From b69536e0fe232aadb622c0e60a949581af1651fe Mon Sep 17 00:00:00 2001 From: Matty Jones Date: Sun, 16 Aug 2020 23:03:31 -0400 Subject: [PATCH 1/9] fix default sig paths --- cmd/scanGithub.go | 2 +- cmd/scanGitlab.go | 2 +- cmd/scanLocalGitRepo.go | 2 +- cmd/scanLocalPath.go | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cmd/scanGithub.go b/cmd/scanGithub.go index 8c20c5d..e11d228 100644 --- a/cmd/scanGithub.go +++ b/cmd/scanGithub.go @@ -64,7 +64,7 @@ func init() { scanGithubCmd.Flags().String("github-targets", "", "A space separated list of github.com users or orgs to scan") scanGithubCmd.Flags().String("ignore-extension", "", "a comma separated list of extensions to ignore") scanGithubCmd.Flags().String("ignore-path", "", "a comma separated list of paths to ignore") - scanGithubCmd.Flags().String("signature-file", "$HOME/.wraith/signatures/default_signatures.yml", "file(s) containing detection signatures.") + scanGithubCmd.Flags().String("signature-file", "$HOME/.wraith/signatures/default.yml", "file(s) containing detection signatures.") err := viperScanGithub.BindPFlag("bind-address", scanGithubCmd.Flags().Lookup("bind-address")) //ORANGE err = viperScanGithub.BindPFlag("bind-port", scanGithubCmd.Flags().Lookup("bind-port")) //ORANGE diff --git a/cmd/scanGitlab.go b/cmd/scanGitlab.go index 32f0b7a..675f68b 100644 --- a/cmd/scanGitlab.go +++ b/cmd/scanGitlab.go @@ -65,7 +65,7 @@ func init() { scanGitlabCmd.Flags().String("gitlab-targets", "", "A space separated list of Gitlab users, projects or groups to scan") scanGitlabCmd.Flags().String("ignore-extension", "", "a comma separated list of extensions to ignore") scanGitlabCmd.Flags().String("ignore-path", "", "a comma separated list of paths to ignore") - scanGitlabCmd.Flags().String("signature-file", "$HOME/.wraith/signatures/default_signatures.yml", "file(s) containing detection signatures.") + scanGitlabCmd.Flags().String("signature-file", "$HOME/.wraith/signatures/default.yml", "file(s) containing detection signatures.") err := viperScanGitlab.BindPFlag("bind-address", scanGitlabCmd.Flags().Lookup("bind-address")) //ORANGE err = viperScanGitlab.BindPFlag("bind-port", scanGitlabCmd.Flags().Lookup("bind-port")) //ORANGE diff --git a/cmd/scanLocalGitRepo.go b/cmd/scanLocalGitRepo.go index 31acc65..e6a7cfb 100644 --- a/cmd/scanLocalGitRepo.go +++ b/cmd/scanLocalGitRepo.go @@ -63,7 +63,7 @@ func init() { scanLocalGitRepoCmd.Flags().String("ignore-extension", "", "a comma separated list of extensions to ignore") scanLocalGitRepoCmd.Flags().String("ignore-path", "", "a comma separated list of paths to ignore") scanLocalGitRepoCmd.Flags().String("local-dirs", "", "local disk parent dir containing git repos") - scanLocalGitRepoCmd.Flags().String("signature-file", "$HOME/.wraith/signatures/default_signatures.yml", "file(s) containing detection signatures.") + scanLocalGitRepoCmd.Flags().String("signature-file", "$HOME/.wraith/signatures/default.yml", "file(s) containing detection signatures.") err := viperScanLocalGitRepo.BindPFlag("bind-address", scanLocalGitRepoCmd.Flags().Lookup("bind-address")) //ORANGE err = viperScanLocalGitRepo.BindPFlag("bind-port", scanLocalGitRepoCmd.Flags().Lookup("bind-port")) //ORANGE diff --git a/cmd/scanLocalPath.go b/cmd/scanLocalPath.go index 106c0ac..041da8e 100644 --- a/cmd/scanLocalPath.go +++ b/cmd/scanLocalPath.go @@ -80,7 +80,7 @@ func init() { scanLocalPathCmd.Flags().Int("match-level", 3, "The match level of the expressions used to find matches") scanLocalPathCmd.Flags().String("ignore-extension", "", "a list of extensions to ignore during a scan") scanLocalPathCmd.Flags().String("ignore-path", "", "a list of paths to ignore during a scan") - scanLocalPathCmd.Flags().String("rules-file", "$HOME/grover/rules/default.yml", "file(s) containing secrets detection rules.") + scanLocalPathCmd.Flags().String("signature-file", "$HOME/.wraith/signatures/default.yml", "file(s) containing secrets detection rules.") scanLocalPathCmd.Flags().String("scan-dir", "", "scan a directory of files not from a git project") scanLocalPathCmd.Flags().String("scan-file", "", "scan a single file") From fe2055fe030a9178a19b50351c1fd2ae5d45427b Mon Sep 17 00:00:00 2001 From: Matty Jones Date: Mon, 17 Aug 2020 01:47:55 -0400 Subject: [PATCH 2/9] fix formating with the output --- core/analysis.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/analysis.go b/core/analysis.go index 4b4f88e..71fa30d 100644 --- a/core/analysis.go +++ b/core/analysis.go @@ -38,7 +38,7 @@ func PrintSessionStats(sess *Session) { sess.Out.Important("\n") sess.Out.Important("-------General-------\n") sess.Out.Info("Wraith Version......: %s\n", sess.Version) - sess.Out.Info("Signatures Version.......: %s\n", sess.SignatureVersion) + sess.Out.Info("Signatures Version..: %s\n", sess.SignatureVersion) sess.Out.Info("Elapsed Time........: %s\n\n", time.Since(sess.Stats.StartedAt)) } From a94205c731eef18231825e13d92850050e7103ad Mon Sep 17 00:00:00 2001 From: Matty Jones Date: Mon, 17 Aug 2020 01:54:28 -0400 Subject: [PATCH 3/9] rewrite readme --- README.md | 236 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 138 insertions(+), 98 deletions(-) diff --git a/README.md b/README.md index fc945b6..889869a 100644 --- a/README.md +++ b/README.md @@ -1,125 +1,165 @@ +

+
+ wraith +
+ Wraith +
+

+ +

Finding digital secrets that were never meant to be found in all corners of the net.

+

- wraith -

+ GitHub go.mod Go version (branch) + GitHub go.mod Go version (branch) + GitHub release (latest SemVer) + GitHub commits since latest release (by SemVer) +
+ GitHub issues by-label + GitHub issues by-label + Travis (.org) branch + Travis (.org) branch +
+ Code Climate maintainability + Code Climate technical debt + Code Climate issues +
+ GitHub + GitHub All Releases -# Wraith: Putting the Open Source in OSINT -![GitHub go.mod Go version](https://img.shields.io/github/go-mod/go-version/mattyjones/wraith)![GitHub release (latest by date)](https://img.shields.io/github/v/release/mattyjones/wraith)![GitHub](https://img.shields.io/github/license/mattyjones/wraith) +

-![Code Climate maintainability](https://img.shields.io/codeclimate/maintainability/mattyjones/gitrob)![Code Climate technical debt](https://img.shields.io/codeclimate/tech-debt/mattyjones/gitrob)![Code Climate issues](https://img.shields.io/codeclimate/issues/mattyjones/gitrob) +

+ Capabilities • + Screenshots • + Quickstart • + Documentation • + Contributing • + Credits • + FAQ • + Related +

-[![Build Status](https://travis-ci.org/mattyjones/wraith.svg?branch=master)](https://travis-ci.org/mattyjones/wraith) +Wraith uncovers forgotten secrets and brings them back to life, haunting security and operations teams. It can be used to scan hosted and local git repos as well as local filesystems. +## :ghost: Capabilities -Wraith is a tool to help find potentially sensitive information pushed to repositories on GitLab or Github. Wraith will clone repositories belonging to a user or group/organization down to a configurable depth and iterate through the commit history and flag files and/or commit content that match signatures for potentially sensitive information. The findings will be presented through a web interface for easy browsing and analysis. +### Targets +- Gitlab.com repositories and projects +- Github.com repositories and organizations +- Local git repositories +- Local filesystem -## Features +### Major Features -- Scan the following sources: - - Gitlab repositories - - Github.com repositories - - Local git repos - Exclude files, paths, and extensions -- Web interface for real-time results +- Web and terminal interfaces for real-time results - Configurable commit depth -- Use environment variables, a config file, or flags -- Uses sub-commands for easier, more modular, functionality -- Clone a repo to memory instead of disk - -This currently in beta, check the [roadmap][1] for planned functionality - -## Usage - -For a full list of use cases and configuration options use the included help functionality. - -`wraith --help` - - -## Configuration - -**IMPORTANT** If you are targeting a GitLab group, please give the **group ID** as the target argument. You can find the group ID just below the group name in the GitLab UI. Otherwise, names with suffice for the target arguments. This id can be found on the group homepage. - -There are multiple was to configure the tool for a scan. The easiest way is via commandline flags. To get a full list of available flags and their purpose use `wraith --help`. This will pring out a list of flags and how they interact with the base scan. You can also set all flags as environment variables or use a static config file in YAML format. This config file can be used to store targets for multiple scan targets. - -The order of precendence with each item taking precedence over the item below it is: +- Built with [Viper][1] to manage environment variables, config files, or flags +- Uses [Cobra][2] sub-commands for easier, more modular, functionality +- Ability to clone a repo to memory instead of disk + +## :framed_picture: Screenshots +

+ Screen Shot 2020-08-16 at 11 23 25 PM + Screen Shot 2020-08-16 at 11 23 43 PM +

+
-- explicit call to Set -- commandline flag -- environment variable -- configuration file -- key/value store -- default value +## :vertical_traffic_light: Quickstart -The various values are configured independently of each other so if you set all values in a config file, you can then override just the ones you want on the commandline. A sample config file looks like: +1. Download the latest [release][3] and either build it yourself with `make build` or you can use a prebuilt binary, currently they only exist for OSX. This project uses a branching git flow. Details are in the developer doc, surfice it to say **Master** is stable **develop** shoud be considered beta. +2. Download or clone the latest set of [signatures][4] and either copy *signatures/default.yml* to *~/.wraith/signatures/* or adjust the location in the configuration file below. +3. Copy the below configuration to *~/.wraith/config.yml*. This will allow you to get up and running for basic scans without having to figure out the flags. Any of these values can be overwritten on the commnd line as well. You will need to generate your own api tokens for github and gitlab if you are scanning against them. +4. Once you have this done, just run a scan command. +- `wraith scanGithub` +- `wraith scanGitlab` +- `wraith scanLocalGitRepo` +- `wraith scanLocalPath` ```yaml --- commit-depth: 0 -gitlab-targets: - - codeemitter - - mattyjones1 - - 8692959 -silent: false -debug: true -gitlab-api-token: -github-api-token: +debug: false +github-api-token: > github-targets: - - mattyjones - - phantomSecrets -ignore-path: - - cmd/ - - docs/ + - mattyjones + - N0MoreSecr3ts +gitlab-api-token: > +gitlab-targets: + - 5034914 + - mattyjones ignore-extension: - - .go - - .log -in-mem-clone: true + - .html + - .css + - .log +ignore-path: + - static/ + - docs/ +in-mem-clone: false +local-dirs: + - ../wraith-test +match-level: 3 +num-threads: 0 repo-dirs: - - ../../../mattyjones/telegraf + - relative/path/to/repo + - absolute/path/to/repo +signature-file: ../wraith-signatures/signatures/default.yml +silent: false ``` -## Examples - -Scan a GitLab group assuming your access token has been added to the environment variable or a config file. Look for file signature matches only: - - wraith scanGitlab - -Scan a multiple GitLab groups assuming your access token has been added to the environment variable or a config file. Clone repositories into memory for faster analysis. Set the scan mode to 2 to scan each file match for a content match before creating a result.: - - wraith scanGitlab -in-mem-clone -mode 2 " " - -Scan a GitLab groups assuming your access token has been added to the environment variable or a config file. Clone repositories into memory for faster analysis. Set the scan mode to 3 to scan each commit for content matches only.: - - wraith scanGitlab -in-mem-clone -mode 3 "" - -Scan a Github user setting your Github access token as a parameter. Clone repositories into memory for faster analysis. - - wraith scangithub -github-access-token -in-mem-clone "" +## :orange_book: Documentation -### Editing File and Content Regular Expressions - -Regular expressions are included in the [filesignatures.json](./rules/filesignatures.json) and [contentsignatures.json](./rules/contentsignatures.json) files respectively. Edit these files to adjust your scope and fine-tune your results. - -wraith will start its web interface and serve the results for analysis. - -## Installation - -At this stage the only option is to build from source from this repository. +### Build from source +At this stage the best option is to build from source from this repository. To install from source, make sure you have a correctly configured **Go >= 1.14** environment and that `$GOPATH/bin` is in your `$PATH`. - - $ git clone git@gitlab.com:mattyjones1/wraith.git - $ cd ~/go/src/wraith +```shell + $ cd $GOPATH/src + $ git clone git@github.com:N0MoreSecr3ts/wraith.git + $ cd wraith $ make build $ ./bin/wraith- - -In the future there will be binary releases of the code - -## Access Tokens - -wraith will need either a GitLab or Github access token in order to interact with the appropriate API. You can create a [GitLab personal access token](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html), or [a Github personal access token](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/) and save it in an environment variable in your `.bashrc` or similar shell configuration file: - - export wraith_GITLAB_ACCESS_TOKEN=deadbeefdeadbeefdeadbeefdeadbeefdeadbeef - export wraith_GITHUB_ACCESS_TOKEN=deadbeefdeadbeefdeadbeefdeadbeefdeadbeef - -Alternatively you can specify the access token with the `-gitlab-access-token` or `-github-access-token` option on the command line, but watch out for your command history! A configuration file can also be used, an example is provided above. +``` -[1]: docs/development/roadmap.md +### Signatures +Signatures are the current method used to detect secrets within the a target source. They are broken out into the [wraith-signatures][4] repo for extensability purposes. This allows them to be independently versioned and developed without having to recompile the code. To makes changes just edit an existing signature or create a new one. Check the [README][5] in that repo for additional details. + +### Authencation +Wraith will need either a GitLab or Github access token in order to interact with their appropriate API's. You can create a [GitLab personal access token][6], or [a Github personal access token][7] and save it in an environment variable in your **bashrc**, add it to a wraith config file, or pass it in on the command line. This should not be done though for security reasons. Of course if you want to eat your own dog food, go ahead and do it that way, then point wraith at your command history file. :smiling_imp: + +### Additional Documentation +Additional documentation is forthcoming + +## :wrench: Contributing +This is coming, at this point: +- use `go fmt ./...` and `go vet ./...` before openning a PR +- follow all golang conventions and best practices +- if you wrote it, you need to document it +- if it is more than a simple bug fix or typo, an issue should be openned up first to discuss it. A good measure is if it is more than 5m worth of work, it needs to have an associated issue. + +There is a [roadmap][13] as well, but at this point it's little more than a glorified TODO list and personal braindump. I am using that instead of issues, due to my velocity and general general laziness towards process at this point. When the project becomes stable, most likely after Milestone 1, the roadmap will probably fall away and be captured in Issues. + +## :movie_camera: Credits +- [@michenriksen][8] for writing [gitrob][9] which serves as the foundation for wraith +- [@codeemitter][11] for contributing several major features including in memory clones and gitlab support. His version is the immediate parent to wraith. +- [@mattyjones][10] (Maintainer) + +## :card_index: Related +There are several other projects that wraith owes some lineage to including: +- [Trufflehog][12] +- all the many recon and OSINT tools already existing + + +[1]: https://github.com/spf13/viper +[2]: https://github.com/spf13/cobra +[3]: https://github.com/N0MoreSecr3ts/wraith/releases +[4]: https://github.com/N0MoreSecr3ts/wraith-signatures +[5]: https://github.com/N0MoreSecr3ts/wraith-signatures/blob/master/README.md +[6]: https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html +[7]: https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/ +[8]: https://github.com/michenriksen +[9]: https://github.com/michenriksen/gitrob +[10]: https://github.com/mattyjones +[11]: https://github.com/codeEmitter/ +[12]: https://github.com/dxa4481/truffleHog +[13]: https://github.com/N0MoreSecr3ts/wraith/blob/develop/docs/development/roadmap.md From 7858a96121f53d64212e633b29205f0eeb8469f8 Mon Sep 17 00:00:00 2001 From: Matty Jones Date: Mon, 17 Aug 2020 01:55:01 -0400 Subject: [PATCH 4/9] fix bug with signature flag The valuses were inconsistent. --- core/session.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/core/session.go b/core/session.go index 02b38c2..feb0cf5 100644 --- a/core/session.go +++ b/core/session.go @@ -56,8 +56,8 @@ var DefaultValues = map[string]interface{}{ "csv": false, "json": false, "match-level": 3, - "signature-file": "default.yml", - "signature-path": "$HOME/.wraith/signatures", + "signature-file": "$HOME/.wraith/signatures/default.yml", + "signature-path": "$HOME/.wraith/signatures/", "signature-url": "", "scan-dir": "", "scan-file": "", @@ -167,7 +167,7 @@ func (s *Session) Initialize(v *viper.Viper, scanType string) { // add any additional paths the user requested to exclude to the pre-defined slice userIgnorePath := v.GetString("ignore-path") if userIgnorePath != "" { - p := strings.Split(v.GetString("ignore-path"), ",") + p := strings.Split(v.GetString("ignore-path"), ",") // TODO make slice for _, e := range p { e = strings.TrimSpace(e) @@ -183,7 +183,7 @@ func (s *Session) Initialize(v *viper.Viper, scanType string) { // add any additional extensions the user requested to ignore userIgnoreExtensions := v.GetString("ignore-extension") if userIgnoreExtensions != "" { - e := strings.Split(userIgnoreExtensions, ",") + e := strings.Split(userIgnoreExtensions, ",") // TODO make slice for _, f := range e { f = strings.TrimSpace(f) @@ -202,7 +202,7 @@ func (s *Session) Initialize(v *viper.Viper, scanType string) { var curSig []Signature var combinedSig []Signature - SignaturesFile := v.GetString("signatures-file") + SignaturesFile := v.GetString("signature-file") if SignaturesFile != "" { Signatures := strings.Split(SignaturesFile, ",") // TODO make slice From 049c6cb259f57a63ad17ce31244801de699d96da Mon Sep 17 00:00:00 2001 From: Matty Jones Date: Mon, 17 Aug 2020 01:57:27 -0400 Subject: [PATCH 5/9] gernal update of docs No new content just cleanup of notes and extra files --- docs/{user => development}/CONTRIBUTING.md | 0 docs/development/roadmap.md | 26 ++++++++++------------ docs/images/.gitkeep | 0 docs/user/.gitkeep | 0 docs/user/BlogPost.md | 1 + docs/user/notes.md | 11 +++++++++ 6 files changed, 24 insertions(+), 14 deletions(-) rename docs/{user => development}/CONTRIBUTING.md (100%) delete mode 100644 docs/images/.gitkeep delete mode 100644 docs/user/.gitkeep create mode 100644 docs/user/BlogPost.md create mode 100644 docs/user/notes.md diff --git a/docs/user/CONTRIBUTING.md b/docs/development/CONTRIBUTING.md similarity index 100% rename from docs/user/CONTRIBUTING.md rename to docs/development/CONTRIBUTING.md diff --git a/docs/development/roadmap.md b/docs/development/roadmap.md index 6699bd8..f1704f1 100644 --- a/docs/development/roadmap.md +++ b/docs/development/roadmap.md @@ -53,9 +53,10 @@ ## Milestone 1 ### Bugs -- [ ] in-mem-clone is not working properly -- [ ] there are no findings in a gitlab search -- [ ] there are multiple generateID functions +- [X] ~~temp directories are not getting deleted~~ +- [X] ~~in-mem-clone is not working properly~~ +- [X] ~~there are no findings in a gitlab search~~ +- [X] ~~there are multiple generateID functions~~ - [X] ~~Web Frontend For Output~~ - [X] ~~Specific YAML Configuration File~~ - [X] ~~Signatures in a seperate repo (signature uplift)~~ @@ -84,7 +85,7 @@ - [ ] Document all code completely - [ ] Create a developer doc with the design and code execution flow - [ ] Contributing.md -- [ ] Write a new README +- [X] ~~Write a new README~~ - [ ] Go doc strings - [ ] common - [ ] config @@ -94,8 +95,8 @@ ### Testing - [ ] Copy existing tests to the new codebase - [ ] Confirm hide secrets -- [ ] Mark all tech debt -- [ ] Update Code Climate for Wraith +- [X] ~~Update Code Climate for Wraith~~ +- [ ] Update CodeCov for Wraith - [ ] Golint needs to pass ### Features @@ -104,18 +105,18 @@ - [ ] Exclude Forks - [ ] Entrophy Checks - [ ] If we find a .git directory in a localPath scan just ignore it and process the dir as localPath -- [ ] Change empty string defaults to nil +- [X] ~~Change empty string defaults to nil~~ - [ ] Add content to summary - [ ] Cleanup issues in summary output - [ ] Remove all print debugging statements - [ ] Remove all dead code - [ ] Add more debuging info -- [ ] Implement flag for setting the thread count manually +- [X] ~~Implement flag for setting the thread count manually~~ - [ ] Look at the clone configs -- [ ] Make a single function to create a temp dir +- [X] ~~Make a single function to create a temp dir~~ - [ ] Need to list the flag defaults on the help screen - [ ] If no arg's are given for a command, then list the help screen -- [ ] Make sure we clean up the temp directories +- [X] ~~Make sure we clean up the temp directories~~ - [ ] Alpha sort structs, functions, flags - [X] ~~Exclude files based on extension~~ - [X] ~~Exclude Test Files~~ @@ -144,6 +145,7 @@ - [ ] Scan specific branches - [ ] Scan since a given commit - [ ] Update Signatures command +- [ ] Implement threading for local path scans ### Testing - [ ] Make tech debt fail build process @@ -222,7 +224,3 @@ [1]: https://github.com/eth0izzle/shhgit/blob/master/core/github.go#L91 [2]: https://pkg.go.dev/github.com/go-git/go-git/v5?tab=doc#example-Clone - - - -Donk3y?OrMu1EISM3aner? diff --git a/docs/images/.gitkeep b/docs/images/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/docs/user/.gitkeep b/docs/user/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/docs/user/BlogPost.md b/docs/user/BlogPost.md new file mode 100644 index 0000000..257cc56 --- /dev/null +++ b/docs/user/BlogPost.md @@ -0,0 +1 @@ +foo diff --git a/docs/user/notes.md b/docs/user/notes.md new file mode 100644 index 0000000..cda7785 --- /dev/null +++ b/docs/user/notes.md @@ -0,0 +1,11 @@ +https://michenriksen.com/blog/gitrob-now-in-go/ +https://michenriksen.com/blog/gitrob-putting-the-open-source-in-osint/ + + +- when a file cannot be found/read we print the error and add it to the ignore list. We should find a way to print out the ignore list. The error printing out is good for now though. + +- in memory cloning should be turned on with care. If the repo or the targets are big enough memory exhaustion issues may present themselves. + +- if you dont want to scan any commit depth (1) you should use the local file scan + +- a content scan will find all secrets in a file using FindAll. This will lead to duplicate findings such that a given string may be either an artifactory password due to surronding context or simply a generic password. From 7dee431c0e347540e6c877d74ba263ddbe6672a2 Mon Sep 17 00:00:00 2001 From: Matty Jones Date: Mon, 24 Aug 2020 07:18:32 -0400 Subject: [PATCH 6/9] update the roadmap Signed-off-by: Matty Jones --- docs/development/roadmap.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/development/roadmap.md b/docs/development/roadmap.md index f1704f1..eb06fc6 100644 --- a/docs/development/roadmap.md +++ b/docs/development/roadmap.md @@ -53,6 +53,10 @@ ## Milestone 1 ### Bugs +- [ ] Gitlab client does not follow redirects +- [ ] Need to confirm if github client follows redirects +- [ ] In gitlab you can have a project w/ no repo, this will error out +- [ ] In github you can have a project w/ no repo, does this error out - [X] ~~temp directories are not getting deleted~~ - [X] ~~in-mem-clone is not working properly~~ - [X] ~~there are no findings in a gitlab search~~ @@ -76,7 +80,6 @@ - [X] ~~no error when rules file is not found~~ - [X] ~~there are no findings in a local git search~~ - ### Documentation - [ ] Document how to add a new command or source - [ ] Document the tech debt using colors and a shell script @@ -86,6 +89,7 @@ - [ ] Create a developer doc with the design and code execution flow - [ ] Contributing.md - [X] ~~Write a new README~~ +- [ ] Label issues for begineer and hacktoberfest - [ ] Go doc strings - [ ] common - [ ] config From 5665f50681562d4b69b7e19fcbe3632864db1884 Mon Sep 17 00:00:00 2001 From: Matty Jones Date: Mon, 24 Aug 2020 07:19:04 -0400 Subject: [PATCH 7/9] update doc strings Signed-off-by: Matty Jones --- core/interfaces.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/interfaces.go b/core/interfaces.go index f24b735..c10aa43 100644 --- a/core/interfaces.go +++ b/core/interfaces.go @@ -1,4 +1,4 @@ -// Package common contains functionality not critical to the core project but still essential. +// Package core contains base functionality to the project. package core // TODO refactor out the common package From 0acb10900e91b055e27d549554faea6f822eabd6 Mon Sep 17 00:00:00 2001 From: Matty Jones Date: Mon, 24 Aug 2020 07:20:37 -0400 Subject: [PATCH 8/9] update ignore file Signed-off-by: Matty Jones --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index bc70933..a985243 100644 --- a/.gitignore +++ b/.gitignore @@ -18,6 +18,9 @@ bin/ __debug_bin go_build_wraith_ wraith-script.sh +announcement_issue.md +BlogPost.md +notes.md # Test binary, build with `go test -c` *.test From 4d2e7d4473d033f1bec7983fa3bcacd4bcc23bd5 Mon Sep 17 00:00:00 2001 From: Matty Jones Date: Mon, 24 Aug 2020 07:33:53 -0400 Subject: [PATCH 9/9] Updated links on the readme Signed-off-by: Matty Jones --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 889869a..384ac7d 100644 --- a/README.md +++ b/README.md @@ -9,15 +9,15 @@

Finding digital secrets that were never meant to be found in all corners of the net.

- GitHub go.mod Go version (branch) + GitHub go.mod Go version (branch) GitHub go.mod Go version (branch) GitHub release (latest SemVer) - GitHub commits since latest release (by SemVer) + GitHub commits since latest release (by SemVer)
GitHub issues by-label GitHub issues by-label - Travis (.org) branch - Travis (.org) branch + Travis (.org) branch + Travis (.org) branch
Code Climate maintainability Code Climate technical debt