Diver - Extract data and look for secrets

[pylapp]

Description

As an open source referent or a GitHub admin, I want a tool which will look for secrets, hotwords or sensitive data in both Git history and versioned project, so that I will be able to warn users and improve detection and management of leaks an reduce risks of social engineering.

Details

• Gitleaks can be used in the repository
• Emails can be extracted using regular expression
• First name and last name also
• Some warnings can be done if emailsd does not match a dedicated pattern
• Internal identifier can be searched using regular expression (abcd1234, stuff like that)
• Maybe also phone numbers
• In outputs, maybe, a CSV file pointing commits hashs, type of data and value of data

Maybe related to #148 (extract contributors and get emails and names)

Maybe following scripts can be used:

• extract-emails-from-history
• find-contributors-in-files.sh
• find-contributors-in-git-logs
• find-credentials-in-files
• list-contirbutors-in-history.sh