[Detector] - Restore and Refactor Detectors starting with *CA* #4315
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…d `verifyMatch` function. Updated integration tests to reflect changes in secret retrieval and verification processes. Adjusted regex patterns for improved accuracy in detecting API keys. Enhanced error handling for API responses.
shahzadhaider1
requested changes
Jul 18, 2025
| @@ -26,7 +27,7 @@ var ( | |||
|
|
|||
| // Make sure that your group is surrounded in boundary characters such as below to reduce false positives. | |||
| keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"cashboard"}) + `\b([0-9A-Z]{3}-[0-9A-Z]{3}-[0-9A-Z]{3}-[0-9A-Z]{3})\b`) | |||
| userPat = regexp.MustCompile(detectors.PrefixRegex([]string{"cashboard"}) + `\b([0-9a-z]{1,})\b`) | |||
| userPat = regexp.MustCompile(detectors.PrefixRegex([]string{"username"}) + `\b([0-9a-z]{1,})\b`) | |||
There was a problem hiding this comment.
I think we shouldn't remove the cashboard keyword, because the regex pattern seems too generic
There was a problem hiding this comment.
This is just a prefix for catching the username once the chunk is inside the detector.
The reason for removing cashboard keyword is that it will create unnecessary sets of credentials.
…tectors to return actual errors instead of nil. This improves error reporting and debugging capabilities.
nabeelalam
reviewed
Jul 22, 2025
| @@ -74,6 +66,33 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result | |||
| return results, nil | |||
| } | |||
|
|
|||
| func verifyMatch(ctx context.Context, client *http.Client, token string) (bool, error) { | |||
| req, err := http.NewRequestWithContext(ctx, "GET", "https://app.caflou.com/api/v1/accounts", nil) | |||
There was a problem hiding this comment.
nit: Seems like a good opportunity to replace nil and hard coded strings with http.NoBody and http.MethodGet in all of the detectors
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
verifyMatchfunctionNote:
I'm having trouble creating test accounts in Captain Data (.co domain for <V4) and Caspio. The accounts are stuck in verification state.
Checklist:
make test-community)?make lintthis requires golangci-lint)?