Skip to content

Commit 503070c

Browse files
babenekbabenek
authored
UUID rule fix various case style (#793)
* README.md issues fix * Fix UUID rule to skip various letter case
1 parent 29840d0 commit 503070c

File tree

8 files changed

+19
-41
lines changed

8 files changed

+19
-41
lines changed

.ci/benchmark.txt

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
1-
META MD5 c52151e10061e62f48fdf63052dbcca0
2-
DATA MD5 631c9b0790579bf83bd64ad17b85c5ef
1+
META MD5 42c5ff4d2b5da69b0673d881c1aca006
2+
DATA MD5 dbb70121fce1fa8a5496ba03528cff95
33
DATA: 16995334 interested lines. MARKUP: 63711 items
44
FileType FileNumber ValidLines Positives Negatives
55
--------------- ------------ ------------ ----------- -----------
@@ -222,11 +222,11 @@ FileType FileNumber ValidLines Positives Negatives
222222
.xib 11 503 164
223223
.xsl 1 311 1
224224
.yaml 169 31946 207 393
225-
.yml 560 56585 1908 1375
225+
.yml 560 56585 1900 1383
226226
.zsh 6 872 11
227227
.zsh-theme 1 97 1
228-
TOTAL: 11361 16995334 17160 53608
229-
credsweeper result_cnt : 16990, lost_cnt : 0, true_cnt : 16790, false_cnt : 200
228+
TOTAL: 11361 16995334 17152 53616
229+
credsweeper result_cnt : 16989, lost_cnt : 0, true_cnt : 16782, false_cnt : 207
230230
Rules Positives Negatives Reported TP FP TN FN FPR FNR ACC PRC RCL F1
231231
------------------------------ ----------- ----------- ---------- ----- ---- ----- ---- -------- -------- -------- -------- -------- --------
232232
API 243 4001 239 238 1 4000 5 0.000250 0.020576 0.998586 0.995816 0.979424 0.987552
@@ -246,7 +246,7 @@ CMD Password 33 137 33 33
246246
CMD Secret 1 17 1 1 0 17 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
247247
CMD Token 6 2 6 6 0 2 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
248248
CURL User Password 7 2 7 7 0 2 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
249-
Credential 98 595 99 98 1 594 0 0.001681 0.000000 0.998557 0.989899 1.000000 0.994924
249+
Credential 96 597 99 96 3 594 0 0.005025 0.000000 0.995671 0.969697 1.000000 0.984615
250250
Docker Swarm Token 2 0 2 2 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000
251251
Dropbox App secret 74 145 65 52 12 133 22 0.082759 0.297297 0.844749 0.812500 0.702703 0.753623
252252
Facebook Access Token 0 1 0 0 1 0 0.000000 1.000000
@@ -275,12 +275,12 @@ Postman Credentials 2 0 2 2
275275
SQL Password 44 14 42 42 0 14 2 0.000000 0.045455 0.965517 1.000000 0.954545 0.976744
276276
Salesforce Credentials 6 0 6 6 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000
277277
Salt 88 132 86 86 0 132 2 0.000000 0.022727 0.990909 1.000000 0.977273 0.988506
278-
Secret 1527 2474 1519 1517 2 2472 10 0.000808 0.006549 0.997001 0.998683 0.993451 0.996060
278+
Secret 1523 2478 1519 1513 6 2472 10 0.002421 0.006566 0.996001 0.996050 0.993434 0.994740
279279
Slack Token 15 1 15 15 0 1 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
280280
Stripe Credentials 2 0 2 2 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000
281281
Tencent WeChat API App ID 47 0 47 47 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000
282282
Token 1141 5267 1067 1062 5 5262 79 0.000949 0.069238 0.986891 0.995314 0.930762 0.961957
283283
Twilio Credentials 30 39 30 30 0 39 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
284284
URL Credentials 225 401 221 221 0 401 4 0.000000 0.017778 0.993610 1.000000 0.982222 0.991031
285-
UUID 2520 3713 2559 2501 58 3655 19 0.015621 0.007540 0.987646 0.977335 0.992460 0.984840
286-
17160 53608 16993 16790 200 53408 370 0.003731 0.021562 0.991946 0.988228 0.978438 0.983309
285+
UUID 2518 3715 2558 2499 59 3656 19 0.015882 0.007546 0.987486 0.976935 0.992454 0.984634
286+
17152 53616 16992 16782 207 53409 370 0.003861 0.021572 0.991847 0.987816 0.978428 0.983099

.github/workflows/benchmark.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ jobs:
3131
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
3232
with:
3333
repository: Samsung/CredData
34-
ref: 3e9df797101e57082740e15d133f4f94aea23a85
34+
ref: ca01a095a31a6a7ff03ac368cb2cf9f767b47df2
3535

3636
- name: Markup hashing
3737
run: |
@@ -87,7 +87,7 @@ jobs:
8787
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
8888
with:
8989
repository: Samsung/CredData
90-
ref: 3e9df797101e57082740e15d133f4f94aea23a85
90+
ref: ca01a095a31a6a7ff03ac368cb2cf9f767b47df2
9191

9292
- name: Markup hashing
9393
run: |
@@ -190,7 +190,7 @@ jobs:
190190
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
191191
with:
192192
repository: Samsung/CredData
193-
ref: 3e9df797101e57082740e15d133f4f94aea23a85
193+
ref: ca01a095a31a6a7ff03ac368cb2cf9f767b47df2
194194

195195
- name: Markup hashing
196196
run: |
@@ -378,7 +378,7 @@ jobs:
378378
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
379379
with:
380380
repository: Samsung/CredData
381-
ref: 3e9df797101e57082740e15d133f4f94aea23a85
381+
ref: ca01a095a31a6a7ff03ac368cb2cf9f767b47df2
382382

383383
- name: Markup hashing
384384
run: |

.github/workflows/check.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -92,7 +92,7 @@ jobs:
9292
run: |
9393
banner="$(python -m credsweeper --banner | head -1)"
9494
echo "banner = '${banner}'"
95-
if [ "CredSweeper 1.13.4 crc32:404811d6" != "${banner}" ]; then
95+
if [ "CredSweeper 1.13.4 crc32:76b8f863" != "${banner}" ]; then
9696
echo "Update the check for '${banner}'"
9797
exit 1
9898
fi

credsweeper/rules/config.yaml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -179,11 +179,10 @@
179179
confidence: strong
180180
type: pattern
181181
values:
182-
- (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Fa-f]{8}(-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12})(?![0-9A-Za-z_+-])
182+
- (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-F]{8}(-[0-9A-F]{4}){3}-[0-9A-F]{12}|[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12})(?![0-9A-Za-z_+-])
183183
min_line_len: 36
184184
required_substrings:
185185
- "-"
186-
required_regex: "[0-9A-Za-z_/+-]{15}"
187186
filter_type:
188187
- ValuePatternCheck(4)
189188
use_ml: false

tests/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
SAMPLES_IN_DOC = 879
1111

1212
# credentials count after scan without filters and ML validations
13-
SAMPLES_REGEX_COUNT = 650
13+
SAMPLES_REGEX_COUNT = 649
1414

1515
# credentials count after scan with filters and without ML validation
1616
SAMPLES_FILTERED_COUNT = 537

tests/data/no_filters_no_ml.json

Lines changed: 0 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -13906,27 +13906,6 @@
1390613906
}
1390713907
]
1390813908
},
13909-
{
13910-
"rule": "UUID",
13911-
"severity": "info",
13912-
"confidence": "strong",
13913-
"ml_probability": null,
13914-
"line_data_list": [
13915-
{
13916-
"line": "12345678-1234-1234-1234-1234567890ab # fp",
13917-
"line_num": 2,
13918-
"path": "./tests/samples/uuid",
13919-
"info": "",
13920-
"variable": null,
13921-
"variable_start": -2,
13922-
"variable_end": -2,
13923-
"value": "12345678-1234-1234-1234-1234567890ab",
13924-
"value_start": 0,
13925-
"value_end": 36,
13926-
"entropy": 3.43552
13927-
}
13928-
]
13929-
},
1393013909
{
1393113910
"rule": "Tencent WeChat API App ID",
1393213911
"severity": "medium",

tests/samples/uuid

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
11
bace4d19-fa7e-beef-cafe-9129474bcd81 # tp
2-
12345678-1234-1234-1234-1234567890ab # fp
2+
bace4d19-DEAD-beef-cafe-9129474bcd81 # fp

tests/test_app.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -492,7 +492,7 @@ def test_depth_p(self) -> None:
492492
cvs_checksum = hashlib.md5(f.read()).digest()
493493
checksum = bytes(a ^ b for a, b in zip(checksum, cvs_checksum))
494494
# update the checksum manually and keep line endings in the samples as is (git config core.autocrlf false)
495-
self.assertEqual("a07f7e91982bdc368967119b2d3112af", binascii.hexlify(checksum).decode())
495+
self.assertEqual("d8c4aa7bcc94c02caf0410c6170db3e9", binascii.hexlify(checksum).decode())
496496
normal_report = []
497497
sorted_report = []
498498
with tempfile.TemporaryDirectory() as tmp_dir:
@@ -603,7 +603,7 @@ def test_rules_ml_p(self) -> None:
603603
rules_text = yaml.dump_all(rules, sort_keys=True)
604604
checksum = hashlib.md5(rules_text.encode()).hexdigest()
605605
# update the expected value manually if some changes
606-
self.assertEqual("b6cd20d642fffbdbee0a5255d3484146", checksum)
606+
self.assertEqual("1d5e4ae0b03ca0232c2f1b4f54c6ccec", checksum)
607607
rules_set = set([i["name"] for i in rules if "code" in i["target"]])
608608
self.assertSetEqual(rules_set, report_set)
609609
self.assertEqual(SAMPLES_POST_CRED_COUNT, len(report))

0 commit comments

Comments
 (0)