@@ -416,61 +416,28 @@ Final Mapping:
416416< 40: Low (filtered out)
417417```
418418
419- ### Why This Is Better Than Gitleaks
420-
421- | Feature | GoSecretScanv2 | GoSecretScanv2 (LLM) | Gitleaks | TruffleHog |
422- |---------|----------------|----------------------|----------|------------|
423- | **LLM Verification** | ❌ | ✅ Granite 4.0 Micro | ❌ | ❌ |
424- | **Entropy Analysis** | ✅ Shannon entropy | ✅ Shannon entropy | ⚠️ Limited | ✅ Yes |
425- | **Context Awareness** | ✅ Test/comment detection | ✅ Advanced code parsing | ❌ None | ⚠️ Basic |
426- | **Confidence Scoring** | ✅ 4-level system | ✅ LLM-enhanced | ❌ Binary | ⚠️ Limited |
427- | **Smart Filtering** | ✅ Auto-filters | ✅ AI-powered | ⚠️ Manual allowlist | ⚠️ Manual |
428- | **Semantic Search** | ❌ | ✅ Vector embeddings | ❌ | ❌ |
429- | **Historical Learning** | ❌ | ✅ Vector database | ❌ | ❌ |
430- | **Pattern Detection** | ✅ Self-aware | ✅ Self-aware | ❌ | ❌ |
431- | **Output Grouping** | ✅ By severity | ✅ By severity | ⚠️ Flat list | ⚠️ Flat list |
432- | **Performance** | ✅ Pre-compiled | ✅ Optimized | ✅ Good | ✅ Good |
433- | **Dependencies** | ✅ Zero (stdlib only) | ✅ Minimal (SQLite) | ⚠️ Requires Git | ⚠️ Multiple |
434- | **False Positive Rate** | ~2-5% | **<1%** | ~10-20% | ~5-15% |
435-
436- ## Performance Considerations
437-
438- - **Pre-compiled Patterns**: Regex patterns are compiled once at startup, not on every match
439- - **Concurrent Processing**: Multiple files are scanned simultaneously using goroutines
440- - **Smart Ignoring**: Automatically skips `.git` and `node_modules` directories
441- - **Memory Efficient**: Streams file contents line-by-line rather than loading entire files
442-
443- ## Limitations
444-
445- - Currently scans all file types (including binaries)
446- - No configuration file support yet
447- - No custom pattern support without code modification
448- - No allowlist/whitelist for false positives
419+ ## Performance Characteristics
449420
450- ## Contributing
451-
452- Contributions are welcome! Please feel free to submit a Pull Request.
421+ - Regex patterns are compiled once during startup.
422+ - Files are scanned concurrently using a bounded worker pool.
423+ - Common directories such as `.git` and `node_modules` are skipped automatically.
424+ - Files are streamed line-by-line to limit memory usage.
453425
454- ## License
426+ ## Current Limitations
455427
456- This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
428+ - Binary files are not automatically filtered.
429+ - Configuration files for custom settings are not yet supported.
430+ - Custom patterns require code changes.
431+ - Allowlists/whitelists must currently be handled outside the tool.
457432
458- ## Acknowledgments
433+ ## Contributing
459434
460- - Inspired by tools like gitleaks, truffleHog, and git-secrets
461- - Built with Go's powerful standard library
435+ Contributions are welcome via pull requests.
462436
463- ## Roadmap
437+ ## License
464438
465- - [ ] Configuration file support (YAML/JSON)
466- - [ ] Custom pattern definitions
467- - [ ] Multiple output formats (JSON, SARIF)
468- - [ ] Allowlist/whitelist support
469- - [ ] Binary file detection and skipping
470- - [ ] Interactive mode for reviewing findings
471- - [ ] Entropy-based detection for unknown secrets
472- - [ ] Docker image for easy deployment
439+ This project is licensed under the MIT License; see [LICENSE](LICENSE) for details.
473440
474441## Support
475442
476- For bugs and feature requests, please open an issue on [GitHub](https://github.com/m1rl0k/GoSecretScanv2/issues).
443+ Please open an issue on [GitHub](https://github.com/m1rl0k/GoSecretScanv2/issues) for bugs or feature requests .
0 commit comments