Marco Rosa
Marco Rosa
At the current stage we are not supporting M1 (or M2) out-of-the-box. Some dependencies are not actually compatible (e.g., `hyperscan`). Moreover, also docker may have some architectural issues. Initial steps...
`psycopg` library v3 is out and we should update our `PgClient` component
During the scan, when adding discoveries via postgres, some discoveries may raise an exception ``` Traceback (most recent call last): File "/Users/marco/git/credential-digger/venv/bin/credentialdigger", line 8, in sys.exit(main()) File "/Users/marco/git/credential-digger/venv/lib/python3.9/site-packages/credentialdigger/__main__.py", line 7,...
`hyperscan` v0.3.0 [has just been released](https://github.com/darvid/python-hyperscan/releases/tag/v0.3.0). This new package version includes binaries for hyperscan library, so `libhyperscan5` (or `libhyperscan4` for older OS versions) is not supposed to be installed anymore....
If a scan raises an error (either in the scanner, or models, or db), the discoveries are not inserted in the db, but the UI shows the scan as completed...
Sometimes, the scan fails due to a tokeniser error raised by the PasswordModel For example (scanning repo `https://github.com/wuest-amiconsult/BTP-Day2-Bookshop-Exercise`) ``` Exception in thread credentialdigger@https://github.com/wuest-amiconsult/BTP-Day2-Bookshop-Exercise: Traceback (most recent call last): File "/usr/local/Cellar/[email protected]/3.9.7_1/Frameworks/Python.framework/Versions/3.9/lib/python3.9/threading.py",...
From the UI is not possible to know what version of the tool is being run. It could be a good idea to have a "tag" (maybe in the header?)...
There are some tests that are missing: - [ ] `add_discovery` not covered yet (whereas `add_discoveries` is covered) - [ ] tests for embeddings - [ ] test for `update_similar_snippets`...
In some cases, the `export_discoveries` will crash the UI Issue experienced when using docker and postgres db. This happens when exporting discoveries of large repos (e.g., credential digger's repo itself...
If we use the `update_similar_discoveries` function (e.g., from the UI where the flag to update similar discoveries is active by default), but the similarity was not computed (i.e., there are...