Open pburkholder opened 2 years ago
In order to avoid false positives, commits like adding cg-scripts/log4j*files should not trigger the Generic Credentials rules:
Here's sample output:
INFO[0000] opening . { "line": "csvwriter.writerow([\"Path\",\"Node_0\",\"Instance_GUID\",\"Customer_Path\",\"Plugin_URLS\",\"App_GUID\",\"App_Name\",\"Space_Name\",\"Org_Name\",\"Org_Managers\",\"Space_Devs\"])", "lineNumber": 2, "offender": "GUID\",\"Customer_Path\",\"Plugin_URLS\",\"App_GUID\",\"App_Name\",\"Space_Name\",\"Org_Name\",\"Org_Managers\",\"Space_Devs\"", "offenderEntropy": -1, "commit": "0000000000000000000000000000000000000000", "repo": "cg-scripts", "repoURL": "", "leakURL": "", "rule": "Generic Credential", "commitMessage": "", "author": "", "email": "", "file": "audit/log4j-nessus-parser.py", "date": "1970-01-01T00:00:00Z", "tags": "key, API, generic" } { "line": "app_guid_file = open(\"app_guids\", \"r\")", "lineNumber": 2, "offender": "guid_file = open(\"app_guids\"", "offenderEntropy": -1, "commit": "0000000000000000000000000000000000000000", "repo": "cg-scripts", "repoURL": "", "leakURL": "", "rule": "Generic Credential", "commitMessage": "", "author": "", "email": "", "file": "audit/log4j-report-users.py", "date": "1970-01-01T00:00:00Z", "tags": "key, API, generic" }
cg-scripts/audit/log4j*
Reducing false positives supports use of this tool.
In order to avoid false positives, commits like adding cg-scripts/log4j*files should not trigger the Generic Credentials rules:
Here's sample output:
Acceptance Criteria
cg-scripts/audit/log4j*
files, THEN no findingsSecurity considerations
Reducing false positives supports use of this tool.