diff --git a/.2ms.yml b/.2ms.yml index dcbfccb0..158f9975 100644 --- a/.2ms.yml +++ b/.2ms.yml @@ -111,3 +111,19 @@ ignore-result: - 754506f714ffc10628e6fe6dd05affa486d78234 # value used for testing - eebd28cd68ee73b9a1f68b85453575498c12c5b8 # value used for testing - 14f5cf9d2716f2cec7daf95ab86e1a4feaf7ba41 # value used for testing +- 9d94eb297ac8cb2613d3091e1ee4d085bc3ce218 # value used for testing +- 2d06c941743a66ec44d96c5db4b3b1e6e07a1eee # value used for testing +- 9343373de08c9a35cb8f2d7695b02b5141de29d8 # value used for testing +- 071b6cb8c1affc7e1c49137ead1b875cc5d08876 # value used for testing +- f0dbf084d67ad8d1a132b1b77f3186df939ccb6f # value used for testing +- 36421c2650a6f6ed3ed52ac013c8e73fc47a95da # value used for testing +- e7feb20ae9d14a4cdfce9d4a5451313ffc92253b # value used for testing +- 7c0c039771d4cc8eb455d3bbdccf8131fdd6e45e # value used for testing +- 9a8177d80f9aa9a32759ba7710725b8a1fd3343a # value used for testing +- 82ff8052d87e4cedb3dee7db569fcb181e6caf88 # value used for testing +- 44eca14299c23849c83a7a84fdaa35b8a6a0de34 # value used for testing +- 374eb22f69352d768e8096f9d55299c4dfd8888c # value used for testing +- bd69025b337716ee008f80192523d3cb1c11ed09 # value used for testing + + + diff --git a/engine/engine.go b/engine/engine.go index 167da717..32253f2d 100644 --- a/engine/engine.go +++ b/engine/engine.go @@ -318,20 +318,33 @@ func buildSecret(ctx context.Context, item plugins.ISourceItem, value report.Fin } value.Line = strings.TrimSuffix(value.Line, CxFileEndMarker) + hasNewline := strings.HasPrefix(value.Line, "\n") + + if hasNewline { + value.Line = strings.TrimPrefix(value.Line, "\n") + } + value.Line = strings.ReplaceAll(value.Line, "\r", "") lineContent, err := linecontent.GetLineContent(value.Line, value.Secret) if err != nil { return nil, fmt.Errorf("failed to get line content for source %s: %w", item.GetSource(), err) } + adjustedStartColumn := value.StartColumn + adjustedEndColumn := value.EndColumn + if hasNewline { + adjustedStartColumn-- + adjustedEndColumn-- + } + secret := &secrets.Secret{ ID: itemId, Source: item.GetSource(), RuleID: value.RuleID, StartLine: startLine, - StartColumn: value.StartColumn, + StartColumn: adjustedStartColumn, EndLine: endLine, - EndColumn: value.EndColumn, + EndColumn: adjustedEndColumn, Value: value.Secret, LineContent: lineContent, RuleDescription: value.Description, diff --git a/engine/engine_test.go b/engine/engine_test.go index 0906cabc..9b8c8830 100644 --- a/engine/engine_test.go +++ b/engine/engine_test.go @@ -7,6 +7,7 @@ import ( "io" "os" "path/filepath" + "strings" "testing" "go.uber.org/mock/gomock" @@ -22,6 +23,7 @@ import ( "github.com/stretchr/testify/require" "github.com/zricethezav/gitleaks/v8/config" "github.com/zricethezav/gitleaks/v8/detect" + "github.com/zricethezav/gitleaks/v8/report" ) var fsPlugin = &plugins.FileSystemPlugin{} @@ -437,6 +439,89 @@ func TestDetectChunks(t *testing.T) { } } +func TestSecretsColumnIndex(t *testing.T) { + + tests := []struct { + name string + lineContent string + startColumn int + endColumn int + expectedLineContent string + expectedStartColumn int + expectedEndColumn int + }{ + { + name: "secret on first line without newline", + lineContent: `let apikey = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"`, + startColumn: 14, + endColumn: 50, + expectedLineContent: `let apikey = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"`, + expectedStartColumn: 14, + expectedEndColumn: 50, + }, + { + name: "secret with leading newline", + lineContent: "\nlet apikey = \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\"", + startColumn: 15, + endColumn: 51, + expectedLineContent: `let apikey = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"`, + expectedStartColumn: 14, + expectedEndColumn: 50, + }, + { + name: "leading newline followed by tab indentation", + lineContent: "\n let apikey = \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\"", + startColumn: 2, + endColumn: 7, + expectedLineContent: " let apikey = \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\"", + expectedStartColumn: 1, + expectedEndColumn: 6, + }, + { + name: "leading newline followed by tab indentation with special character", + lineContent: "\n\tlet apikey€ = \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\"", + startColumn: 2, + endColumn: 7, + expectedLineContent: " let apikey€ = \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\"", + expectedStartColumn: 1, + expectedEndColumn: 6, + }, + { + name: "newline with content larger than context limit", + lineContent: "\n" + strings.Repeat("A", 500) + "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9" + strings.Repeat("B", 500), + startColumn: 501, + endColumn: 536, + expectedLineContent: strings.Repeat("A", 250) + "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9" + strings.Repeat("B", 250), + expectedStartColumn: 500, + expectedEndColumn: 535, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + + mockItem := &item{content: &tt.lineContent, source: "test.txt"} + + finding := report.Finding{ + StartColumn: tt.startColumn, + EndColumn: tt.endColumn, + Secret: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9", + RuleID: "test-rule", + Description: "Test Description", + Line: tt.lineContent, + StartLine: 1, + EndLine: 1, + } + + secret, err := buildSecret(context.Background(), mockItem, finding, fsPlugin.GetName()) + + require.NoError(t, err) + assert.Equal(t, tt.expectedLineContent, secret.LineContent) + assert.Equal(t, tt.expectedStartColumn, secret.StartColumn) + assert.Equal(t, tt.expectedEndColumn, secret.EndColumn) + }) + } +} + type item struct { content *string id string diff --git a/go.mod b/go.mod index 7ca48317..64c84036 100644 --- a/go.mod +++ b/go.mod @@ -29,7 +29,7 @@ require ( github.com/fatih/semgroup v1.2.0 // indirect github.com/fsnotify/fsnotify v1.8.0 // indirect github.com/go-ole/go-ole v1.2.6 // indirect - github.com/go-viper/mapstructure/v2 v2.2.1 // indirect + github.com/go-viper/mapstructure/v2 v2.3.0 // indirect github.com/gorilla/websocket v1.5.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/lucasb-eyer/go-colorful v1.2.0 // indirect diff --git a/go.sum b/go.sum index 70662c04..7b944b76 100644 --- a/go.sum +++ b/go.sum @@ -23,8 +23,8 @@ github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho= github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= -github.com/go-viper/mapstructure/v2 v2.2.1 h1:ZAaOCxANMuZx5RCeg0mBdEZk7DZasvvZIxtHqx8aGss= -github.com/go-viper/mapstructure/v2 v2.2.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= +github.com/go-viper/mapstructure/v2 v2.3.0 h1:27XbWsHIqhbdR5TIC911OfYvgSaW93HM+dX7970Q7jk= +github.com/go-viper/mapstructure/v2 v2.3.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= diff --git a/pkg/testData/expectedReport.json b/pkg/testData/expectedReport.json index d9f646f4..27202d45 100644 --- a/pkg/testData/expectedReport.json +++ b/pkg/testData/expectedReport.json @@ -8,9 +8,9 @@ "ruleId" : "github-pat", "startLine" : 1, "endLine" : 1, - "lineContent" : "\n Text_Example = ghp_CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC\r", - "startColumn" : 64, - "endColumn" : 103, + "lineContent" : " Text_Example = ghp_CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC\r", + "startColumn" : 63, + "endColumn" : 102, "value" : "ghp_CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC", "ruleDescription" : "Uncovered a GitHub Personal Access Token, potentially leading to unauthorized repository access and sensitive content exposure.", "cvssScore" : 8.2 @@ -39,9 +39,9 @@ "ruleId" : "jwt", "startLine" : 1, "endLine" : 1, - "lineContent": "\n Text_Example = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJtb2NrU3ViMiIsIm5hbWUiOiJtb2NrTmFtZTIifQ.dummysignature2", - "startColumn" : 64, - "endColumn" : 167, + "lineContent": " Text_Example = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJtb2NrU3ViMiIsIm5hbWUiOiJtb2NrTmFtZTIifQ.dummysignature2", + "startColumn" : 63, + "endColumn" : 166, "value" : "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJtb2NrU3ViMiIsIm5hbWUiOiJtb2NrTmFtZTIifQ.dummysignature2", "ruleDescription" : "Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.", "extraDetails" : { diff --git a/pkg/testData/expectedReportWithIgnoredRule.json b/pkg/testData/expectedReportWithIgnoredRule.json index 8e713981..a8b120ac 100644 --- a/pkg/testData/expectedReportWithIgnoredRule.json +++ b/pkg/testData/expectedReportWithIgnoredRule.json @@ -26,9 +26,9 @@ "ruleId" : "jwt", "startLine" : 1, "endLine" : 1, - "lineContent": "\n Text_Example = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJtb2NrU3ViMiIsIm5hbWUiOiJtb2NrTmFtZTIifQ.dummysignature2", - "startColumn" : 64, - "endColumn" : 167, + "lineContent": " Text_Example = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJtb2NrU3ViMiIsIm5hbWUiOiJtb2NrTmFtZTIifQ.dummysignature2", + "startColumn" : 63, + "endColumn" : 166, "value" : "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJtb2NrU3ViMiIsIm5hbWUiOiJtb2NrTmFtZTIifQ.dummysignature2", "ruleDescription" : "Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.", "extraDetails" : { diff --git a/pkg/testData/expectedReportWithValidation.json b/pkg/testData/expectedReportWithValidation.json index bbe2f3d6..288f8cf1 100644 --- a/pkg/testData/expectedReportWithValidation.json +++ b/pkg/testData/expectedReportWithValidation.json @@ -3,14 +3,14 @@ "40483a2b07fa3beaf234d1a0b5d0931d7b7ae9f7": [ { "cvssScore": 5.2, - "endColumn": 103, + "endColumn": 102, "endLine": 1, "id": "40483a2b07fa3beaf234d1a0b5d0931d7b7ae9f7", - "lineContent": "\n Text_Example = ghp_CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC", + "lineContent": " Text_Example = ghp_CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC", "ruleDescription": "Uncovered a GitHub Personal Access Token, potentially leading to unauthorized repository access and sensitive content exposure.", "ruleId": "github-pat", "source": "testData/secrets/github-pat.txt", - "startColumn": 64, + "startColumn": 63, "startLine": 1, "validationStatus": "Invalid", "value": "ghp_CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC" @@ -55,7 +55,7 @@ }, { "cvssScore": 8.2, - "endColumn": 167, + "endColumn": 166, "endLine": 1, "extraDetails": { "secretDetails": { @@ -64,11 +64,11 @@ } }, "id": "a0cd293e6e122a1c7384d5a56781e39ba350c54b", - "lineContent": "\n Text_Example = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJtb2NrU3ViMiIsIm5hbWUiOiJtb2NrTmFtZTIifQ.dummysignature2", + "lineContent": " Text_Example = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJtb2NrU3ViMiIsIm5hbWUiOiJtb2NrTmFtZTIifQ.dummysignature2", "ruleDescription": "Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.", "ruleId": "jwt", "source": "testData/secrets/jwt.txt", - "startColumn": 64, + "startColumn": 63, "startLine": 1, "validationStatus": "Unknown", "value": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJtb2NrU3ViMiIsIm5hbWUiOiJtb2NrTmFtZTIifQ.dummysignature2" diff --git a/tests/testData/expectedReport/multi_line_secret_report.json b/tests/testData/expectedReport/multi_line_secret_report.json index 2b195e52..6db9c2cf 100644 --- a/tests/testData/expectedReport/multi_line_secret_report.json +++ b/tests/testData/expectedReport/multi_line_secret_report.json @@ -1,51 +1,51 @@ { - "totalItemsScanned": 1, - "totalSecretsFound": 3, - "results": { - "047d26912b890e89c7f01b7ec9e926390224e4f0": [ - { - "id": "047d26912b890e89c7f01b7ec9e926390224e4f0", - "source": "testData/input/multi_line_secret.txt", - "ruleId": "private-key", - "startLine": 3, - "endLine": 4, - "lineContent": "\n -----BEGIN RSA PRIVATE KEY----- MIIBOgIBAAJBAKj34GkxFhD90vcNLYLInFEX6Ppy1tPf9Cnzj4p4WGeKLs1Pt8Qu KUpRKfFLfRYC9AIKjbJTWit+Cq\r\n vjWYzvQwECAwEAAQJAIJLixBy2qpFoS4DSmoEm o3qGy0t6z09AIJtH+5OeRV1be+N4cDYJKffGzDa88vQENZiRm0GRq6a+HPGQMd2k TQIhAKMSvzIBnni7ot/OSie2TmJLY4SwTQAevXysE2RbFDYdAiEBCUEaRQnMnbp79mxDXDf6AU0cN/RPBjb9qSHDcWZHGzUCIG2Es59z8ugGrDY+pxLQnwfotadxd+Uy v/Ow5T0q5gIJAiEAyS4RaI9YG8EWx/2w0T67ZUVAw8eOMB6BIUg0Xcu+3okCIBOs /5OiPgoTdSy7bcF9IGpSE8ZgGKzgYQVZeN97YE00 -----END RSA PRIVATE KEY-----\r", - "startColumn": 10, - "endColumn": 377, - "value": "-----BEGIN RSA PRIVATE KEY----- MIIBOgIBAAJBAKj34GkxFhD90vcNLYLInFEX6Ppy1tPf9Cnzj4p4WGeKLs1Pt8Qu KUpRKfFLfRYC9AIKjbJTWit+Cq\r\n vjWYzvQwECAwEAAQJAIJLixBy2qpFoS4DSmoEm o3qGy0t6z09AIJtH+5OeRV1be+N4cDYJKffGzDa88vQENZiRm0GRq6a+HPGQMd2k TQIhAKMSvzIBnni7ot/OSie2TmJLY4SwTQAevXysE2RbFDYdAiEBCUEaRQnMnbp79mxDXDf6AU0cN/RPBjb9qSHDcWZHGzUCIG2Es59z8ugGrDY+pxLQnwfotadxd+Uy v/Ow5T0q5gIJAiEAyS4RaI9YG8EWx/2w0T67ZUVAw8eOMB6BIUg0Xcu+3okCIBOs /5OiPgoTdSy7bcF9IGpSE8ZgGKzgYQVZeN97YE00 -----END RSA PRIVATE KEY-----", - "ruleDescription": "Identified a Private Key, which may compromise cryptographic security and sensitive data encryption.", - "cvssScore": 8.2 - } - ], - "58e5a02e5571db6dc1f9c0fdba8d86e254225bf1": [ - { - "id": "58e5a02e5571db6dc1f9c0fdba8d86e254225bf1", - "source": "testData/input/multi_line_secret.txt", - "ruleId": "generic-api-key", - "startLine": 1, - "endLine": 1, - "lineContent": "`\"client_id\" : \"0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506\"`,\r", - "startColumn": 3, - "endColumn": 81, - "value": "0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506", - "ruleDescription": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", - "cvssScore": 8.2 - } - ], - "ed47a9a9052d119d91763ce84d689370fdbccf1f": [ - { - "id": "ed47a9a9052d119d91763ce84d689370fdbccf1f", - "source": "testData/input/multi_line_secret.txt", - "ruleId": "generic-api-key", - "startLine": 2, - "endLine": 2, - "lineContent": "\n\t\t`\"client_secret\" : \"6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde\",`\r", - "startColumn": 6, - "endColumn": 88, - "value": "6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde", - "ruleDescription": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", - "cvssScore": 8.2 - } - ] - } - } \ No newline at end of file + "totalItemsScanned": 1, + "totalSecretsFound": 3, + "results": { + "047d26912b890e89c7f01b7ec9e926390224e4f0": [ + { + "id": "047d26912b890e89c7f01b7ec9e926390224e4f0", + "source": "testData/input/multi_line_secret.txt", + "ruleId": "private-key", + "startLine": 3, + "endLine": 4, + "lineContent": " -----BEGIN RSA PRIVATE KEY----- MIIBOgIBAAJBAKj34GkxFhD90vcNLYLInFEX6Ppy1tPf9Cnzj4p4WGeKLs1Pt8Qu KUpRKfFLfRYC9AIKjbJTWit+Cq\n vjWYzvQwECAwEAAQJAIJLixBy2qpFoS4DSmoEm o3qGy0t6z09AIJtH+5OeRV1be+N4cDYJKffGzDa88vQENZiRm0GRq6a+HPGQMd2k TQIhAKMSvzIBnni7ot/OSie2TmJLY4SwTQAevXysE2RbFDYdAiEBCUEaRQnMnbp79mxDXDf6AU0cN/RPBjb9qSHDcWZHGzUCIG2Es59z8ugGrDY+pxLQnwfotadxd+Uy v/Ow5T0q5gIJAiEAyS4RaI9YG8EWx/2w0T67ZUVAw8eOMB6BIUg0Xcu+3okCIBOs /5OiPgoTdSy7bcF9IGpSE8ZgGKzgYQVZeN97YE00 -----END RSA PRIVATE KEY-----", + "startColumn": 9, + "endColumn": 376, + "value": "-----BEGIN RSA PRIVATE KEY----- MIIBOgIBAAJBAKj34GkxFhD90vcNLYLInFEX6Ppy1tPf9Cnzj4p4WGeKLs1Pt8Qu KUpRKfFLfRYC9AIKjbJTWit+Cq\r\n vjWYzvQwECAwEAAQJAIJLixBy2qpFoS4DSmoEm o3qGy0t6z09AIJtH+5OeRV1be+N4cDYJKffGzDa88vQENZiRm0GRq6a+HPGQMd2k TQIhAKMSvzIBnni7ot/OSie2TmJLY4SwTQAevXysE2RbFDYdAiEBCUEaRQnMnbp79mxDXDf6AU0cN/RPBjb9qSHDcWZHGzUCIG2Es59z8ugGrDY+pxLQnwfotadxd+Uy v/Ow5T0q5gIJAiEAyS4RaI9YG8EWx/2w0T67ZUVAw8eOMB6BIUg0Xcu+3okCIBOs /5OiPgoTdSy7bcF9IGpSE8ZgGKzgYQVZeN97YE00 -----END RSA PRIVATE KEY-----", + "ruleDescription": "Identified a Private Key, which may compromise cryptographic security and sensitive data encryption.", + "cvssScore": 8.2 + } + ], + "58e5a02e5571db6dc1f9c0fdba8d86e254225bf1": [ + { + "id": "58e5a02e5571db6dc1f9c0fdba8d86e254225bf1", + "source": "testData/input/multi_line_secret.txt", + "ruleId": "generic-api-key", + "startLine": 1, + "endLine": 1, + "lineContent": "`\"client_id\" : \"0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506\"`,", + "startColumn": 3, + "endColumn": 81, + "value": "0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506", + "ruleDescription": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", + "cvssScore": 8.2 + } + ], + "ed47a9a9052d119d91763ce84d689370fdbccf1f": [ + { + "id": "ed47a9a9052d119d91763ce84d689370fdbccf1f", + "source": "testData/input/multi_line_secret.txt", + "ruleId": "generic-api-key", + "startLine": 2, + "endLine": 2, + "lineContent": "\t\t`\"client_secret\" : \"6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde\",`", + "startColumn": 5, + "endColumn": 87, + "value": "6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde", + "ruleDescription": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", + "cvssScore": 8.2 + } + ] + } +} \ No newline at end of file diff --git a/tests/testData/expectedReport/secret_at_end_report.json b/tests/testData/expectedReport/secret_at_end_report.json index 083229a1..76431295 100644 --- a/tests/testData/expectedReport/secret_at_end_report.json +++ b/tests/testData/expectedReport/secret_at_end_report.json @@ -9,9 +9,9 @@ "ruleId": "generic-api-key", "startLine": 2, "endLine": 2, - "lineContent": "\n\t\t`\"client_secret\" : \"6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde\",`", - "startColumn": 6, - "endColumn": 88, + "lineContent": "\t\t`\"client_secret\" : \"6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde\",`", + "startColumn": 5, + "endColumn": 87, "value": "6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde", "ruleDescription": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", "cvssScore": 8.2 @@ -24,7 +24,7 @@ "ruleId": "generic-api-key", "startLine": 1, "endLine": 1, - "lineContent": "`\"client_id\" : \"0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506\"`,\r", + "lineContent": "`\"client_id\" : \"0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506\"`,", "startColumn": 3, "endColumn": 81, "value": "0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506", diff --git a/tests/testData/expectedReport/secret_at_end_with_newline_report.json b/tests/testData/expectedReport/secret_at_end_with_newline_report.json index 9f9a870d..2b634e9a 100644 --- a/tests/testData/expectedReport/secret_at_end_with_newline_report.json +++ b/tests/testData/expectedReport/secret_at_end_with_newline_report.json @@ -1,36 +1,36 @@ { - "totalItemsScanned": 1, - "totalSecretsFound": 2, - "results": { - "6af9b6df67e2971f45e6e27d4e068c2a515d2961": [ - { - "id": "6af9b6df67e2971f45e6e27d4e068c2a515d2961", - "source": "testData/input/secret_at_end_with_newline.txt", - "ruleId": "generic-api-key", - "startLine": 2, - "endLine": 2, - "lineContent": "\n\t\t`\"client_secret\" : \"6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde\",`\r", - "startColumn": 6, - "endColumn": 88, - "value": "6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde", - "ruleDescription": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", - "cvssScore": 8.2 - } - ], - "f4b4bf79a4000811227225e3c556ea3862cfcb1a": [ - { - "id": "f4b4bf79a4000811227225e3c556ea3862cfcb1a", - "source": "testData/input/secret_at_end_with_newline.txt", - "ruleId": "generic-api-key", - "startLine": 1, - "endLine": 1, - "lineContent": "`\"client_id\" : \"0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506\"`,\r", - "startColumn": 3, - "endColumn": 81, - "value": "0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506", - "ruleDescription": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", - "cvssScore": 8.2 - } - ] - } - } \ No newline at end of file + "totalItemsScanned": 1, + "totalSecretsFound": 2, + "results": { + "6af9b6df67e2971f45e6e27d4e068c2a515d2961": [ + { + "id": "6af9b6df67e2971f45e6e27d4e068c2a515d2961", + "source": "testData/input/secret_at_end_with_newline.txt", + "ruleId": "generic-api-key", + "startLine": 2, + "endLine": 2, + "lineContent": "\t\t`\"client_secret\" : \"6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde\",`", + "startColumn": 5, + "endColumn": 87, + "value": "6da89121079f83b2eb6acccf8219ea982c3d79bccc3e9c6a85856480661f8fde", + "ruleDescription": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", + "cvssScore": 8.2 + } + ], + "f4b4bf79a4000811227225e3c556ea3862cfcb1a": [ + { + "id": "f4b4bf79a4000811227225e3c556ea3862cfcb1a", + "source": "testData/input/secret_at_end_with_newline.txt", + "ruleId": "generic-api-key", + "startLine": 1, + "endLine": 1, + "lineContent": "`\"client_id\" : \"0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506\"`,", + "startColumn": 3, + "endColumn": 81, + "value": "0afae57f3ccfd9d7f5767067bc48b30f719e271ba470488056e37ab35d4b6506", + "ruleDescription": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", + "cvssScore": 8.2 + } + ] + } +} \ No newline at end of file