This project is archived, which means that it's in read-only state; you can download and use this code, but please be aware that it may be buggy and may also contain security vulnerabilities. If you're interested to restore development activities on this project, please email help@finos.org.
Goldman Sachs has developed a simple yet powerful framework called CatchIT that can be easily integrated with CI/CD and provide information about confidential security violations in JSON output in stdout. It leverages the linux commands grep and find, so that the scanner has very low execution time. We have a predefined list of regular expressions for common sensitive files and secrets found in code which can be easily extended. The regexes have been created keeping in mind the rate of false positives.
python3 catchit.py --scan-path {Scan directory path}
For issue tracking, we use GitHub Issues.
git checkout -b feature/fooBar
)git commit -am 'Add some fooBar'
)git push origin feature/fooBar
)NOTE: Commits and pull requests to FINOS repositories will only be accepted from those contributors with an active, executed Individual Contributor License Agreement (ICLA) with FINOS OR who are covered under an existing and active Corporate Contribution License Agreement (CCLA) executed with FINOS. Commits from individuals not covered under an ICLA or CCLA will be flagged and blocked by the FINOS Clabot tool. Please note that some CCLAs require individuals/employees to be explicitly named on the CCLA.
Need an ICLA? Unsure if you are covered under an existing CCLA? Email help@finos.org
Copyright 2021 Goldman Sachs
Distributed under the Apache License, Version 2.0.
SPDX-License-Identifier: Apache-2.0