cloud-gov caulking issues

cloud-gov / caulking

Prevent leaks with gitleaks, and use tests to validate

Other

32 stars 11 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Only check files to be committed

#41 bengerman13 closed 2 years ago
3
Pin gitleaks to 6.2.0 so to avoid bugs and give consistent results

#40 pburkholder closed 3 years ago
0
Fix IPv4 audit error

#39 pburkholder closed 3 years ago
0
'make audit' fails on IPv4 test

#38 jfredrickson5 closed 3 years ago
2
Local hooks check doesn't know about global config

#37 bengerman13 closed 5 months ago
4
Update to version 6 of gitleaks

#36 pburkholder closed 4 years ago
1
Pretty bats and test for AKIA in ~/.aws

#35 pburkholder closed 4 years ago
0
Adds user_email check

#34 pburkholder closed 4 years ago
0
A string starting as "0." is not ipv4

#33 pburkholder closed 4 years ago
0
Makefile should be self-documenting

#32 pburkholder opened 4 years ago
0
Ensure $HOME/.aws directory and .*rc, .*profile files are free of AWS access keys

#31 pburkholder closed 4 years ago
1
Assure git config `user.email` is @gsa.gov address

#30 pburkholder closed 4 years ago
1
Assess offerings for 3rd-party GitHub scanning

#29 pburkholder opened 4 years ago
0
Make clear what strings to use for example secrets

#28 pburkholder closed 4 years ago
0
OK list of example secrets

#27 pburkholder closed 4 years ago
0
Remove match on presumptive aws secret keys

#26 pburkholder closed 4 years ago
0
Scan all repos retrospectively

#25 pburkholder closed 4 years ago
1
Spruce up Caulking before the assessors arrive

#24 pburkholder closed 4 years ago
0
Usernames in terraform and ignore self

#23 pburkholder closed 4 years ago
0
Fix ipv4 false positive

#22 pburkholder closed 4 years ago
0
Fixed whitelist for email and dev process

#21 pburkholder closed 4 years ago
1
Scan all `cloud-gov` org repositories for historical leaks

#20 pburkholder closed 4 years ago
1
Provide context for bug bounty folks that these apparent keys are test data.

#19 pburkholder closed 4 years ago
0
add support for other hooks

#18 bengerman13 closed 4 years ago
0
Removed git bundle work around for gitleaks new repo bug

#17 pburkholder closed 4 years ago
0
Clarify use of rules sets

#16 pburkholder closed 4 years ago
0
Mute false positives in vendor/github.com vendor/gopkg.in

#15 pburkholder closed 4 years ago
1
False positive on svg and package-lock.json files

#14 apburnes closed 4 years ago
1
Detect AWS keys in absence of `key` earlier in string

#13 pburkholder closed 4 years ago
3
Remove port detection

#12 tammersaleh closed 4 years ago
1
Bug: False positive when leak is in file that's not staged for commit

#11 tammersaleh closed 4 years ago
1
Combine rules files and adjust email filters

#10 hillaryj closed 4 years ago
0
Fails with an unconfigured user

#9 pburkholder closed 4 years ago
1
Relax email matching

#8 hillaryj closed 4 years ago
1
Bug: false positive with _removing_ a sensitive line

#7 tammersaleh closed 4 years ago
2
`audit` should include user and timestamp

#6 pburkholder closed 4 years ago
0
Simplify caulking installation and upgrades

#5 tammersaleh closed 9 months ago
7
Caulking breaks per-repo git hooks

#4 tammersaleh closed 4 years ago
4
Note error on new repos

#3 pburkholder closed 4 years ago
0
add pr template to repository

#2 bengerman13 closed 4 years ago
0
require explicit staging in recommended check-skipping function

#1 bengerman13 closed 4 years ago
1