Documentation
¶
Index ¶
- func ShouldBlock(severity Severity) bool
- type Category
- type Config
- type Finding
- type Pattern
- type Scanner
- func (s *Scanner) AddPattern(pattern *Pattern)
- func (s *Scanner) CompilePattern(name, pattern string, severity Severity, category Category, description string) error
- func (s *Scanner) GetCriticalFindings(findings []Finding) []Finding
- func (s *Scanner) GetFindingsByCategory(findings []Finding, category Category) []Finding
- func (s *Scanner) GetFindingsBySeverity(findings []Finding, minSeverity Severity) []Finding
- func (s *Scanner) GetPattern(name string) *Pattern
- func (s *Scanner) GetViolationNames(findings []Finding) []string
- func (s *Scanner) GetViolationSummary(findings []Finding) map[Severity]int
- func (s *Scanner) HasViolation(findings []Finding) bool
- func (s *Scanner) RemovePattern(name string) bool
- func (s *Scanner) Scan(content string) []Finding
- func (s *Scanner) ScanBytes(content []byte) []Finding
- func (s *Scanner) ScanWithContext(content string) []Finding
- func (s *Scanner) SetConfig(config *Config)
- func (s *Scanner) ShouldBlock(findings []Finding) bool
- type Severity
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ShouldBlock ¶
ShouldBlock returns true if the severity level should trigger a block
Types ¶
type Config ¶
type Config struct {
Patterns []*Pattern
BlockThreshold Severity
LogFindings bool
IncludeContext bool
ContextSize int // Characters before and after match to include
MaxFindings int // Maximum number of findings to return per scan
}
Config holds scanner configuration
func DefaultConfig ¶
func DefaultConfig() *Config
DefaultConfig returns a default scanner configuration
type Finding ¶
type Finding struct {
Pattern *Pattern
Match string
Position int
Context string // Additional context around the match (optional)
}
Finding represents a single detection of sensitive data
type Pattern ¶
type Pattern struct {
Name string
Regex *regexp.Regexp
Severity Severity
Category Category
Description string
}
Pattern represents a detection pattern for sensitive data
func AdditionalPatterns ¶
func AdditionalPatterns() []*Pattern
AdditionalPatterns returns extended detection patterns These can be merged with DefaultPatterns() for enhanced coverage
func AllPatterns ¶
func AllPatterns() []*Pattern
AllPatterns returns combined default and additional patterns
func DefaultPatterns ¶
func DefaultPatterns() []*Pattern
DefaultPatterns returns the complete set of detection patterns Note: Go's regexp package uses RE2 syntax which doesn't support negative lookahead
type Scanner ¶
type Scanner struct {
// contains filtered or unexported fields
}
Scanner represents the content scanning engine
func (*Scanner) AddPattern ¶
AddPattern adds a custom pattern to the scanner
func (*Scanner) CompilePattern ¶
func (s *Scanner) CompilePattern(name, pattern string, severity Severity, category Category, description string) error
CompilePattern compiles a regex pattern and adds it to the scanner
func (*Scanner) GetCriticalFindings ¶
GetCriticalFindings returns only Critical severity findings
func (*Scanner) GetFindingsByCategory ¶
GetFindingsByCategory returns findings filtered by category
func (*Scanner) GetFindingsBySeverity ¶
GetFindingsBySeverity returns findings filtered by minimum severity
func (*Scanner) GetPattern ¶
GetPattern returns a pattern by name
func (*Scanner) GetViolationNames ¶
GetViolationNames returns the names of patterns that triggered violations
func (*Scanner) GetViolationSummary ¶
GetViolationSummary returns a summary of all findings by severity
func (*Scanner) HasViolation ¶
HasViolation checks if any finding meets or exceeds the configured block threshold
func (*Scanner) RemovePattern ¶
RemovePattern removes a pattern by name
func (*Scanner) ScanWithContext ¶
ScanWithContext analyzes content and returns findings with their surrounding context
func (*Scanner) ShouldBlock ¶
ShouldBlock checks if any finding should trigger a block action
Source Files