Brad Larsen
Brad Larsen
Note, there is an earlier PR (#4438) to address the test flakiness here. The approach taken there is different: it explicitly allows the two permutations of the test, rather than...
Also, I'll point out here that the fix for the nondeterminism in this PR (eliminating it from the detector) will fix the test flakiness, making the order of the `Raw`...
Note: the custom detector test failed in the `test-community` job above: ``` --- FAIL: TestDetectorValidations (0.00s) --- FAIL: TestDetectorValidations/custom_validation_-_multiple_regex_validations (0.00s) custom_detectors_test.go:556: CustomDetector.FromData() custom validation - multiple regex validations diff: (-got...
> I have seen this sporadic test failure a few times now. I'm pretty sure it's caused by iterating over a map (the order of which is unspecified in Go)...
A TODO item from the description: > estimate the impact on increased finding volume when verification is disabled I ran with this new JWT detection over 250k recent commits from...
I ran over ~200GB of recently-pushed content to public GitHub with this branch. In that experiment, the new JWT detector is not even in the top 10 of all detectors...
As I remarked [a while back](https://github.com/praetorian-inc/noseyparker/issues/98#issuecomment-1836341457) in #98: an integration like this that can prevent a commit or break a build has much tighter requirements around false positives than a...
@luizvbo yes, it's still relevant, and what @mickgmdb points you to would be a good start, as Kingfisher was forked from Nosey Parker and much of its interface and internals...
Internally, Nosey Parker uses two regex engines to do its matching. First, [Vectorscan](https://github.com/VectorCamp/vectorscan) does simultaneous matching all the patterns of the enabled rules on the input. This runs VERY fast...
The possible implementation that seems like it would have the best quality is this: - Add a proper regex parser / frontend to Nosey Parker - Have the frontend compile...