Skip to content

Commit

Permalink
feat(trufflehog_v3): add link field and deduplicate issues based on it
Browse files Browse the repository at this point in the history
  • Loading branch information
brieucR committed May 6, 2024
1 parent f2c3cf5 commit d72855e
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
3 changes: 2 additions & 1 deletion dojo/settings/settings.dist.py
Original file line number Diff line number Diff line change
Expand Up @@ -1242,6 +1242,7 @@ def saml2_attrib_map_format(dict):
'kube-bench Scan': ['title', 'vuln_id_from_tool', 'description'],
'Threagile risks report': ['title', 'cwe', "severity"],
'Trufflehog Scan': ['title', 'description', 'line'],
'Trufflehog3 Scan': ['url', 'component_name'],
'Humble Json Importer': ['title'],
'MSDefender Parser': ['title', 'description'],
'HCLAppScan XML': ['title', 'description'],
Expand Down Expand Up @@ -1319,7 +1320,7 @@ def saml2_attrib_map_format(dict):
# List of fields that are known to be usable in hash_code computation)
# 'endpoints' is a pseudo field that uses the endpoints (for dynamic scanners)
# 'unique_id_from_tool' is often not needed here as it can be used directly in the dedupe algorithm, but it's also possible to use it for hashing

Check failure on line 1322 in dojo/settings/settings.dist.py

View workflow job for this annotation

GitHub Actions / ruff-linting

Ruff (E231)

dojo/settings/settings.dist.py:1322:232: E231 Missing whitespace after ','

Check notice on line 1322 in dojo/settings/settings.dist.py

View workflow job for this annotation

GitHub Actions / flake8-your-pr

dojo/settings/settings.dist.py#L1322

missing whitespace after ',' (E231)
HASHCODE_ALLOWED_FIELDS = ['title', 'cwe', 'vulnerability_ids', 'line', 'file_path', 'payload', 'component_name', 'component_version', 'description', 'endpoints', 'unique_id_from_tool', 'severity', 'vuln_id_from_tool', 'mitigation']
HASHCODE_ALLOWED_FIELDS = ['title', 'cwe', 'vulnerability_ids', 'line', 'file_path', 'payload', 'component_name', 'component_version', 'description', 'endpoints', 'unique_id_from_tool', 'severity', 'vuln_id_from_tool', 'mitigation','url']

# Adding fields to the hash_code calculation regardless of the previous settings
HASH_CODE_FIELDS_ALWAYS = ['service']
Expand Down
2 changes: 2 additions & 0 deletions dojo/tools/trufflehog3/parser.py
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,7 @@ def get_finding_current(self, json_data, test, dupes):
# author = json_data.get('author')
commit = json_data.get("commit")
date = json_data.get("date")
link = json_data.get("link", "")

title = f"{message} found in {file}"

Expand Down Expand Up @@ -165,5 +166,6 @@ def get_finding_current(self, json_data, test, dupes):
dynamic_finding=False,
static_finding=True,
nb_occurences=1,
url=link
)
dupes[dupe_key] = finding

0 comments on commit d72855e

Please sign in to comment.