i)(?:linear)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "LinkedIn Client ID" +id = "linkedin-client-id" +regex = '''(?i)(?:linkedin|linked-in)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "LinkedIn Client secret" +id = "linkedin-client-secret" +regex = '''(?i)(?:linkedin|linked-in)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Lob API Key" +id = "lob-api-key" +regex = '''(?i)(?:lob)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}((live|test)_[a-f0-9]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Lob Publishable API Key" +id = "lob-pub-api-key" +regex = '''(?i)(?:lob)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}((test|live)_pub_[a-f0-9]{31})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Mailchimp API key" +id = "mailchimp-api-key" +regex = '''(?i)(?:mailchimp)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32}-us20)(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Mailgun private API token" +id = "mailgun-private-api-token" +regex = '''(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(key-[a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Mailgun public validation key" +id = "mailgun-pub-key" +regex = '''(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(pubkey-[a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Mailgun webhook signing key" +id = "mailgun-signing-key" +regex = '''(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-h0-9]{32}-[a-h0-9]{8}-[a-h0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "MapBox API token" +id = "mapbox-api-token" +regex = '''(?i)(?:mapbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(pk\.[a-z0-9]{60}\.[a-z0-9]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Mattermost Access Token" +id = "mattermost-access-token" +regex = '''(?i)(?:mattermost)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{26})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "MessageBird API token" +id = "messagebird-api-token" +regex = '''(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "MessageBird client ID" +id = "messagebird-client-id" +regex = '''(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Microsoft Teams Webhook" +id = "microsoft-teams-webhook" +regex = '''https:\/\/[a-z0-9]+\.webhook\.office\.com\/webhookb2\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}@[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}\/IncomingWebhook\/[a-z0-9]{32}\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}''' +[[rules]] +description = "Netlify Access Token" +id = "netlify-access-token" +regex = '''(?i)(?:netlify)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40,46})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "New Relic ingest browser API token" +id = "new-relic-browser-api-token" +regex = '''(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(NRJS-[a-f0-9]{19})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "New Relic user API ID" +id = "new-relic-user-api-id" +regex = '''(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "New Relic user API Key" +id = "new-relic-user-api-key" +regex = '''(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(NRAK-[a-z0-9]{27})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "npm access token" +id = "npm-access-token" +regex = '''(?i)\b(npm_[a-z0-9]{36})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Nytimes Access Token" +id = "nytimes-access-token" +regex = '''(?i)(?:nytimes|new-york-times,|newyorktimes)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Okta Access Token" +id = "okta-access-token" +regex = '''(?i)(?:okta)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{42})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Plaid API Token" +id = "plaid-api-token" +regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(access-(?:sandbox|development|production)-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Plaid Client ID" +id = "plaid-client-id" +regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Plaid Secret key" +id = "plaid-secret-key" +regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "PlanetScale API token" +id = "planetscale-api-token" +regex = '''(?i)\b(pscale_tkn_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "PlanetScale OAuth token" +id = "planetscale-oauth-token" +regex = '''(?i)\b(pscale_oauth_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "PlanetScale password" +id = "planetscale-password" +regex = '''(?i)\b(pscale_pw_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Postman API token" +id = "postman-api-token" +regex = '''(?i)\b(PMAK-(?i)[a-f0-9]{24}\-[a-f0-9]{34})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Prefect API token" +id = "prefect-api-token" +regex = '''(?i)\b(pnu_[a-z0-9]{36})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Private Key" +id = "private-key" +regex = '''(?i)-----BEGIN[ A-Z0-9_-]{0,100}PRIVATE KEY( BLOCK)?-----[\s\S-]*KEY----''' +[[rules]] +description = "Pulumi API token" +id = "pulumi-api-token" +regex = '''(?i)\b(pul-[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "PyPI upload token" +id = "pypi-upload-token" +regex = '''pypi-AgEIcHlwaS5vcmc[A-Za-z0-9\-_]{50,1000}''' +[[rules]] +description = "RapidAPI Access Token" +id = "rapidapi-access-token" +regex = '''(?i)(?:rapidapi)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Readme API token" +id = "readme-api-token" +regex = '''(?i)\b(rdme_[a-z0-9]{70})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Rubygem API token" +id = "rubygems-api-token" +regex = '''(?i)\b(rubygems_[a-f0-9]{48})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Sendbird Access ID" +id = "sendbird-access-id" +regex = '''(?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Sendbird Access Token" +id = "sendbird-access-token" +regex = '''(?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "SendGrid API token" +id = "sendgrid-api-token" +regex = '''(?i)\b(SG\.(?i)[a-z0-9=_\-\.]{66})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Sendinblue API token" +id = "sendinblue-api-token" +regex = '''(?i)\b(xkeysib-[a-f0-9]{64}\-(?i)[a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Sentry Access Token" +id = "sentry-access-token" +regex = '''(?i)(?:sentry)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Shippo API token" +id = "shippo-api-token" +regex = '''(?i)\b(shippo_(live|test)_[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Shopify access token" +id = "shopify-access-token" +regex = '''shpat_[a-fA-F0-9]{32}''' +[[rules]] +description = "Shopify custom access token" +id = "shopify-custom-access-token" +regex = '''shpca_[a-fA-F0-9]{32}''' +[[rules]] +description = "Shopify private app access token" +id = "shopify-private-app-access-token" +regex = '''shppa_[a-fA-F0-9]{32}''' +[[rules]] +description = "Shopify shared secret" +id = "shopify-shared-secret" +regex = '''shpss_[a-fA-F0-9]{32}''' +[[rules]] +description = "Sidekiq Secret" +id = "sidekiq-secret" +regex = '''(?i)(?:BUNDLE_ENTERPRISE__CONTRIBSYS__COM|BUNDLE_GEMS__CONTRIBSYS__COM)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{8}:[a-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Sidekiq Sensitive URL" +id = "sidekiq-sensitive-url" +regex = '''(?i)\b(http(?:s??):\/\/)([a-f0-9]{8}:[a-f0-9]{8})@(?:gems.contribsys.com|enterprise.contribsys.com)(?:[\/|\#|\?|:]|$)''' +[[rules]] +description = "Slack token" +id = "slack-access-token" +regex = '''xox[baprs]-([0-9a-zA-Z]{10,48})''' +[[rules]] +description = "Slack Webhook" +id = "slack-web-hook" +regex = '''https:\/\/hooks.slack.com\/(services|workflows)\/[A-Za-z0-9+\/]{44,46}''' +[[rules]] +description = "Square Access Token" +id = "square-access-token" +regex = '''(?i)\b(sq0atp-[0-9A-Za-z\-_]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Squarespace Access Token" +id = "squarespace-access-token" +regex = '''(?i)(?:squarespace)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Stripe" +id = "stripe-access-token" +regex = '''(?i)(sk|pk)_(test|live)_[0-9a-z]{10,32}''' +[[rules]] +description = "SumoLogic Access ID" +id = "sumologic-access-id" +regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "SumoLogic Access Token" +id = "sumologic-access-token" +regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Telegram Bot API Token" +id = "telegram-bot-api-token" +regex = '''(?i)(?:^|[^0-9])([0-9]{5,16}:A[a-zA-Z0-9_\-]{34})(?:$|[^a-zA-Z0-9_\-])''' +[[rules]] +description = "Travis CI Access Token" +id = "travisci-access-token" +regex = '''(?i)(?:travis)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Twilio API Key" +id = "twilio-api-key" +regex = '''SK[0-9a-fA-F]{32}''' +[[rules]] +description = "Twitch API token" +id = "twitch-api-token" +regex = '''(?i)(?:twitch)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Twitter Access Secret" +id = "twitter-access-secret" +regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{45})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Twitter Access Token" +id = "twitter-access-token" +regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{15,25}-[a-zA-Z0-9]{20,40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Twitter API Key" +id = "twitter-api-key" +regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Twitter API Secret" +id = "twitter-api-secret" +regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Twitter Bearer Token" +id = "twitter-bearer-token" +regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(A{22}[a-zA-Z0-9%]{80,100})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Typeform API token" +id = "typeform-api-token" +regex = '''(?i)(?:typeform)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(tfp_[a-z0-9\-_\.=]{59})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Vault Batch Token" +id = "vault-batch-token" +regex = '''(?i)\b(hvb\.[a-z0-9_-]{138,212})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Vault Service Token" +id = "vault-service-token" +regex = '''(?i)\b(hvs\.[a-z0-9_-]{90,100})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Yandex Access Token" +id = "yandex-access-token" +regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(t1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Yandex API Key" +id = "yandex-api-key" +regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(AQVN[A-Za-z0-9_\-]{35,38})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Yandex AWS Access Token" +id = "yandex-aws-access-token" +regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(YC[a-zA-Z0-9_\-]{38})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +[[rules]] +description = "Zendesk Secret Key" +id = "zendesk-secret-key" +regex = '''(?i)(?:zendesk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' \ No newline at end of file diff --git a/rules/rules/adobe.yml b/rules/rules-noseyparker/adobe.yml similarity index 100% rename from rules/rules/adobe.yml rename to rules/rules-noseyparker/adobe.yml diff --git a/rules/rules/age.yml b/rules/rules-noseyparker/age.yml similarity index 100% rename from rules/rules/age.yml rename to rules/rules-noseyparker/age.yml diff --git a/rules/rules/artifactory.yml b/rules/rules-noseyparker/artifactory.yml similarity index 100% rename from rules/rules/artifactory.yml rename to rules/rules-noseyparker/artifactory.yml diff --git a/rules/rules/aws.yml b/rules/rules-noseyparker/aws.yml similarity index 100% rename from rules/rules/aws.yml rename to rules/rules-noseyparker/aws.yml diff --git a/rules/rules/azure.yml b/rules/rules-noseyparker/azure.yml similarity index 100% rename from rules/rules/azure.yml rename to rules/rules-noseyparker/azure.yml diff --git a/rules/rules/codeclimate.yml b/rules/rules-noseyparker/codeclimate.yml similarity index 100% rename from rules/rules/codeclimate.yml rename to rules/rules-noseyparker/codeclimate.yml diff --git a/rules/rules/crates.io.yml b/rules/rules-noseyparker/crates.io.yml similarity index 100% rename from rules/rules/crates.io.yml rename to rules/rules-noseyparker/crates.io.yml diff --git a/rules/rules/dependency_track.yml b/rules/rules-noseyparker/dependency_track.yml similarity index 100% rename from rules/rules/dependency_track.yml rename to rules/rules-noseyparker/dependency_track.yml diff --git a/rules/rules/digitalocean.yml b/rules/rules-noseyparker/digitalocean.yml similarity index 100% rename from rules/rules/digitalocean.yml rename to rules/rules-noseyparker/digitalocean.yml diff --git a/rules/rules/dockerconfig.yml b/rules/rules-noseyparker/dockerconfig.yml similarity index 100% rename from rules/rules/dockerconfig.yml rename to rules/rules-noseyparker/dockerconfig.yml diff --git a/rules/rules/dockerhub.yml b/rules/rules-noseyparker/dockerhub.yml similarity index 100% rename from rules/rules/dockerhub.yml rename to rules/rules-noseyparker/dockerhub.yml diff --git a/rules/rules/doppler.yml b/rules/rules-noseyparker/doppler.yml similarity index 100% rename from rules/rules/doppler.yml rename to rules/rules-noseyparker/doppler.yml diff --git a/rules/rules/dropbox.yml b/rules/rules-noseyparker/dropbox.yml similarity index 100% rename from rules/rules/dropbox.yml rename to rules/rules-noseyparker/dropbox.yml diff --git a/rules/rules/dynatrace.yml b/rules/rules-noseyparker/dynatrace.yml similarity index 100% rename from rules/rules/dynatrace.yml rename to rules/rules-noseyparker/dynatrace.yml diff --git a/rules/rules/facebook.yml b/rules/rules-noseyparker/facebook.yml similarity index 100% rename from rules/rules/facebook.yml rename to rules/rules-noseyparker/facebook.yml diff --git a/rules/rules/figma.yml b/rules/rules-noseyparker/figma.yml similarity index 100% rename from rules/rules/figma.yml rename to rules/rules-noseyparker/figma.yml diff --git a/rules/rules/generic.yml b/rules/rules-noseyparker/generic.yml similarity index 100% rename from rules/rules/generic.yml rename to rules/rules-noseyparker/generic.yml diff --git a/rules/rules/github.yml b/rules/rules-noseyparker/github.yml similarity index 100% rename from rules/rules/github.yml rename to rules/rules-noseyparker/github.yml diff --git a/rules/rules/gitlab.yml b/rules/rules-noseyparker/gitlab.yml similarity index 100% rename from rules/rules/gitlab.yml rename to rules/rules-noseyparker/gitlab.yml diff --git a/rules/rules/google.yml b/rules/rules-noseyparker/google.yml similarity index 100% rename from rules/rules/google.yml rename to rules/rules-noseyparker/google.yml diff --git a/rules/rules/gradle.yml b/rules/rules-noseyparker/gradle.yml similarity index 100% rename from rules/rules/gradle.yml rename to rules/rules-noseyparker/gradle.yml diff --git a/rules/rules/grafana.yml b/rules/rules-noseyparker/grafana.yml similarity index 100% rename from rules/rules/grafana.yml rename to rules/rules-noseyparker/grafana.yml diff --git a/rules/rules/hashes.yml b/rules/rules-noseyparker/hashes.yml similarity index 100% rename from rules/rules/hashes.yml rename to rules/rules-noseyparker/hashes.yml diff --git a/rules/rules/heroku.yml b/rules/rules-noseyparker/heroku.yml similarity index 100% rename from rules/rules/heroku.yml rename to rules/rules-noseyparker/heroku.yml diff --git a/rules/rules/huggingface.yml b/rules/rules-noseyparker/huggingface.yml similarity index 100% rename from rules/rules/huggingface.yml rename to rules/rules-noseyparker/huggingface.yml diff --git a/rules/rules/jenkins.yml b/rules/rules-noseyparker/jenkins.yml similarity index 100% rename from rules/rules/jenkins.yml rename to rules/rules-noseyparker/jenkins.yml diff --git a/rules/rules/jwt.yml b/rules/rules-noseyparker/jwt.yml similarity index 100% rename from rules/rules/jwt.yml rename to rules/rules-noseyparker/jwt.yml diff --git a/rules/rules/linkedin.yml b/rules/rules-noseyparker/linkedin.yml similarity index 100% rename from rules/rules/linkedin.yml rename to rules/rules-noseyparker/linkedin.yml diff --git a/rules/rules/mailchimp.yml b/rules/rules-noseyparker/mailchimp.yml similarity index 100% rename from rules/rules/mailchimp.yml rename to rules/rules-noseyparker/mailchimp.yml diff --git a/rules/rules/mailgun.yml b/rules/rules-noseyparker/mailgun.yml similarity index 100% rename from rules/rules/mailgun.yml rename to rules/rules-noseyparker/mailgun.yml diff --git a/rules/rules/mapbox.yml b/rules/rules-noseyparker/mapbox.yml similarity index 100% rename from rules/rules/mapbox.yml rename to rules/rules-noseyparker/mapbox.yml diff --git a/rules/rules/microsoft_teams.yml b/rules/rules-noseyparker/microsoft_teams.yml similarity index 100% rename from rules/rules/microsoft_teams.yml rename to rules/rules-noseyparker/microsoft_teams.yml diff --git a/rules/rules/netrc.yml b/rules/rules-noseyparker/netrc.yml similarity index 100% rename from rules/rules/netrc.yml rename to rules/rules-noseyparker/netrc.yml diff --git a/rules/rules/newrelic.yml b/rules/rules-noseyparker/newrelic.yml similarity index 100% rename from rules/rules/newrelic.yml rename to rules/rules-noseyparker/newrelic.yml diff --git a/rules/rules/npm.yml b/rules/rules-noseyparker/npm.yml similarity index 100% rename from rules/rules/npm.yml rename to rules/rules-noseyparker/npm.yml diff --git a/rules/rules/nuget.yml b/rules/rules-noseyparker/nuget.yml similarity index 100% rename from rules/rules/nuget.yml rename to rules/rules-noseyparker/nuget.yml diff --git a/rules/rules/odbc.yml b/rules/rules-noseyparker/odbc.yml similarity index 100% rename from rules/rules/odbc.yml rename to rules/rules-noseyparker/odbc.yml diff --git a/rules/rules/okta.yml b/rules/rules-noseyparker/okta.yml similarity index 100% rename from rules/rules/okta.yml rename to rules/rules-noseyparker/okta.yml diff --git a/rules/rules/openai.yml b/rules/rules-noseyparker/openai.yml similarity index 100% rename from rules/rules/openai.yml rename to rules/rules-noseyparker/openai.yml diff --git a/rules/rules/pem.yml b/rules/rules-noseyparker/pem.yml similarity index 100% rename from rules/rules/pem.yml rename to rules/rules-noseyparker/pem.yml diff --git a/rules/rules/postman.yml b/rules/rules-noseyparker/postman.yml similarity index 100% rename from rules/rules/postman.yml rename to rules/rules-noseyparker/postman.yml diff --git a/rules/rules/psexec.yml b/rules/rules-noseyparker/psexec.yml similarity index 100% rename from rules/rules/psexec.yml rename to rules/rules-noseyparker/psexec.yml diff --git a/rules/rules/pypi.yml b/rules/rules-noseyparker/pypi.yml similarity index 100% rename from rules/rules/pypi.yml rename to rules/rules-noseyparker/pypi.yml diff --git a/rules/rules/react.yml b/rules/rules-noseyparker/react.yml similarity index 100% rename from rules/rules/react.yml rename to rules/rules-noseyparker/react.yml diff --git a/rules/rules/rubygems.yml b/rules/rules-noseyparker/rubygems.yml similarity index 100% rename from rules/rules/rubygems.yml rename to rules/rules-noseyparker/rubygems.yml diff --git a/rules/rules/salesforce.yml b/rules/rules-noseyparker/salesforce.yml similarity index 100% rename from rules/rules/salesforce.yml rename to rules/rules-noseyparker/salesforce.yml diff --git a/rules/rules/sauce.yml b/rules/rules-noseyparker/sauce.yml similarity index 100% rename from rules/rules/sauce.yml rename to rules/rules-noseyparker/sauce.yml diff --git a/rules/rules/segment.yml b/rules/rules-noseyparker/segment.yml similarity index 100% rename from rules/rules/segment.yml rename to rules/rules-noseyparker/segment.yml diff --git a/rules/rules/sendgrid.yml b/rules/rules-noseyparker/sendgrid.yml similarity index 100% rename from rules/rules/sendgrid.yml rename to rules/rules-noseyparker/sendgrid.yml diff --git a/rules/rules/shopify.yml b/rules/rules-noseyparker/shopify.yml similarity index 100% rename from rules/rules/shopify.yml rename to rules/rules-noseyparker/shopify.yml diff --git a/rules/rules/slack.yml b/rules/rules-noseyparker/slack.yml similarity index 100% rename from rules/rules/slack.yml rename to rules/rules-noseyparker/slack.yml diff --git a/rules/rules/sonarqube.yml b/rules/rules-noseyparker/sonarqube.yml similarity index 100% rename from rules/rules/sonarqube.yml rename to rules/rules-noseyparker/sonarqube.yml diff --git a/rules/rules/square.yml b/rules/rules-noseyparker/square.yml similarity index 100% rename from rules/rules/square.yml rename to rules/rules-noseyparker/square.yml diff --git a/rules/rules/stackhawk.yml b/rules/rules-noseyparker/stackhawk.yml similarity index 100% rename from rules/rules/stackhawk.yml rename to rules/rules-noseyparker/stackhawk.yml diff --git a/rules/rules/stripe.yml b/rules/rules-noseyparker/stripe.yml similarity index 100% rename from rules/rules/stripe.yml rename to rules/rules-noseyparker/stripe.yml diff --git a/rules/rules/telegram.yml b/rules/rules-noseyparker/telegram.yml similarity index 100% rename from rules/rules/telegram.yml rename to rules/rules-noseyparker/telegram.yml diff --git a/rules/rules/truenas.yml b/rules/rules-noseyparker/truenas.yml similarity index 100% rename from rules/rules/truenas.yml rename to rules/rules-noseyparker/truenas.yml diff --git a/rules/rules/twilio.yml b/rules/rules-noseyparker/twilio.yml similarity index 100% rename from rules/rules/twilio.yml rename to rules/rules-noseyparker/twilio.yml diff --git a/rules/rules/twitter.yml b/rules/rules-noseyparker/twitter.yml similarity index 100% rename from rules/rules/twitter.yml rename to rules/rules-noseyparker/twitter.yml diff --git a/rules/rules/wireguard.yml b/rules/rules-noseyparker/wireguard.yml similarity index 100% rename from rules/rules/wireguard.yml rename to rules/rules-noseyparker/wireguard.yml diff --git a/rules/rules-regexlist.txt b/rules/rules-regexlist.txt new file mode 100644 index 0000000..2c7c5d4 --- /dev/null +++ b/rules/rules-regexlist.txt @@ -0,0 +1 @@ +xox[baprs]-([0-9a-zA-Z]{10,48}) \ No newline at end of file From c5c884f69690083b47aa5436e0a1ad6b839d5a3e Mon Sep 17 00:00:00 2001 From: tillson Date: Sun, 5 Jan 2025 00:01:04 -0500 Subject: [PATCH 14/14] Update go packages --- go.mod | 85 ++++--- go.sum | 654 ++++++++++------------------------------------------- rules.toml | 481 --------------------------------------- 3 files changed, 166 insertions(+), 1054 deletions(-) delete mode 100644 rules.toml diff --git a/go.mod b/go.mod index 85efd98..9b9cc41 100644 --- a/go.mod +++ b/go.mod @@ -1,56 +1,67 @@ module github.com/tillson/git-hound -go 1.18 +go 1.22.0 + +toolchain go1.22.5 require ( - github.com/BurntSushi/toml v1.2.1 - github.com/fatih/color v1.13.0 - github.com/go-git/go-git/v5 v5.4.2 - github.com/google/go-github v17.0.0+incompatible + github.com/BurntSushi/toml v1.4.0 + github.com/GRbit/go-pcre v1.0.1 + github.com/fatih/color v1.18.0 + github.com/go-git/go-git/v5 v5.13.1 github.com/google/go-github/v57 v57.0.0 - github.com/pquerna/otp v1.3.0 - github.com/spf13/cobra v1.4.0 - github.com/spf13/viper v1.12.0 + github.com/pquerna/otp v1.4.0 + github.com/spf13/cobra v1.8.1 + github.com/spf13/viper v1.19.0 github.com/waigani/diffparser v0.0.0-20190828052634-7391f219313d - golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e + golang.org/x/crypto v0.31.0 + gopkg.in/yaml.v2 v2.4.0 ) require ( - github.com/GRbit/go-pcre v1.0.1 // indirect - github.com/Microsoft/go-winio v0.5.2 // indirect - github.com/ProtonMail/go-crypto v0.0.0-20220517143526-88bb52951d5b // indirect - github.com/acomagu/bufpipe v1.0.3 // indirect - github.com/boombuler/barcode v1.0.1 // indirect + dario.cat/mergo v1.0.1 // indirect + github.com/Microsoft/go-winio v0.6.2 // indirect + github.com/ProtonMail/go-crypto v1.1.3 // indirect + github.com/boombuler/barcode v1.0.2 // indirect + github.com/cloudflare/circl v1.5.0 // indirect + github.com/cyphar/filepath-securejoin v0.3.6 // indirect github.com/emirpasic/gods v1.18.1 // indirect - github.com/fsnotify/fsnotify v1.5.4 // indirect - github.com/go-git/gcfg v1.5.0 // indirect - github.com/go-git/go-billy/v5 v5.3.1 // indirect + github.com/fsnotify/fsnotify v1.8.0 // indirect + github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect + github.com/go-git/go-billy/v5 v5.6.1 // indirect + github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect github.com/google/go-querystring v1.1.0 // indirect github.com/hashicorp/hcl v1.0.0 // indirect - github.com/imdario/mergo v0.3.13 // indirect - github.com/inconshreveable/mousetrap v1.0.0 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect - github.com/magiconair/properties v1.8.6 // indirect - github.com/mattn/go-colorable v0.1.12 // indirect - github.com/mattn/go-isatty v0.0.14 // indirect - github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/magiconair/properties v1.8.9 // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect - github.com/pelletier/go-toml v1.9.5 // indirect - github.com/pelletier/go-toml/v2 v2.0.2 // indirect - github.com/sergi/go-diff v1.2.0 // indirect - github.com/spf13/afero v1.8.2 // indirect - github.com/spf13/cast v1.5.0 // indirect - github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/mmcloughlin/avo v0.6.0 // indirect + github.com/pelletier/go-toml/v2 v2.2.3 // indirect + github.com/pjbgf/sha1cd v0.3.1 // indirect + github.com/sagikazarmark/locafero v0.6.0 // indirect + github.com/sagikazarmark/slog-shim v0.1.0 // indirect + github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect + github.com/skeema/knownhosts v1.3.0 // indirect + github.com/sourcegraph/conc v0.3.0 // indirect + github.com/spf13/afero v1.11.0 // indirect + github.com/spf13/cast v1.7.1 // indirect github.com/spf13/pflag v1.0.5 // indirect - github.com/subosito/gotenv v1.4.0 // indirect - github.com/xanzy/ssh-agent v0.3.1 // indirect - golang.org/x/net v0.9.0 // indirect - golang.org/x/sys v0.7.0 // indirect - golang.org/x/term v0.7.0 // indirect - golang.org/x/text v0.9.0 // indirect - gopkg.in/ini.v1 v1.66.6 // indirect + github.com/subosito/gotenv v1.6.0 // indirect + github.com/xanzy/ssh-agent v0.3.3 // indirect + go.uber.org/multierr v1.11.0 // indirect + golang.org/x/exp v0.0.0-20250103183323-7d7fa50e5329 // indirect + golang.org/x/mod v0.22.0 // indirect + golang.org/x/net v0.33.0 // indirect + golang.org/x/sync v0.10.0 // indirect + golang.org/x/sys v0.29.0 // indirect + golang.org/x/term v0.28.0 // indirect + golang.org/x/text v0.21.0 // indirect + golang.org/x/tools v0.28.0 // indirect + gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index dd46a23..af399a3 100644 --- a/go.sum +++ b/go.sum @@ -1,596 +1,178 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= -cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= -cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= -cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= -cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= -cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= -cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= -cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= -cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= -cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= -cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= -cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= -cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= -cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= -cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak= -github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s= +dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= +github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0= +github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/GRbit/go-pcre v1.0.1 h1:8F7Wj1rxIq8ejKSXVVW2wE+4I4VnZbuOemrMk8kn3hc= github.com/GRbit/go-pcre v1.0.1/go.mod h1:0g7qVGbMpd2Odevd92x1RpaLpR3c3F/Gv2HEnI7CwEA= -github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= -github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA= github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= -github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= -github.com/ProtonMail/go-crypto v0.0.0-20220517143526-88bb52951d5b h1:lcbBNuQhppsc7A5gjdHmdlqUqJfgGMylBdGyDs0j7G8= -github.com/ProtonMail/go-crypto v0.0.0-20220517143526-88bb52951d5b/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= -github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= -github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= -github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= -github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= +github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= +github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= +github.com/ProtonMail/go-crypto v1.1.3 h1:nRBOetoydLeUb4nHajyO2bKqMLfWQ/ZPwkXqXxPxCFk= +github.com/ProtonMail/go-crypto v1.1.3/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE= +github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= +github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= -github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs= -github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/boombuler/barcode v1.0.2 h1:79yrbttoZrLGkL/oOI8hBrUKucwOL0oOjUgEguGMcJ4= +github.com/boombuler/barcode v1.0.2/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= +github.com/cloudflare/circl v1.5.0 h1:hxIWksrX6XN5a1L2TI/h53AGPhNHoUBo+TD1ms9+pys= +github.com/cloudflare/circl v1.5.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cyphar/filepath-securejoin v0.3.6 h1:4d9N5ykBnSp5Xn2JkhocYDkOpURL/18CYMpo6xB9uWM= +github.com/cyphar/filepath-securejoin v0.3.6/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/elazarl/goproxy v1.2.3 h1:xwIyKHbaP5yfT6O9KIeYJR5549MXRQkoQMRXGztz8YQ= +github.com/elazarl/goproxy v1.2.3/go.mod h1:YfEbZtqP4AetfO6d40vWchF3znWX7C7Vd6ZMfdL8z64= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= -github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= -github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= -github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= -github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= -github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= -github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= -github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0= -github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= -github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= -github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= -github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34= -github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-git-fixtures/v4 v4.2.1 h1:n9gGL1Ct/yIw+nfsfr8s4+sbhT+Ncu2SubfXjIWgci8= -github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= -github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4= -github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= +github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= +github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= +github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= +github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/8M= +github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= +github.com/gliderlabs/ssh v0.3.8 h1:a4YXD1V7xMF9g5nTkdfnja3Sxy1PVDCj1Zg4Wb8vY6c= +github.com/gliderlabs/ssh v0.3.8/go.mod h1:xYoytBv1sV0aL3CavoDuJIQNURXkkfPA/wxQ1pL1fAU= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= +github.com/go-git/go-billy/v5 v5.6.1 h1:u+dcrgaguSSkbjzHwelEjc0Yj300NUevrrPphk/SoRA= +github.com/go-git/go-billy/v5 v5.6.1/go.mod h1:0AsLr1z2+Uksi4NlElmMblP5rPcDZNRCD8ujZCRR2BE= +github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4= +github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII= +github.com/go-git/go-git/v5 v5.13.1 h1:DAQ9APonnlvSWpvolXWIuV6Q6zXy2wHbN4cVlNR5Q+M= +github.com/go-git/go-git/v5 v5.13.1/go.mod h1:qryJB4cSBoq3FRoBRf5A77joojuBcmPJ0qu3XXXVixc= +github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ= +github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= -github.com/google/go-github v17.0.0+incompatible h1:N0LgJ1j65A7kfXrZnUDaYCs/Sf4rEjNlfyDHW9dolSY= -github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-github/v57 v57.0.0 h1:L+Y3UPTY8ALM8x+TV0lg+IEBI+upibemtBD8Q9u7zHs= github.com/google/go-github/v57 v57.0.0/go.mod h1:s0omdnye0hvK/ecLvpsGfJMiRt85PimQh4oygmLIxHw= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= -github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= -github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= -github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/magiconair/properties v1.8.6 h1:5ibWZ6iY0NctNGWo87LalDlEZ6R41TqbbDamhfG/Qzo= -github.com/magiconair/properties v1.8.6/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= -github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= -github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= -github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= -github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= -github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= -github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= -github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/magiconair/properties v1.8.9 h1:nWcCbLq1N2v/cpNsy5WvQ37Fb+YElfq20WJ/a8RkpQM= +github.com/magiconair/properties v1.8.9/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= -github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= -github.com/pelletier/go-toml/v2 v2.0.2 h1:+jQXlF3scKIcSEKkdHzXhCTDLPFi5r1wnK6yPS+49Gw= -github.com/pelletier/go-toml/v2 v2.0.2/go.mod h1:MovirKjgVRESsAvNZlAjtFwV867yGuwRkXbG66OzopI= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/mmcloughlin/avo v0.6.0 h1:QH6FU8SKoTLaVs80GA8TJuLNkUYl4VokHKlPhVDg4YY= +github.com/mmcloughlin/avo v0.6.0/go.mod h1:8CoAGaCSYXtCPR+8y18Y9aB/kxb8JSS6FRI7mSkvD+8= +github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= +github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= +github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M= +github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc= +github.com/pjbgf/sha1cd v0.3.1 h1:Dh2GYdpJnO84lIw0LJwTFXjcNbasP/bklicSznyAaPI= +github.com/pjbgf/sha1cd v0.3.1/go.mod h1:Y8t7jSB/dEI/lQE04A1HVKteqjj9bX5O4+Cex0TCu8s= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/pquerna/otp v1.3.0 h1:oJV/SkzR33anKXwQU3Of42rL4wbrffP4uvUf1SvS5Xs= -github.com/pquerna/otp v1.3.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pquerna/otp v1.4.0 h1:wZvl1TIVxKRThZIBiwOOHOGP/1+nZyWBil9Y2XNEDzg= +github.com/pquerna/otp v1.4.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= -github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= +github.com/sagikazarmark/locafero v0.6.0 h1:ON7AQg37yzcRPU69mt7gwhFEBwxI6P9T4Qu3N51bwOk= +github.com/sagikazarmark/locafero v0.6.0/go.mod h1:77OmuIc6VTraTXKXIs/uvUxKGUXjE1GbemJYHqdNjX0= +github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= +github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ= +github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8= +github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/spf13/afero v1.8.2 h1:xehSyVa0YnHWsJ49JFljMpg1HX19V6NDZ1fkm1Xznbo= -github.com/spf13/afero v1.8.2/go.mod h1:CtAatgMJh6bJEIs48Ay/FOnkljP3WeGUG0MC1RfAqwo= -github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= -github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= -github.com/spf13/cobra v1.4.0 h1:y+wJpx64xcgO1V+RcnwW0LEHxTKRi2ZDPSBjWnrg88Q= -github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= -github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= -github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= +github.com/skeema/knownhosts v1.3.0 h1:AM+y0rI04VksttfwjkSTNQorvGqmwATnvnAHpSgc0LY= +github.com/skeema/knownhosts v1.3.0/go.mod h1:sPINvnADmT/qYH1kfv+ePMmOBTH6Tbl7b5LvTDjFK7M= +github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo= +github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= +github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= +github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= +github.com/spf13/cast v1.7.1 h1:cuNEagBQEHWN1FnbGEjCXL2szYEXqfJPbP2HNUaca9Y= +github.com/spf13/cast v1.7.1/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.12.0 h1:CZ7eSOd3kZoaYDLbXnmzgQI5RlciuXBMA+18HwHRfZQ= -github.com/spf13/viper v1.12.0/go.mod h1:b6COn30jlNxbm/V2IqWiNWkJ+vZNiMNksliPCiuKtSI= +github.com/spf13/viper v1.19.0 h1:RWq5SEjt8o25SROyN3z2OrDB9l7RPd3lwTWU8EcEdcI= +github.com/spf13/viper v1.19.0/go.mod h1:GQUN9bilAbhU/jgc1bKs99f/suXKeUMct8Adx5+Ntkg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= -github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/subosito/gotenv v1.4.0 h1:yAzM1+SmVcz5R4tXGsNMu1jUl2aOJXoiWUCEwwnGrvs= -github.com/subosito/gotenv v1.4.0/go.mod h1:mZd6rFysKEcUhUHXJk0C/08wAgyDBFuwEYL7vWWGaGo= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= +github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/waigani/diffparser v0.0.0-20190828052634-7391f219313d h1:xQcF7b7cZLWZG/+7A4G7un1qmEDYHIvId9qxRS1mZMs= github.com/waigani/diffparser v0.0.0-20190828052634-7391f219313d/go.mod h1:BzSc3WEF8R+lCaP5iGFRxd5kIXy4JKOZAwNe1w0cdc0= -github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= -github.com/xanzy/ssh-agent v0.3.1 h1:AmzO1SSWxw73zxFZPRwaMN1MohDw8UyHnmuxyceTEGo= -github.com/xanzy/ssh-agent v0.3.1/go.mod h1:QIE4lCeL7nkC25x+yA3LBIYfwCc1TFziCtG7cBAac6w= -github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= -go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= -golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e h1:T8NU3HyQ8ClP4SEE+KbFlg6n0NhuTsN4MyznaarGsZM= -golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= -golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= -golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= +github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/exp v0.0.0-20250103183323-7d7fa50e5329 h1:9kj3STMvgqy3YA4VQXBrN7925ICMxD5wzMRcgA30588= +golang.org/x/exp v0.0.0-20250103183323-7d7fa50e5329/go.mod h1:qj5a5QZpwLU2NLQudwIN5koi3beDhSAlJwa67PuM98c= +golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4= +golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= +golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= +golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= +golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.7.0 h1:BEvjmm5fURWqcfbSKTdpkDXYBrUS1c0m8agp14W48vQ= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg= +golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= +golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= -golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= -golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/tools v0.28.0 h1:WuB6qZ4RPCQo5aP3WdKZS7i595EdWqWR8vqJTlwTVK8= +golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= -google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= -google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= -google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= -google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= -google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= -google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= -google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= -google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= -google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= -google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/ini.v1 v1.66.6 h1:LATuAqN/shcYAOkv3wl2L4rkaKqkcgTBQjOyYDvcPKI= -gopkg.in/ini.v1 v1.66.6/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= +gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/rules.toml b/rules.toml deleted file mode 100644 index ec04845..0000000 --- a/rules.toml +++ /dev/null @@ -1,481 +0,0 @@ -[[rules]] -description = "Generic API Key" -id = "generic-api-key" -smart_filtering = true # GitHound code that removes common words/low entropy strings/repeating sequences to reduce false positives -regex = '''(?i)(?:key|api|token|secret|client|passwd|password|auth|access)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-z\-_.=]{10,150})(?:['|\"|\n|\r|\s|\x60|;]|$)''' - -# The following rules are from GitLeaks (/~https://github.com/zricethezav/gitleaks), which is released under an MIT license (/~https://github.com/zricethezav/gitleaks/blob/master/LICENSE) -# BEGIN GITLEAKS RULES 2022-10-28 -[[rules]] -description = "Adafruit API Key" -id = "adafruit-api-key" -regex = '''(?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "DigitalOcean Personal Access Token" -id = "digitalocean-pat" -regex = '''(?i)\b(dop_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "DigitalOcean OAuth Refresh Token" -id = "digitalocean-refresh-token" -regex = '''(?i)\b(dor_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Discord API key" -id = "discord-api-token" -regex = '''(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Discord client ID" -id = "discord-client-id" -regex = '''(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Discord client secret" -id = "discord-client-secret" -regex = '''(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Doppler API token" -id = "doppler-api-token" -regex = '''(dp\.pt\.)(?i)[a-z0-9]{43}''' -[[rules]] -description = "Droneci Access Token" -id = "droneci-access-token" -regex = '''(?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Dropbox API secret" -id = "dropbox-api-token" -regex = '''(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Dropbox long lived API token" -id = "dropbox-long-lived-api-token" -regex = '''(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Dropbox short lived API token" -id = "dropbox-short-lived-api-token" -regex = '''(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Duffel API token" -id = "duffel-api-token" -regex = '''duffel_(test|live)_(?i)[a-z0-9_\-=]{43}''' -[[rules]] -description = "Dynatrace API token" -id = "dynatrace-api-token" -regex = '''dt0c01\.(?i)[a-z0-9]{24}\.[a-z0-9]{64}''' -[[rules]] -description = "EasyPost API token" -id = "easypost-api-token" -regex = '''EZAK(?i)[a-z0-9]{54}''' -[[rules]] -description = "EasyPost test API token" -id = "easypost-test-api-token" -regex = '''EZTK(?i)[a-z0-9]{54}''' -[[rules]] -description = "Etsy Access Token" -id = "etsy-access-token" -regex = '''(?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Facebook" -id = "facebook" -regex = '''(?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Fastly API key" -id = "fastly-api-token" -regex = '''(?i)(?:fastly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Finicity API token" -id = "finicity-api-token" -regex = '''(?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Finicity Client Secret" -id = "finicity-client-secret" -regex = '''(?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Finnhub Access Token" -id = "finnhub-access-token" -regex = '''(?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Flickr Access Token" -id = "flickr-access-token" -regex = '''(?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Flutterwave Encryption Key" -id = "flutterwave-encryption-key" -regex = '''FLWSECK_TEST-(?i)[a-h0-9]{12}''' -[[rules]] -description = "Finicity Public Key" -id = "flutterwave-public-key" -regex = '''FLWPUBK_TEST-(?i)[a-h0-9]{32}-X''' -[[rules]] -description = "Flutterwave Secret Key" -id = "flutterwave-secret-key" -regex = '''FLWSECK_TEST-(?i)[a-h0-9]{32}-X''' -[[rules]] -description = "Frame.io API token" -id = "frameio-api-token" -regex = '''fio-u-(?i)[a-z0-9\-_=]{64}''' -[[rules]] -description = "Freshbooks Access Token" -id = "freshbooks-access-token" -regex = '''(?i)(?:freshbooks)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "GCP API key" -id = "gcp-api-key" -regex = '''(?i)\b(AIza[0-9A-Za-z\\-_]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "GitHub App Token" -id = "github-app-token" -regex = '''(ghu|ghs)_[0-9a-zA-Z]{36}''' -[[rules]] -description = "GitHub OAuth Access Token" -id = "github-oauth" -regex = '''gho_[0-9a-zA-Z]{36}''' -[[rules]] -description = "GitHub Personal Access Token" -id = "github-pat" -regex = '''ghp_[0-9a-zA-Z]{36}''' -[[rules]] -description = "GitHub Refresh Token" -id = "github-refresh-token" -regex = '''ghr_[0-9a-zA-Z]{36}''' -[[rules]] -description = "GitLab Personal Access Token" -id = "gitlab-pat" -regex = '''glpat-[0-9a-zA-Z\-\_]{20}''' -[[rules]] -description = "Gitter Access Token" -id = "gitter-access-token" -regex = '''(?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "GoCardless API token" -id = "gocardless-api-token" -regex = '''(?i)(?:gocardless)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(live_(?i)[a-z0-9\-_=]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Grafana api key (or Grafana cloud api key)" -id = "grafana-api-key" -regex = '''(?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Grafana cloud api token" -id = "grafana-cloud-api-token" -regex = '''(?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Grafana service account token" -id = "grafana-service-account-token" -regex = '''(?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "HashiCorp Terraform user/org API token" -id = "hashicorp-tf-api-token" -regex = '''(?i)[a-z0-9]{14}\.atlasv1\.[a-z0-9\-_=]{60,70}''' -[[rules]] -description = "Heroku API Key" -id = "heroku-api-key" -regex = '''(?i)(?:heroku)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "HubSpot API Token" -id = "hubspot-api-key" -regex = '''(?i)(?:hubspot)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Intercom API Token" -id = "intercom-api-key" -regex = '''(?i)(?:intercom)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{60})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "JSON Web Token" -id = "jwt" -regex = '''(?i)\b(ey[0-9a-z]{30,34}\.ey[0-9a-z-\/_]{30,500}\.[0-9a-zA-Z-\/_]{10,200})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Kraken Access Token" -id = "kraken-access-token" -regex = '''(?i)(?:kraken)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9\/=_\+\-]{80,90})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Kucoin Access Token" -id = "kucoin-access-token" -regex = '''(?i)(?:kucoin)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Kucoin Secret Key" -id = "kucoin-secret-key" -regex = '''(?i)(?:kucoin)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Launchdarkly Access Token" -id = "launchdarkly-access-token" -regex = '''(?i)(?:launchdarkly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Linear API Token" -id = "linear-api-key" -regex = '''lin_api_(?i)[a-z0-9]{40}''' -[[rules]] -description = "Linear Client Secret" -id = "linear-client-secret" -regex = '''(?i)(?:linear)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "LinkedIn Client ID" -id = "linkedin-client-id" -regex = '''(?i)(?:linkedin|linked-in)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "LinkedIn Client secret" -id = "linkedin-client-secret" -regex = '''(?i)(?:linkedin|linked-in)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Lob API Key" -id = "lob-api-key" -regex = '''(?i)(?:lob)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}((live|test)_[a-f0-9]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Lob Publishable API Key" -id = "lob-pub-api-key" -regex = '''(?i)(?:lob)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}((test|live)_pub_[a-f0-9]{31})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Mailchimp API key" -id = "mailchimp-api-key" -regex = '''(?i)(?:mailchimp)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32}-us20)(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Mailgun private API token" -id = "mailgun-private-api-token" -regex = '''(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(key-[a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Mailgun public validation key" -id = "mailgun-pub-key" -regex = '''(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(pubkey-[a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Mailgun webhook signing key" -id = "mailgun-signing-key" -regex = '''(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-h0-9]{32}-[a-h0-9]{8}-[a-h0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "MapBox API token" -id = "mapbox-api-token" -regex = '''(?i)(?:mapbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(pk\.[a-z0-9]{60}\.[a-z0-9]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Mattermost Access Token" -id = "mattermost-access-token" -regex = '''(?i)(?:mattermost)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{26})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "MessageBird API token" -id = "messagebird-api-token" -regex = '''(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "MessageBird client ID" -id = "messagebird-client-id" -regex = '''(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Microsoft Teams Webhook" -id = "microsoft-teams-webhook" -regex = '''https:\/\/[a-z0-9]+\.webhook\.office\.com\/webhookb2\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}@[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}\/IncomingWebhook\/[a-z0-9]{32}\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}''' -[[rules]] -description = "Netlify Access Token" -id = "netlify-access-token" -regex = '''(?i)(?:netlify)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40,46})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "New Relic ingest browser API token" -id = "new-relic-browser-api-token" -regex = '''(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(NRJS-[a-f0-9]{19})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "New Relic user API ID" -id = "new-relic-user-api-id" -regex = '''(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "New Relic user API Key" -id = "new-relic-user-api-key" -regex = '''(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(NRAK-[a-z0-9]{27})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "npm access token" -id = "npm-access-token" -regex = '''(?i)\b(npm_[a-z0-9]{36})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Nytimes Access Token" -id = "nytimes-access-token" -regex = '''(?i)(?:nytimes|new-york-times,|newyorktimes)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Okta Access Token" -id = "okta-access-token" -regex = '''(?i)(?:okta)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{42})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Plaid API Token" -id = "plaid-api-token" -regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(access-(?:sandbox|development|production)-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Plaid Client ID" -id = "plaid-client-id" -regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Plaid Secret key" -id = "plaid-secret-key" -regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "PlanetScale API token" -id = "planetscale-api-token" -regex = '''(?i)\b(pscale_tkn_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "PlanetScale OAuth token" -id = "planetscale-oauth-token" -regex = '''(?i)\b(pscale_oauth_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "PlanetScale password" -id = "planetscale-password" -regex = '''(?i)\b(pscale_pw_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Postman API token" -id = "postman-api-token" -regex = '''(?i)\b(PMAK-(?i)[a-f0-9]{24}\-[a-f0-9]{34})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Prefect API token" -id = "prefect-api-token" -regex = '''(?i)\b(pnu_[a-z0-9]{36})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Private Key" -id = "private-key" -regex = '''(?i)-----BEGIN[ A-Z0-9_-]{0,100}PRIVATE KEY( BLOCK)?-----[\s\S-]*KEY----''' -[[rules]] -description = "Pulumi API token" -id = "pulumi-api-token" -regex = '''(?i)\b(pul-[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "PyPI upload token" -id = "pypi-upload-token" -regex = '''pypi-AgEIcHlwaS5vcmc[A-Za-z0-9\-_]{50,1000}''' -[[rules]] -description = "RapidAPI Access Token" -id = "rapidapi-access-token" -regex = '''(?i)(?:rapidapi)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Readme API token" -id = "readme-api-token" -regex = '''(?i)\b(rdme_[a-z0-9]{70})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Rubygem API token" -id = "rubygems-api-token" -regex = '''(?i)\b(rubygems_[a-f0-9]{48})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Sendbird Access ID" -id = "sendbird-access-id" -regex = '''(?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Sendbird Access Token" -id = "sendbird-access-token" -regex = '''(?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "SendGrid API token" -id = "sendgrid-api-token" -regex = '''(?i)\b(SG\.(?i)[a-z0-9=_\-\.]{66})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Sendinblue API token" -id = "sendinblue-api-token" -regex = '''(?i)\b(xkeysib-[a-f0-9]{64}\-(?i)[a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Sentry Access Token" -id = "sentry-access-token" -regex = '''(?i)(?:sentry)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Shippo API token" -id = "shippo-api-token" -regex = '''(?i)\b(shippo_(live|test)_[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Shopify access token" -id = "shopify-access-token" -regex = '''shpat_[a-fA-F0-9]{32}''' -[[rules]] -description = "Shopify custom access token" -id = "shopify-custom-access-token" -regex = '''shpca_[a-fA-F0-9]{32}''' -[[rules]] -description = "Shopify private app access token" -id = "shopify-private-app-access-token" -regex = '''shppa_[a-fA-F0-9]{32}''' -[[rules]] -description = "Shopify shared secret" -id = "shopify-shared-secret" -regex = '''shpss_[a-fA-F0-9]{32}''' -[[rules]] -description = "Sidekiq Secret" -id = "sidekiq-secret" -regex = '''(?i)(?:BUNDLE_ENTERPRISE__CONTRIBSYS__COM|BUNDLE_GEMS__CONTRIBSYS__COM)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{8}:[a-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Sidekiq Sensitive URL" -id = "sidekiq-sensitive-url" -regex = '''(?i)\b(http(?:s??):\/\/)([a-f0-9]{8}:[a-f0-9]{8})@(?:gems.contribsys.com|enterprise.contribsys.com)(?:[\/|\#|\?|:]|$)''' -[[rules]] -description = "Slack token" -id = "slack-access-token" -regex = '''xox[baprs]-([0-9a-zA-Z]{10,48})''' -[[rules]] -description = "Slack Webhook" -id = "slack-web-hook" -regex = '''https:\/\/hooks.slack.com\/(services|workflows)\/[A-Za-z0-9+\/]{44,46}''' -[[rules]] -description = "Square Access Token" -id = "square-access-token" -regex = '''(?i)\b(sq0atp-[0-9A-Za-z\-_]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Squarespace Access Token" -id = "squarespace-access-token" -regex = '''(?i)(?:squarespace)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Stripe" -id = "stripe-access-token" -regex = '''(?i)(sk|pk)_(test|live)_[0-9a-z]{10,32}''' -[[rules]] -description = "SumoLogic Access ID" -id = "sumologic-access-id" -regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "SumoLogic Access Token" -id = "sumologic-access-token" -regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Telegram Bot API Token" -id = "telegram-bot-api-token" -regex = '''(?i)(?:^|[^0-9])([0-9]{5,16}:A[a-zA-Z0-9_\-]{34})(?:$|[^a-zA-Z0-9_\-])''' -[[rules]] -description = "Travis CI Access Token" -id = "travisci-access-token" -regex = '''(?i)(?:travis)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Twilio API Key" -id = "twilio-api-key" -regex = '''SK[0-9a-fA-F]{32}''' -[[rules]] -description = "Twitch API token" -id = "twitch-api-token" -regex = '''(?i)(?:twitch)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Twitter Access Secret" -id = "twitter-access-secret" -regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{45})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Twitter Access Token" -id = "twitter-access-token" -regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{15,25}-[a-zA-Z0-9]{20,40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Twitter API Key" -id = "twitter-api-key" -regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Twitter API Secret" -id = "twitter-api-secret" -regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Twitter Bearer Token" -id = "twitter-bearer-token" -regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(A{22}[a-zA-Z0-9%]{80,100})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Typeform API token" -id = "typeform-api-token" -regex = '''(?i)(?:typeform)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(tfp_[a-z0-9\-_\.=]{59})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Vault Batch Token" -id = "vault-batch-token" -regex = '''(?i)\b(hvb\.[a-z0-9_-]{138,212})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Vault Service Token" -id = "vault-service-token" -regex = '''(?i)\b(hvs\.[a-z0-9_-]{90,100})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Yandex Access Token" -id = "yandex-access-token" -regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(t1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Yandex API Key" -id = "yandex-api-key" -regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(AQVN[A-Za-z0-9_\-]{35,38})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Yandex AWS Access Token" -id = "yandex-aws-access-token" -regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(YC[a-zA-Z0-9_\-]{38})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -[[rules]] -description = "Zendesk Secret Key" -id = "zendesk-secret-key" -regex = '''(?i)(?:zendesk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' -# END GITLEAKS RULES