trufflehog
trufflehog copied to clipboard
trufflesecurity
Feat: bitbucket app
fork off brandonjyan:bitbucketapppassword which lived here https://github.com/trufflesecurity/trufflehog/pull/1498
The previous complex logic has been replaced with a clean, single-pass approach using a unified credentialPatterns slice for simplicity and performance.
The entire detector has been brought up to current project standards, attempt w/ cleaner regex with named capture groups and improved resource handling.
xxlarge bench is 2x faster.
Checklist:
-
[ ✔️ ] Tests passing (
make test-community)? -
[ ✔️ ] Lint passing (
make lintthis requires golangci-lint)?
ran some benchmarks where OLD == https://github.com/trufflesecurity/trufflehog/pull/1498
| Benchmark Size | GCP (Fastest) | Bitfinex | Hugging Face | Bitbucket NEW | Bitbucket OLD |
|---|---|---|---|---|---|
| xsmall | 585.6 | 1,156 | 599.2 | 923.8 | 507.1 |
| small | 681.6 | 1,435 | 986.4 | 6,125 | 10,420 |
| medium | 1,280 | 3,721 | 4,845 | 67,149 | 129,749 |
| large | 6,524 | 24,868 | 42,898 | 777,381 | 1,525,966 |
| xlarge | 60,241 | 240,401 | 414,083 | 7,247,065 | 17,305,812 |
| xxlarge | 748,382 | 2,563,427 | 4,265,669 | 75,731,043 | 145,927,025 |
still not really satisfied as these regexes are quite slow.
@amanfcp, thx for the pointers, I tried to port the feedback in while going through some more recently added detectors. This should be ready for a fresh look when you have a moment; though I am not a fan of the slow regexes.
Thanks @x-stp for incorporating the pointers. Can you please resolve the conflicts?
detector code already lacks uniformity across various files, we should try to stick to the core format as much as we can.
detector code already lacks uniformity across various files, we should try to stick to the core format as much as we can.
Hi @bugbaba
I will go over the comments soon and get back to you.
Thanks!