Documentation
¶
Index ¶
- Constants
- func IsNew(finding *report.Finding, redact uint, baseline []report.Finding) bool
- func LoadBaseline(baselinePath string) ([]report.Finding, error)
- type Detector
- func (d *Detector) AddBaseline(baselinePath, source string) error
- func (d *Detector) AddFinding(finding *report.Finding)
- func (d *Detector) AddGitleaksIgnore(gitleaksIgnorePath string) error
- func (d *Detector) Detect(fragment *Fragment) []report.Finding
- func (d *Detector) DetectBytes(content []byte) []report.Finding
- func (d *Detector) DetectSource(ctx context.Context, source sources.Source) ([]report.Finding, error)
- func (d *Detector) DetectString(content string) []report.Finding
- func (d *Detector) Findings() []report.Finding
- type Fragmentdeprecated
- type Location
Constants ¶
View Source
const ( // SlowWarningThreshold is the amount of time to wait before logging that a file is slow. // This is useful for identifying problematic files and tuning the allowlist. SlowWarningThreshold = 5 * time.Second )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Detector ¶
type Detector struct {
// Config is the configuration for the detector
Config config.Config
// Redact is a flag to redact findings. This is exported
// so users using gitleaks as a library can set this flag
// without calling `detector.Start(cmd *cobra.Command)`
Redact uint
// verbose is a flag to print findings
Verbose bool
// MaxDecodeDepths limits how many recursive decoding passes are allowed
MaxDecodeDepth int
// MaxArchiveDepth limits how deep the sources will explore nested archives
MaxArchiveDepth int
// files larger than this will be skipped
MaxTargetMegaBytes int
// caps the number of regex matches per rule per fragment
MaxRuleMatchesPerFragment uint64
// MaxSecretSize is the maximum allowed secret size in bytes.
// Secrets larger than this will be ignored. 0 means no limit.
MaxSecretSize uint64
// followSymlinks is a flag to enable scanning symlink files
FollowSymlinks bool
// NoColor is a flag to disable color output
NoColor bool
// IgnoreGitleaksAllow is a flag to ignore gitleaks:allow comments.
IgnoreGitleaksAllow bool
// Sema (https://github.com/fatih/semgroup) controls the concurrency
Sema *semgroup.Group
// report-related settings.
ReportPath string
Reporter report.Reporter
TotalBytes atomic.Uint64
// contains filtered or unexported fields
}
Detector is the main detector struct
func NewDetector ¶
NewDetector creates a new detector with the given config
func (*Detector) AddBaseline ¶
func (*Detector) AddFinding ¶
AddFinding synchronously adds a finding to the findings slice
func (*Detector) AddGitleaksIgnore ¶
func (*Detector) DetectBytes ¶
DetectBytes scans the given bytes and returns a list of findings
func (*Detector) DetectSource ¶
func (d *Detector) DetectSource(ctx context.Context, source sources.Source) ([]report.Finding, error)
DetectSource scans the given source and returns a list of findings
func (*Detector) DetectString ¶
DetectString scans the given string and returns a list of findings
Source Files
Click to show internal directories.
Click to hide internal directories.