Skip to content

Commit 14f3525

Browse files
author
Hela Bot
committed
Removed few detectors
1 parent c370ec7 commit 14f3525

File tree

3 files changed

+35
-16
lines changed

3 files changed

+35
-16
lines changed

.DS_Store

0 Bytes
Binary file not shown.

src/scans/tools/secret_tool.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@ impl SecretTool {
6363
}
6464
}
6565

66-
let cmd = format!("trufflehog filesystem --no-update {} --json --exclude-detectors=FLOAT,SIGNABLE,YANDEX,OANDA,CIRCLE,PARSEUR,URI,SENTRYTOKEN,SIRV,ETSYAPIKEY,UNIFYID,MIRO,FRESHDESK,ALIBABA,YELP,FLATIO,GETRESPONSE,ATERA,GITTER,SONARCLOUD,AZURESEARCHADMINKEY", _path);
66+
let cmd = format!("trufflehog filesystem --no-update {} --json --exclude-detectors=FLOAT,SIGNABLE,YANDEX,OANDA,CIRCLE,PARSEUR,URI,SENTRYTOKEN,SIRV,ETSYAPIKEY,UNIFYID,MIRO,FRESHDESK,ALIBABA,YELP,FLATIO,GETRESPONSE,ATERA,GITTER,SONARCLOUD,AZURESEARCHADMINKEY,MYFRESHWORKS,BOX", _path);
6767
let output_data = execute_command(&cmd, true).await;
6868

6969
let mut results: Vec<Value> = Vec::new();

src/utils/pipeline.rs

Lines changed: 34 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -30,8 +30,8 @@ pub async fn pipeline_failure(
3030
let mut pipeline_sast_sca_data = HashMap::new();
3131
let mut pipeline_secret_license_data = HashMap::new();
3232
let mut found_issues = false;
33-
let mut found_sast_issues = false;
34-
let mut found_sca_issues = false;
33+
let found_sast_issues = false;
34+
let found_sca_issues = false;
3535
let mut found_secret_issues = false;
3636
let found_license_issues = false;
3737

@@ -60,9 +60,7 @@ pub async fn pipeline_failure(
6060
if code_path.contains("@") {
6161
cleaned_code_path = code_path.split("@").collect::<Vec<&str>>()[1].to_string();
6262
}
63-
let mut commit_path = String::new();
64-
commit_path = format!("{}/commit", cleaned_code_path.clone());
65-
slack_alert_msg.push_str(format!("\n\nCommit: {}", commit_path).as_str());
63+
let commit_path = format!("{}/commit", cleaned_code_path.clone());
6664
println!(
6765
"\n\n 🔎 Hela Security Scan Results for {}",
6866
redacted_code_path
@@ -90,12 +88,10 @@ pub async fn pipeline_failure(
9088
};
9189
let vuln_path_str = format!("{}:{}", vuln_path_result, vuln_path_line);
9290
let vuln_path = String::from(vuln_path_str);
93-
let commit_id =
94-
find_commit_for_snippet(&vuln_path, &result["extra"]["lines"].to_string()).unwrap();
9591
sast_result.insert("check_id", result["check_id"].to_string());
9692
sast_result.insert("path", vuln_path);
9793
sast_result.insert("severity", result["extra"]["severity"].to_string());
98-
let mut message = result["extra"]["message"].to_string();
94+
let message = result["extra"]["message"].to_string();
9995
sast_result.insert("message", message);
10096
sast_result.insert("lines", result["extra"]["lines"].to_string());
10197

@@ -135,8 +131,6 @@ pub async fn pipeline_failure(
135131
}
136132

137133
table.add_row(row![bFg->"S.No", bFg->"Path", bFg->"Severity", bFg->"Message"]);
138-
let mut sast_count = 0;
139-
let mut messages: Vec<String> = Vec::new();
140134
let mut message_to_hash: HashMap<String, (String, String, String, String, String)> =
141135
HashMap::new();
142136

@@ -477,11 +471,11 @@ pub async fn pipeline_failure(
477471
slack_alert_msg.push_str("\n\n");
478472
slack_alert_msg.push_str("================== Secret Results ==================");
479473
table.add_row(
480-
row![bFg->"S.No", bFg->"File", bFg->"Line", bFg->"Raw", bFg->"Detector Name"],
474+
row![bFg->"S.No", bFg->"File", bFg->"Line", bFg->"Raw", bFg->"Detector Name", bFg->"Commit"],
481475
);
482476
}
483477

484-
let mut secret_count = 0;
478+
let secret_count = 0;
485479
let mut message_to_hash: HashMap<String, (String, String, String, String, String)> =
486480
HashMap::new();
487481

@@ -544,11 +538,22 @@ pub async fn pipeline_failure(
544538
let raw_truncated = raw.chars().take(50).collect::<String>();
545539

546540
// Add row to table
547-
table.add_row(row![secret_count, file, line, raw_truncated, detector_name]);
541+
table.add_row(row![
542+
secret_count,
543+
file,
544+
line,
545+
raw_truncated,
546+
detector_name,
547+
commit_link
548+
]);
548549

549550
slack_alert_msg.push_str(&format!(
550551
"\n\nFile: {}\nLine: {}\nRaw: {}\nDetector Name: {}\nCommit: {}",
551-
file, line, raw, detector_name, commit_link
552+
file,
553+
line,
554+
raw,
555+
detector_name,
556+
commit_link.clone()
552557
));
553558

554559
// Register the missing hash
@@ -759,6 +764,20 @@ pub async fn pipeline_failure(
759764
if is_secret {
760765
let mut secret_results = Vec::new();
761766
for result in json_output["secret"]["results"].as_array().unwrap() {
767+
let file_path = result["SourceMetadata"]["Data"]["Filesystem"]["file"]
768+
.as_str()
769+
.unwrap();
770+
let raw_value = result["Raw"].as_str().unwrap();
771+
let commit_id = find_commit_for_snippet(file_path, raw_value).unwrap();
772+
let commit_base_link = commit_path.split("/commit").collect::<Vec<&str>>()[0];
773+
let commit_link = format!(
774+
"{}/commit/{}",
775+
commit_base_link,
776+
match commit_id {
777+
Some(commit_id) => commit_id,
778+
None => "UNKNOWN".to_string(),
779+
}
780+
);
762781
let mut secret_result = serde_json::Map::new();
763782
secret_result.insert(
764783
"ruleId".to_string(),
@@ -769,7 +788,7 @@ pub async fn pipeline_failure(
769788
"Secret of {} with value {} exposed\n\nCommit: {}",
770789
result["DetectorName"].as_str().unwrap(),
771790
result["Raw"].as_str().unwrap(),
772-
commit_path
791+
commit_link
773792
);
774793
let msg_val = serde_json::Value::String(msg);
775794
message.insert("text".to_string(), msg_val);

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy