From ea89c00141c02d133119b5952541a8ba3f728a3a Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Tue, 14 Jan 2025 16:42:41 +0100 Subject: [PATCH 1/9] :tada: advance NoseyParker to support version 0.22.0 --- unittests/tools/test_noseyparker_parser.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/unittests/tools/test_noseyparker_parser.py b/unittests/tools/test_noseyparker_parser.py index 714e8a4fa7..09ee36eb46 100644 --- a/unittests/tools/test_noseyparker_parser.py +++ b/unittests/tools/test_noseyparker_parser.py @@ -43,3 +43,10 @@ def test_noseyparker_parser_error(self): "Invalid Nosey Parker data, make sure to use Nosey Parker v0.16.0", str(context.exception), ) self.assertIn("ECONNREFUSED", str(context.exception)) + + def test_noseyparker_version_0_22_0(self): + with open("unittests/scans/noseyparker/noseyparker_0_22_0.jsonl", encoding="utf-8") as testfile: + parser = NoseyParkerParser() + findings = parser.get_findings(testfile, Test()) + finding = findings[0] + self.assertEqual("Critical", finding.severity) From 641565d8f90f0def47bd5c16aa0015698b4aa7b7 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Tue, 14 Jan 2025 16:49:14 +0100 Subject: [PATCH 2/9] add unittest file --- .../noseyparker/noseyparker_0_22_0.jsonl | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 unittests/scans/noseyparker/noseyparker_0_22_0.jsonl diff --git a/unittests/scans/noseyparker/noseyparker_0_22_0.jsonl b/unittests/scans/noseyparker/noseyparker_0_22_0.jsonl new file mode 100644 index 0000000000..9021abc22d --- /dev/null +++ b/unittests/scans/noseyparker/noseyparker_0_22_0.jsonl @@ -0,0 +1,26 @@ +{"finding_id":"84d871b9aec92b82245f7b687d7bf64048d3c68e","rule_name":"AWS API Credentials","rule_text_id":"np.aws.6","rule_structural_id":"39d60c56d8a84ca6ab5999de8fea93657e3cae99","groups":["QUtJQVNQMlRQSEpTNFhVVTNFUEo=","Q1Uwb0t0NEd0MWxIRHRKam5STGZkQlVaV2FkbVlJSGV2cS9UeVV6Lw=="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"43d6429098e4d3acdf6938dfc159172c4dd99220","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1678401216 +0100","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1678401216 +0100","message":"Update docs for okteto challenge 15\n"},"blob_path":"src/main/resources/explanations/challenge15.adoc"}}],"blob_metadata":{"id":"1590fc5b5b352fd538a6372946b04120bc2b5649","num_bytes":1741,"mime_essence":null,"charset":null},"blob_id":"1590fc5b5b352fd538a6372946b04120bc2b5649","location":{"offset_span":{"start":1346,"end":1430},"source_span":{"start":{"line":25,"column":19},"end":{"line":27,"column":0}}},"groups":["QUtJQVNQMlRQSEpTNFhVVTNFUEo=","Q1Uwb0t0NEd0MWxIRHRKam5STGZkQlVaV2FkbVlJSGV2cS9UeVV6Lw=="],"snippet":{"before":"s-east-2\noutput=json\n\n#https://canarytokens.org/manage?token=cs07k832u9t1u4npowbvsw4mb&auth=7f75f2b2a4207c91fbc1ea59f7a495eb\n\naws_access_key_id=AKIASP2TPHJS6R72AFU2aws_secret_access_key=tpRLTDr0/PTZtUkS1rCUeWzQvknekDIpe4U3cxbv\n\n[default]\naws_access_key_id=","matching":"AKIASP2TPHJS4XUU3EPJ\naws_secret_access_key=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\n","after":"region=us-east-2\noutput=json\n\n#https://canarytokens.org/manage?token=n0cnd92mavmv1m61tjmyj9of5&auth=6519be82ef910868529091527c3edb3f\n\naws_access_key_id=AKIASP2TPHJS4XUU3EPJaws_secret_access_key=CU0oKt4Gt1lHDtJjnRLfdBUZWadmYIHevq/TyUz/\n\nhttps://wrongsecrets"},"structural_id":"f7532bb5152f116bf4d4ca4230255303b75433c6","rule_structural_id":"39d60c56d8a84ca6ab5999de8fea93657e3cae99","rule_text_id":"np.aws.6","rule_name":"AWS API Credentials","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"52f981212f10fdbcffe43a3271a69ff152322ab6","rule_name":"AWS API Credentials","rule_text_id":"np.aws.6","rule_structural_id":"39d60c56d8a84ca6ab5999de8fea93657e3cae99","groups":["QUtJQVNQMlRQSEpTNlI3MkFGVTI=","dHBSTFREcjAvUFRadFVrUzFyQ1VlV3pRdmtuZWtESXBlNFUzY3hidg=="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"43d6429098e4d3acdf6938dfc159172c4dd99220","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1678401216 +0100","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1678401216 +0100","message":"Update docs for okteto challenge 15\n"},"blob_path":"src/main/resources/explanations/challenge15.adoc"}}],"blob_metadata":{"id":"1590fc5b5b352fd538a6372946b04120bc2b5649","num_bytes":1741,"mime_essence":null,"charset":null},"blob_id":"1590fc5b5b352fd538a6372946b04120bc2b5649","location":{"offset_span":{"start":998,"end":1082},"source_span":{"start":{"line":15,"column":19},"end":{"line":17,"column":0}}},"groups":["QUtJQVNQMlRQSEpTNlI3MkFGVTI=","dHBSTFREcjAvUFRadFVrUzFyQ1VlV3pRdmtuZWtESXBlNFUzY3hidg=="],"snippet":{"before":"tokens! Though you can do `aws sts get-caller-identity` with them. When you use them, some of your data (IP/agent) is being logged.]?!\nGo to https://wrongsecrets.herokuapp.com/stats[stats] when you tried them to find out more!\n\n[default]\naws_access_key_id=","matching":"AKIASP2TPHJS6R72AFU2\naws_secret_access_key=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\n","after":"region=us-east-2\noutput=json\n\n#https://canarytokens.org/manage?token=cs07k832u9t1u4npowbvsw4mb&auth=7f75f2b2a4207c91fbc1ea59f7a495eb\n\naws_access_key_id=AKIASP2TPHJS6R72AFU2aws_secret_access_key=tpRLTDr0/PTZtUkS1rCUeWzQvknekDIpe4U3cxbv\n\n[default]\naws_access"},"structural_id":"7c651b1c48c52e4d85c21b5eb4b4ded419da8f59","rule_structural_id":"39d60c56d8a84ca6ab5999de8fea93657e3cae99","rule_text_id":"np.aws.6","rule_name":"AWS API Credentials","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"a8950151f2e808e7ad19f417415718e2b4bd94e1","rule_name":"AWS API Credentials","rule_text_id":"np.aws.6","rule_structural_id":"39d60c56d8a84ca6ab5999de8fea93657e3cae99","groups":["QUtJQVlWUDRDSVBQSkNKT1BKV0w=","OEl5U1VlRWhMRE5kMkFlR0VlQklVVEJ3NzZQRmlUQjR0U1c5dWZIRg=="],"num_matches":2,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"47d1e638af75ff2ecbc19ca70cf2aaccaa0bcd6b","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1647241216 +0100","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1647241216 +0100","message":"WIP @ Challenge 15\n"},"blob_path":"src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge15.java"}}],"blob_metadata":{"id":"23f671fd1604266bbba2eedf651652b4baec6560","num_bytes":3335,"mime_essence":"application/octet-stream","charset":null},"blob_id":"23f671fd1604266bbba2eedf651652b4baec6560","location":{"offset_span":{"start":1423,"end":1516},"source_span":{"start":{"line":55,"column":28},"end":{"line":57,"column":0}}},"groups":["QUtJQVlWUDRDSVBQSkNKT1BKV0w=","OEl5U1VlRWhMRE5kMkFlR0VlQklVVEJ3NzZQRmlUQjR0U1c5dWZIRg=="],"snippet":{"before":"\n * [Arcane]\n * aws_access_key_id = AKIAYVP4CIPPEMEC27B2\n * aws_secret_access_key = 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\n * output = json\n * region = us-east-2\n *\n * Arcane debug:\n * [default]\n * aws_access_key_id = ","matching":"AKIAYVP4CIPPJCJOPJWL\n * aws_secret_access_key = 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\n","after":" * output = json\n * region = us-east-2\n *\n * wrongsecrets debug:\n * [default]\n * aws_access_key_id = AKIAYVP4CIPPCXOWVNMW\n * aws_secret_access_key = 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\n * output = json\n * region = u"},"structural_id":"f25b5d7a3de7cce6af433b392625e7acd99c0355","rule_structural_id":"39d60c56d8a84ca6ab5999de8fea93657e3cae99","rule_text_id":"np.aws.6","rule_name":"AWS API Credentials","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"2c2c0b1231212321f19ee02a392f7193524c1195","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1647240427 +0100","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1647240427 +0100","message":"First setup of challenge 15, will remove raw credentials later\n"},"blob_path":"src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge15.java"}}],"blob_metadata":{"id":"5b8bd6808428853791516927badf127418e64bc8","num_bytes":1536,"mime_essence":"application/octet-stream","charset":null},"blob_id":"5b8bd6808428853791516927badf127418e64bc8","location":{"offset_span":{"start":1168,"end":1261},"source_span":{"start":{"line":47,"column":28},"end":{"line":49,"column":0}}},"groups":["QUtJQVlWUDRDSVBQSkNKT1BKV0w=","OEl5U1VlRWhMRE5kMkFlR0VlQklVVEJ3NzZQRmlUQjR0U1c5dWZIRg=="],"snippet":{"before":"\n * [Arcane]\n * aws_access_key_id = AKIAYVP4CIPPEMEC27B2\n * aws_secret_access_key = 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\n * output = json\n * region = us-east-2\n *\n * Arcane debug:\n * [default]\n * aws_access_key_id = ","matching":"AKIAYVP4CIPPJCJOPJWL\n * aws_secret_access_key = 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\n","after":" * output = json\n * region = us-east-2\n *\n * wrongsecrets debug:\n * [default]\n * aws_access_key_id = AKIAYVP4CIPPCXOWVNMW\n * aws_secret_access_key = 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\n * output = json\n * region = u"},"structural_id":"ed247789cc7d4aa713c26844a3373555f664bb0b","rule_structural_id":"39d60c56d8a84ca6ab5999de8fea93657e3cae99","rule_text_id":"np.aws.6","rule_name":"AWS API Credentials","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"1c82eb8796a72495efce9ecf618b84fba10ffc84","rule_name":"Base64-PEM-Encoded Private Key","rule_text_id":"np.pem.2","rule_structural_id":"35bc9170393aecc3777a72fe77e269fc150c91ce","groups":["TFMwdExTMUNSVWRKVGlCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRcE5TVWxLUzJkSlFrRkJTME5CWjBWQmMzZFhVMnRwWlU5bk5rSmhkRWxHVFVKMFZsZHpaVzluVFd3MFVraFlOblJKUTFsUU0wRXdWelJKU2pocmMxZzJDbXh2V0VWeE15czNOV3hUWjBVMVJ6UkdTMk5YWVVWNVV6ZGpjR0V5Y0VSVU5UTjVSbU4xTlRkdFQwdFJWa2gyT0c1VmN6VnJNM2hYY1VGWE5pczNNMEVLT1RabE1IWnRlbmxLYkc5T1JVa3dPVTFwUzBac00zZHNTelZMTjJWQ1JsRnBiMnRSYjNZeFNsRnFPVVo0VkdGSU1EQlNNR3BxSzAwM0wzaFdTV0ZJS3dweGFtVTNOMHhhU2pCcWRESkRWWGRLVkc5NFVUTXlSRVl3VkRRNE1IaDRjRE5QTTNaWU9FUkNUbmhaUzNNMUt6Vk5RekV4TWtweFp6QnJZbXBUYVZNMUNpOHZaWEYzU1hGd1R6VXpaVXhETjJGMVVWbHRUVTVEYjFaTVduTm1hVzF0ZURGd1RYTjRiRWh1VEVKeGNWTkdiVzVzZVZCb09WcHZlVmRTWkROUWRIY0tVV1UzVjIwNVptcHJaU3RYTlc1eWFIYzNNMjV1TVhGS056TjBRWFU1WkZReVQybEZjV1pRTmpNM01YZFRkSHBaVXpCR2EwbGxWV2xWWkVSeGRXRlhVQW9yUjFNM1VrUlFhbk5MTVhaTUszbG1XbEJNYkROWVNrdHZLMFl6UlVKcmIyZGpiM05MZHpOdWVFaHNjRUkwVFd0VFJuSkViMmRKUVVrMFJVOVZTelIzQ2toc1JqZE1jU3REZDA0eGFYRkNkbFp2YldGT1NqVldURlZKVlRWamNtcFZMMUk1U1hkSU56Tk5OSFpYU0ZaV2QzaFFOV0ZxVW01cE9HMXdlV3BaUzIwS2VHd3JSMXBSTDI1bmJFMUxUVzlTY0c5dVNEVnFMMFJOTms4MVdURTVkVmcyT1VsbVRFRlNhRGhST0dOMFIwcG1PRzA0Wkd0NWVsaEhLMmRTWWxvNGNncEtkVk0wVFVWNmJtcFNhMkpyYUdodEwyZzFUVGR4WkM5RmRUSm5ibWxUT1c5eVkzVlVNR0UzTlVkMFJtbHNTbE15YTNwbVRsZGFVamhOY0VGSlFXNXFDbWh1YlhJeWNEVTJNVEJCUkVORU1uSnFSbkJUUlV0UFN6bFBOVUY1YWxSUWVsWnNaRFJ3WlhZNU0ybGpjVzFQVHprMGJEQnhjVXBIY21NNFEwRjNSVUVLUVZGTFEwRm5SVUZ2T0U1VFVFTTNRbGRNYkd0dlJVTjVLMjlHU0RaRlRFUktla0ZVZFdkYU5tVnlSVEo1ZEdGVFpXUm5SQ3QzVUhWWmNXMUdjV3hwVkFveU0xUkpXbTQxYW1oVmFpOHpNMDVGTmxFck1rbHpRbVpwUWk5S2REaFNaUzlvUlhKa1NURnFTR05UUm5FNWQxQk1WemR2YVVsamFITmhjMUpXVXpBeUNrdHJNSGRNUm1JemFIaG5OMWR6VEhaQlltZGtiRUV4UzNaNEx6VlFlRUY1V25NMldXeFljRE55TlZOemFISXJkSFp2TnpKc1YybHhTRXMwVmxVNGJrSUtTaTlpU3pKSFFtUkdlVk5YYVc1RWRFcExZM0JZZG14alFXZFZTMlF5TlU1cldWZDRWRzVYY2treE5VTnpiREZ3UW14S1oyTjRLemR2YlVzclMxcHVkUXBwTmtkNlltNXRRMFJqVjBwU1FtaHpSU3R2TkhaM1VqbEZNVzlSVm1KdGJsZzNaVzFMYjJSeFdua3hTRUY2ZW04MlIyNVBlakp4V0Zjd2ExQjFjMjh6Q2pJdlZIVTVia2R6WlhKSlN6UjVVV2RyUW10UmN6UlRZbkZCTW5vMVNHRnZPU3RLVEZVMGRFdExXVVF2WkRkMk1IQTFTa0ZKUkdSU1lsQTNVMWhSU2pBS2RURjJOWGxxVm1sU2JFNDJiVkpuZVd0Tk5rODVTSGN3YWtWWFF5dE5SRzV6Tm04eFMySnhiM1p5TDNOWk4zVk5SVVpyVkVaeFdFY3lUbmRZTm1FMVVBbzJTbmRIV1U1RFNYSk5hWHBqYUVZd2RVNTBTVUZJUzFScE1tOU9jak0wY1ZaUWIwWnJWV3N2VmxJNFYzUjFOSGM1Y3pCWlNsaDFaM3BsV2xBclJ6TjZDbTVGZUhSV05qUkNhWFJ3THk5MWExcDZOVWMzWmtvMlFqRkZTV1pDTTJWek1uZFliVTV1TVdWbk9YVjZjWEpoTWxCMVNHRnBjWGxoYTB4ak1YTktURm9LZG01Rk5VMU9XRTF1WTNaalVHUkdRbGRqT0V3d1JGWkhRMjlyZFcxQ1dqSTFabWRQUjNGcFVrRlBiMHRFZDAxVWFtMWxNR1ZzTkdRdlFVNXlabFJTZFFvMVRWZHJNRXRTU1VscUt6ZEdjeXRTUldkYVZUVnlRazl1VWpORWNuVllSeXRXWTI1MUswbzBSbk5yWjJOSmFqRldhMFZEWjJkRlFrRk5SMHRrYlhBeUNuRnRlVVJDVW1GYWVuRnNORXRRVlZGMFVGVmlTMDVDT1Vad1YycHdZVXhrVUdaVE1VRjFOMEl2WjJoYU56UndhamgxZEhsalNrZFpkMWt5ZFdsb2NURUtTRzlFY2tOaFExZE9jbmhDZHpKWGQwTTRPSGwyU1dsbGRtRkhhRXBSVG5KNFJuRmFiWEJIWkdzNFRpdFJNeTlsYW5scFpWQjJTMVJZWTB0RU9TdFlXUXBOZGtacFpWaHpRbWhsVW5sa1QzYzFZM00zT1hjck1YazJOVGRLT1VScGVVdzRaVlpHVkU0emFFWlBUQzlUV1hCamEzaGtiRVZOZDJGbVlrOXVXRTlsQ25wQmJFdEJlR1ppUldKRlNsZzJUR3hIY0RkcWQydE5abVJvV1d4ak9Ya3pWSE5WVGpsU1REbDBaVkZsVUZSS1N6Wk1VRzVvYldOSlZEVjBTSGxsWVZVS2NIQlJRWFZyZEZZdlkxUmhNa3N5VUZSRVkyVk1LMFpvY1dacVFVdzFObE5GY0d0U2QwSXhSV296Y1RrdkwyVTRaa2xCZVZkdVUwTnZWM0F4UjNGb1dRcFpRMEUxZFdoa1MzVjRXbGhVS3poRFoyZEZRa0ZQZWt4dGFqTnpTSFpRU21GcFVqZDNibmhuYTAxWU9WZzBiMGd6UmpNNFIydEVORkZwVUhNNWJsYzJDblJDTVN0RGQycEtaekZHTkVSc1QwaEVVVTh2Y1RnM2QwSXJZa0ZMUlVwTWJGZGFiR1Z4VlhaNlpFTnlTalJMVTNJeWFHZDNUbWh3Wnl0Mk5IZGhVVlVLWm5kUGVXY3JVbk5xUmpac1FXUlFiRlpCU0hNMldsWXJhQzgwZW5wMFJ6WlZlbXRwUjAxcU9HbDJSMk5uSzNCRE4wMTVOVTVHVjBOUVJtVlZWSGd2TmdwWlNuRlRkV2xQY1cxeU5qQm9XVTVaY25KYVpUTlVaRGhXVlZsWWFtWjNZVmxwYjFWVWFVMDVjREZSTVRrNU9FSlBObmhDTlhveVNXMUhOV1EyUzFCMUNuQlhkR2hHVEZaTFZWYzJhWGwxUW0wd1IyOVhlazVKVFVZdldIZG1Xa3R1TWt0bWFtUldRVUpZVXpWRFRtOXlabUpoWjBGa05tdFBTR3Q2V1RGSE55c0thRkp3UTBWdVVIUkRiRVF6Y2k5SFl6VnZSemM1ZEM5QmRDOVFOVTVVUzA5UWRHZzNLMkpJZDI5RFJVTm5aMFZDUVVzeGJIWkZiMDlJZDI5NFMwaElhZ3BSTUVOaFNYcG1UWHBDVGpsVVkyWmtRMnR5ZFROM2RGaGFTbUpHVW1Wa1ltSndiRlV5YTFGSE5FUkZTbmx6YW01TWVVbGpObWxoWW1SelZGSjZNRXBOQ2pCeFZTOHhhWGhaTWxoMU9WaFRVMW81UWxCSVMwUTBNRmw1Y3pSNWVqaEVRM04yZGxvNVNUaE9PRFpSVjBveFJWbHdRbEJaT1RWT1NWQmpZVE4yVUZJS2JsZ3ZZU3M1TlZsaFowRkNXVE5TZEhKaFVVdEdRVUp1ZUVZM2RuUndjbmg2VjBJNE16QlZPV2hQV0dWUlYwMW9SVkUzUzJSck5rMVRkMnhZWjJkWWVBcG5OWGN4V21KWGRuaFlXSFJaVEVvMmExaFhkVUZIZDFNek1FOHhRMWxyUjFCa2QzWkxNbnBRY1VWVWJXWlpaalUzYW1sVmVrNU5Sa0V5YXl0aVlXNXdDbFpRTnpGbk5FOWpRM2hEYlhaM1kxTldVa3BGVUZkWE5GRlhiR0ZsWlVNckswUXhhakZPZWtSNGJHVnJlRll6TVZjeVJHaHZaM2xLWjFSWVpVRnNaWG9LTkVsS1dHNDBhME5uWjBWQ1FVcDFjR1JIYmtWalRYZzVNbGRNUjFsTFJqSnpXRlZYUkU1dmJVNU1NSEl6ZFRWaGVFMHZkRVpGT1hOUWNqaHpabTlDTWdwU0wyTnJXSFpoVm5wMk5YQXpOekpZYlZCdlpEQTViRkUyY0U0emJteHZPSGhMVjNBdllqQmxVa2RVZGxKYVdpdE9jRlJITkVSVVIzSkpRak4wTjBKUUNtdDVPR05rWTJ0bU9XdDFWblpETDJ0RUt6UlNha3RJWlZKS2RFbFRUbUpITDFkbE4wcG9Vek5xWjJNcmMwdExUbXBNUm1RNE1qTnZTRGt3T1VjeFVXRUtPRTFNZHpGT2RqRlViRlJuYnpkbE16WnBOamRwVlVSNU4zaHJUMXBDWkZOcWF6aFVZM3BEVFVaUVp6SkZjR050TVd3eWJrdHBiWEF4WlVKNU0zcFJWZ29yVGxseUsyZFlkVlZKSzA1RldGQTNUWG93Wm5KTmVtUjJaRlZRT1RaNGVWZFNhbmgxWmpCemVERTRjbVl6TkVsdkt6Wk5helJ0Y21zd1FXaHplRTh4Q2k5YVVXZFlkVGhNTXpWUWJGSnVUSE56TkVOVmEwWXpPVzFHTm1wclVUbHBVMVZGUTJkblJVRkRlVlJQUkRsV2RXcGFUMEZTUldFMVowdG1TMlJzY3lzS04yczVUMUJTVWtaMVkybHVSRTExVTFkV1oyTXZRM2hSTDI4clJ6Z3JUMU53YlVnNU1sbFFTM1ZKVWtSVEx6WktiWEIyY1dVeVdGcEpOMFo1YkM4ell3cEpOM2N5V1dka1JWTTVPVkl2VGpOcE9VaDJRMFZ1ZGtGeFNUSXZjalJpU0ZaMFNVbGhSMk14VG01dGNsaDZhemxvYkRsRGVsZFZPRGM1Y1hCMGJIQjJDalpSVGtsek9WZGxWa2hsU21nMGRrYzJTV3g2Tm01aU5VeGFkRU5xYTBaWFFWZEljV05SV1RNd04xUm5TWGN4ZURBek0wUlhNa3QzTVVGRFVWaFhXbU1LUVM4d01saEpZV05VV21GSE0ySk5iVko0TTFVNGJHZHVTVlpzUlhOcWJWcFpaVlZtU1RKbmVUQXlZblprYWtaamQzUkxWVmR5UTFSdmFFUXhZbFI1VXdwcWQwcFFla1pYU0ZFNU9XaHlVa3h6WTBsRVpHTmtaVk5zU0RnNVIwOXZNbTVOTlhKelZuUmhSbXByYjNZNGJHWkNTakpoTlZWRVJWRXpRMlExUVQwOUNpMHRMUzB0UlU1RUlGSlRRU0JRVWtsV1FWUkZJRXRGV1MwdExTMHRDZz09"],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"file","path":"./k8s/main.key"},{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"ae88235b6d82a71ff07c095841aafc08837f32be","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1720167712 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1720167712 +0200","message":"step 1, part 1: fix for sealed secret controler\n"},"blob_path":"k8s/main.key"}}],"blob_metadata":{"id":"f5407810e2991e97e14756fe20d0263020eb6981","num_bytes":7091,"mime_essence":null,"charset":null},"blob_id":"f5407810e2991e97e14756fe20d0263020eb6981","location":{"offset_span":{"start":2374,"end":6707},"source_span":{"start":{"line":6,"column":14},"end":{"line":7,"column":0}}},"groups":["TFMwdExTMUNSVWRKVGlCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRcE5TVWxLUzJkSlFrRkJTME5CWjBWQmMzZFhVMnRwWlU5bk5rSmhkRWxHVFVKMFZsZHpaVzluVFd3MFVraFlOblJKUTFsUU0wRXdWelJKU2pocmMxZzJDbXh2V0VWeE15czNOV3hUWjBVMVJ6UkdTMk5YWVVWNVV6ZGpjR0V5Y0VSVU5UTjVSbU4xTlRkdFQwdFJWa2gyT0c1VmN6VnJNM2hYY1VGWE5pczNNMEVLT1RabE1IWnRlbmxLYkc5T1JVa3dPVTFwUzBac00zZHNTelZMTjJWQ1JsRnBiMnRSYjNZeFNsRnFPVVo0VkdGSU1EQlNNR3BxSzAwM0wzaFdTV0ZJS3dweGFtVTNOMHhhU2pCcWRESkRWWGRLVkc5NFVUTXlSRVl3VkRRNE1IaDRjRE5QTTNaWU9FUkNUbmhaUzNNMUt6Vk5RekV4TWtweFp6QnJZbXBUYVZNMUNpOHZaWEYzU1hGd1R6VXpaVXhETjJGMVVWbHRUVTVEYjFaTVduTm1hVzF0ZURGd1RYTjRiRWh1VEVKeGNWTkdiVzVzZVZCb09WcHZlVmRTWkROUWRIY0tVV1UzVjIwNVptcHJaU3RYTlc1eWFIYzNNMjV1TVhGS056TjBRWFU1WkZReVQybEZjV1pRTmpNM01YZFRkSHBaVXpCR2EwbGxWV2xWWkVSeGRXRlhVQW9yUjFNM1VrUlFhbk5MTVhaTUszbG1XbEJNYkROWVNrdHZLMFl6UlVKcmIyZGpiM05MZHpOdWVFaHNjRUkwVFd0VFJuSkViMmRKUVVrMFJVOVZTelIzQ2toc1JqZE1jU3REZDA0eGFYRkNkbFp2YldGT1NqVldURlZKVlRWamNtcFZMMUk1U1hkSU56Tk5OSFpYU0ZaV2QzaFFOV0ZxVW01cE9HMXdlV3BaUzIwS2VHd3JSMXBSTDI1bmJFMUxUVzlTY0c5dVNEVnFMMFJOTms4MVdURTVkVmcyT1VsbVRFRlNhRGhST0dOMFIwcG1PRzA0Wkd0NWVsaEhLMmRTWWxvNGNncEtkVk0wVFVWNmJtcFNhMkpyYUdodEwyZzFUVGR4WkM5RmRUSm5ibWxUT1c5eVkzVlVNR0UzTlVkMFJtbHNTbE15YTNwbVRsZGFVamhOY0VGSlFXNXFDbWh1YlhJeWNEVTJNVEJCUkVORU1uSnFSbkJUUlV0UFN6bFBOVUY1YWxSUWVsWnNaRFJ3WlhZNU0ybGpjVzFQVHprMGJEQnhjVXBIY21NNFEwRjNSVUVLUVZGTFEwRm5SVUZ2T0U1VFVFTTNRbGRNYkd0dlJVTjVLMjlHU0RaRlRFUktla0ZVZFdkYU5tVnlSVEo1ZEdGVFpXUm5SQ3QzVUhWWmNXMUdjV3hwVkFveU0xUkpXbTQxYW1oVmFpOHpNMDVGTmxFck1rbHpRbVpwUWk5S2REaFNaUzlvUlhKa1NURnFTR05UUm5FNWQxQk1WemR2YVVsamFITmhjMUpXVXpBeUNrdHJNSGRNUm1JemFIaG5OMWR6VEhaQlltZGtiRUV4UzNaNEx6VlFlRUY1V25NMldXeFljRE55TlZOemFISXJkSFp2TnpKc1YybHhTRXMwVmxVNGJrSUtTaTlpU3pKSFFtUkdlVk5YYVc1RWRFcExZM0JZZG14alFXZFZTMlF5TlU1cldWZDRWRzVYY2treE5VTnpiREZ3UW14S1oyTjRLemR2YlVzclMxcHVkUXBwTmtkNlltNXRRMFJqVjBwU1FtaHpSU3R2TkhaM1VqbEZNVzlSVm1KdGJsZzNaVzFMYjJSeFdua3hTRUY2ZW04MlIyNVBlakp4V0Zjd2ExQjFjMjh6Q2pJdlZIVTVia2R6WlhKSlN6UjVVV2RyUW10UmN6UlRZbkZCTW5vMVNHRnZPU3RLVEZVMGRFdExXVVF2WkRkMk1IQTFTa0ZKUkdSU1lsQTNVMWhSU2pBS2RURjJOWGxxVm1sU2JFNDJiVkpuZVd0Tk5rODVTSGN3YWtWWFF5dE5SRzV6Tm04eFMySnhiM1p5TDNOWk4zVk5SVVpyVkVaeFdFY3lUbmRZTm1FMVVBbzJTbmRIV1U1RFNYSk5hWHBqYUVZd2RVNTBTVUZJUzFScE1tOU9jak0wY1ZaUWIwWnJWV3N2VmxJNFYzUjFOSGM1Y3pCWlNsaDFaM3BsV2xBclJ6TjZDbTVGZUhSV05qUkNhWFJ3THk5MWExcDZOVWMzWmtvMlFqRkZTV1pDTTJWek1uZFliVTV1TVdWbk9YVjZjWEpoTWxCMVNHRnBjWGxoYTB4ak1YTktURm9LZG01Rk5VMU9XRTF1WTNaalVHUkdRbGRqT0V3d1JGWkhRMjlyZFcxQ1dqSTFabWRQUjNGcFVrRlBiMHRFZDAxVWFtMWxNR1ZzTkdRdlFVNXlabFJTZFFvMVRWZHJNRXRTU1VscUt6ZEdjeXRTUldkYVZUVnlRazl1VWpORWNuVllSeXRXWTI1MUswbzBSbk5yWjJOSmFqRldhMFZEWjJkRlFrRk5SMHRrYlhBeUNuRnRlVVJDVW1GYWVuRnNORXRRVlZGMFVGVmlTMDVDT1Vad1YycHdZVXhrVUdaVE1VRjFOMEl2WjJoYU56UndhamgxZEhsalNrZFpkMWt5ZFdsb2NURUtTRzlFY2tOaFExZE9jbmhDZHpKWGQwTTRPSGwyU1dsbGRtRkhhRXBSVG5KNFJuRmFiWEJIWkdzNFRpdFJNeTlsYW5scFpWQjJTMVJZWTB0RU9TdFlXUXBOZGtacFpWaHpRbWhsVW5sa1QzYzFZM00zT1hjck1YazJOVGRLT1VScGVVdzRaVlpHVkU0emFFWlBUQzlUV1hCamEzaGtiRVZOZDJGbVlrOXVXRTlsQ25wQmJFdEJlR1ppUldKRlNsZzJUR3hIY0RkcWQydE5abVJvV1d4ak9Ya3pWSE5WVGpsU1REbDBaVkZsVUZSS1N6Wk1VRzVvYldOSlZEVjBTSGxsWVZVS2NIQlJRWFZyZEZZdlkxUmhNa3N5VUZSRVkyVk1LMFpvY1dacVFVdzFObE5GY0d0U2QwSXhSV296Y1RrdkwyVTRaa2xCZVZkdVUwTnZWM0F4UjNGb1dRcFpRMEUxZFdoa1MzVjRXbGhVS3poRFoyZEZRa0ZQZWt4dGFqTnpTSFpRU21GcFVqZDNibmhuYTAxWU9WZzBiMGd6UmpNNFIydEVORkZwVUhNNWJsYzJDblJDTVN0RGQycEtaekZHTkVSc1QwaEVVVTh2Y1RnM2QwSXJZa0ZMUlVwTWJGZGFiR1Z4VlhaNlpFTnlTalJMVTNJeWFHZDNUbWh3Wnl0Mk5IZGhVVlVLWm5kUGVXY3JVbk5xUmpac1FXUlFiRlpCU0hNMldsWXJhQzgwZW5wMFJ6WlZlbXRwUjAxcU9HbDJSMk5uSzNCRE4wMTVOVTVHVjBOUVJtVlZWSGd2TmdwWlNuRlRkV2xQY1cxeU5qQm9XVTVaY25KYVpUTlVaRGhXVlZsWWFtWjNZVmxwYjFWVWFVMDVjREZSTVRrNU9FSlBObmhDTlhveVNXMUhOV1EyUzFCMUNuQlhkR2hHVEZaTFZWYzJhWGwxUW0wd1IyOVhlazVKVFVZdldIZG1Xa3R1TWt0bWFtUldRVUpZVXpWRFRtOXlabUpoWjBGa05tdFBTR3Q2V1RGSE55c0thRkp3UTBWdVVIUkRiRVF6Y2k5SFl6VnZSemM1ZEM5QmRDOVFOVTVVUzA5UWRHZzNLMkpJZDI5RFJVTm5aMFZDUVVzeGJIWkZiMDlJZDI5NFMwaElhZ3BSTUVOaFNYcG1UWHBDVGpsVVkyWmtRMnR5ZFROM2RGaGFTbUpHVW1Wa1ltSndiRlV5YTFGSE5FUkZTbmx6YW01TWVVbGpObWxoWW1SelZGSjZNRXBOQ2pCeFZTOHhhWGhaTWxoMU9WaFRVMW81UWxCSVMwUTBNRmw1Y3pSNWVqaEVRM04yZGxvNVNUaE9PRFpSVjBveFJWbHdRbEJaT1RWT1NWQmpZVE4yVUZJS2JsZ3ZZU3M1TlZsaFowRkNXVE5TZEhKaFVVdEdRVUp1ZUVZM2RuUndjbmg2VjBJNE16QlZPV2hQV0dWUlYwMW9SVkUzUzJSck5rMVRkMnhZWjJkWWVBcG5OWGN4V21KWGRuaFlXSFJaVEVvMmExaFhkVUZIZDFNek1FOHhRMWxyUjFCa2QzWkxNbnBRY1VWVWJXWlpaalUzYW1sVmVrNU5Sa0V5YXl0aVlXNXdDbFpRTnpGbk5FOWpRM2hEYlhaM1kxTldVa3BGVUZkWE5GRlhiR0ZsWlVNckswUXhhakZPZWtSNGJHVnJlRll6TVZjeVJHaHZaM2xLWjFSWVpVRnNaWG9LTkVsS1dHNDBhME5uWjBWQ1FVcDFjR1JIYmtWalRYZzVNbGRNUjFsTFJqSnpXRlZYUkU1dmJVNU1NSEl6ZFRWaGVFMHZkRVpGT1hOUWNqaHpabTlDTWdwU0wyTnJXSFpoVm5wMk5YQXpOekpZYlZCdlpEQTViRkUyY0U0emJteHZPSGhMVjNBdllqQmxVa2RVZGxKYVdpdE9jRlJITkVSVVIzSkpRak4wTjBKUUNtdDVPR05rWTJ0bU9XdDFWblpETDJ0RUt6UlNha3RJWlZKS2RFbFRUbUpITDFkbE4wcG9Vek5xWjJNcmMwdExUbXBNUm1RNE1qTnZTRGt3T1VjeFVXRUtPRTFNZHpGT2RqRlViRlJuYnpkbE16WnBOamRwVlVSNU4zaHJUMXBDWkZOcWF6aFVZM3BEVFVaUVp6SkZjR050TVd3eWJrdHBiWEF4WlVKNU0zcFJWZ29yVGxseUsyZFlkVlZKSzA1RldGQTNUWG93Wm5KTmVtUjJaRlZRT1RaNGVWZFNhbmgxWmpCemVERTRjbVl6TkVsdkt6Wk5helJ0Y21zd1FXaHplRTh4Q2k5YVVXZFlkVGhNTXpWUWJGSnVUSE56TkVOVmEwWXpPVzFHTm1wclVUbHBVMVZGUTJkblJVRkRlVlJQUkRsV2RXcGFUMEZTUldFMVowdG1TMlJzY3lzS04yczVUMUJTVWtaMVkybHVSRTExVTFkV1oyTXZRM2hSTDI4clJ6Z3JUMU53YlVnNU1sbFFTM1ZKVWtSVEx6WktiWEIyY1dVeVdGcEpOMFo1YkM4ell3cEpOM2N5V1dka1JWTTVPVkl2VGpOcE9VaDJRMFZ1ZGtGeFNUSXZjalJpU0ZaMFNVbGhSMk14VG01dGNsaDZhemxvYkRsRGVsZFZPRGM1Y1hCMGJIQjJDalpSVGtsek9WZGxWa2hsU21nMGRrYzJTV3g2Tm01aU5VeGFkRU5xYTBaWFFWZEljV05SV1RNd04xUm5TWGN4ZURBek0wUlhNa3QzTVVGRFVWaFhXbU1LUVM4d01saEpZV05VV21GSE0ySk5iVko0TTFVNGJHZHVTVlpzUlhOcWJWcFpaVlZtU1RKbmVUQXlZblprYWtaamQzUkxWVmR5UTFSdmFFUXhZbFI1VXdwcWQwcFFla1pYU0ZFNU9XaHlVa3h6WTBsRVpHTmtaVk5zU0RnNVIwOXZNbTVOTlhKelZuUmhSbXByYjNZNGJHWkNTakpoTlZWRVJWRXpRMlExUVQwOUNpMHRMUzB0UlU1RUlGSlRRU0JRVWtsV1FWUkZJRXRGV1MwdExTMHRDZz09"],"snippet":{"before":"lIVUx3WURSTmJyNjVZb2RhRU9WRE1ITW5ZUWptMWlNUElLM3QyMkdmcEErCktyRENHMUVlZnZkUTU0eGhreUtZVjZOZko0R0gyOVJicXNkeVMyS1hDUXJINDlqV1h3RHpRZ09iK1BUcW9nNCsKNzVVemhsQ2pYT3FPRFFaY1JjWXVyZTJjK2Z1elU2cVJ1L1o5SlJZM0MyOD0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=\n tls.key: ","matching":"LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS2dJQkFBS0NBZ0VBc3dXU2tpZU9nNkJhdElGTUJ0VldzZW9nTWw0UkhYNnRJQ1lQM0EwVzRJSjhrc1g2CmxvWEVxMys3NWxTZ0U1RzRGS2NXYUV5UzdjcGEycERUNTN5RmN1NTdtT0tRVkh2OG5VczVrM3hXcUFXNis3M0EKOTZlMHZtenlKbG9ORUkwOU1pS0ZsM3dsSzVLN2VCRlFpb2tRb3YxSlFqOUZ4VGFIMDBSMGpqK003L3hWSWFIKwpxamU3N0xaSjBqdDJDVXdKVG94UTMyREYwVDQ4MHh4cDNPM3ZYOERCTnhZS3M1KzVNQzExMkpxZzBrYmpTaVM1Ci8vZXF3SXFwTzUzZUxDN2F1UVltTU5Db1ZMWnNmaW1teDFwTXN4bEhuTEJxcVNGbW5seVBoOVpveVdSZDNQdHcKUWU3V205ZmprZStXNW5yaHc3M25uMXFKNzN0QXU5ZFQyT2lFcWZQNjM3MXdTdHpZUzBGa0llVWlVZERxdWFXUAorR1M3UkRQanNLMXZMK3lmWlBMbDNYSktvK0YzRUJrb2djb3NLdzNueEhscEI0TWtTRnJEb2dJQUk0RU9VSzR3CkhsRjdMcStDd04xaXFCdlZvbWFOSjVWTFVJVTVjcmpVL1I5SXdINzNNNHZXSFZWd3hQNWFqUm5pOG1weWpZS20KeGwrR1pRL25nbE1LTW9ScG9uSDVqL0RNNk81WTE5dVg2OUlmTEFSaDhROGN0R0pmOG04ZGt5elhHK2dSYlo4cgpKdVM0TUV6bmpSa2JraGhtL2g1TTdxZC9FdTJnbmlTOW9yY3VUMGE3NUd0RmlsSlMya3pmTldaUjhNcEFJQW5qCmhubXIycDU2MTBBRENEMnJqRnBTRUtPSzlPNUF5alRQelZsZDRwZXY5M2ljcW1PTzk0bDBxcUpHcmM4Q0F3RUEKQVFLQ0FnRUFvOE5TUEM3QldMbGtvRUN5K29GSDZFTERKekFUdWdaNmVyRTJ5dGFTZWRnRCt3UHVZcW1GcWxpVAoyM1RJWm41amhVai8zM05FNlErMklzQmZpQi9KdDhSZS9oRXJkSTFqSGNTRnE5d1BMVzdvaUljaHNhc1JWUzAyCktrMHdMRmIzaHhnN1dzTHZBYmdkbEExS3Z4LzVQeEF5WnM2WWxYcDNyNVNzaHIrdHZvNzJsV2lxSEs0VlU4bkIKSi9iSzJHQmRGeVNXaW5EdEpLY3BYdmxjQWdVS2QyNU5rWVd4VG5XckkxNUNzbDFwQmxKZ2N4KzdvbUsrS1pudQppNkd6Ym5tQ0RjV0pSQmhzRStvNHZ3UjlFMW9RVmJtblg3ZW1Lb2RxWnkxSEF6em82R25PejJxWFcwa1B1c28zCjIvVHU5bkdzZXJJSzR5UWdrQmtRczRTYnFBMno1SGFvOStKTFU0dEtLWUQvZDd2MHA1SkFJRGRSYlA3U1hRSjAKdTF2NXlqVmlSbE42bVJneWtNNk85SHcwakVXQytNRG5zNm8xS2Jxb3ZyL3NZN3VNRUZrVEZxWEcyTndYNmE1UAo2SndHWU5DSXJNaXpjaEYwdU50SUFIS1RpMm9OcjM0cVZQb0ZrVWsvVlI4V3R1NHc5czBZSlh1Z3plWlArRzN6Cm5FeHRWNjRCaXRwLy91a1p6NUc3Zko2QjFFSWZCM2VzMndYbU5uMWVnOXV6cXJhMlB1SGFpcXlha0xjMXNKTFoKdm5FNU1OWE1uY3ZjUGRGQldjOEwwRFZHQ29rdW1CWjI1ZmdPR3FpUkFPb0tEd01Uam1lMGVsNGQvQU5yZlRSdQo1TVdrMEtSSUlqKzdGcytSRWdaVTVyQk9uUjNEcnVYRytWY251K0o0RnNrZ2NJajFWa0VDZ2dFQkFNR0tkbXAyCnFteURCUmFaenFsNEtQVVF0UFViS05COUZwV2pwYUxkUGZTMUF1N0IvZ2haNzRwajh1dHljSkdZd1kydWlocTEKSG9EckNhQ1dOcnhCdzJXd0M4OHl2SWlldmFHaEpRTnJ4RnFabXBHZGs4TitRMy9lanlpZVB2S1RYY0tEOStYWQpNdkZpZVhzQmhlUnlkT3c1Y3M3OXcrMXk2NTdKOURpeUw4ZVZGVE4zaEZPTC9TWXBja3hkbEVNd2FmYk9uWE9lCnpBbEtBeGZiRWJFSlg2TGxHcDdqd2tNZmRoWWxjOXkzVHNVTjlSTDl0ZVFlUFRKSzZMUG5obWNJVDV0SHllYVUKcHBRQXVrdFYvY1RhMksyUFREY2VMK0ZocWZqQUw1NlNFcGtSd0IxRWozcTkvL2U4ZklBeVduU0NvV3AxR3FoWQpZQ0E1dWhkS3V4WlhUKzhDZ2dFQkFPekxtajNzSHZQSmFpUjd3bnhna01YOVg0b0gzRjM4R2tENFFpUHM5blc2CnRCMStDd2pKZzFGNERsT0hEUU8vcTg3d0IrYkFLRUpMbFdabGVxVXZ6ZENySjRLU3IyaGd3TmhwZyt2NHdhUVUKZndPeWcrUnNqRjZsQWRQbFZBSHM2WlYraC80enp0RzZVemtpR01qOGl2R2NnK3BDN015NU5GV0NQRmVVVHgvNgpZSnFTdWlPcW1yNjBoWU5ZcnJaZTNUZDhWVVlYamZ3YVlpb1VUaU05cDFRMTk5OEJPNnhCNXoySW1HNWQ2S1B1CnBXdGhGTFZLVVc2aXl1Qm0wR29Xek5JTUYvWHdmWktuMktmamRWQUJYUzVDTm9yZmJhZ0FkNmtPSGt6WTFHNysKaFJwQ0VuUHRDbEQzci9HYzVvRzc5dC9BdC9QNU5US09QdGg3K2JId29DRUNnZ0VCQUsxbHZFb09Id294S0hIagpRMENhSXpmTXpCTjlUY2ZkQ2tydTN3dFhaSmJGUmVkYmJwbFUya1FHNERFSnlzam5MeUljNmlhYmRzVFJ6MEpNCjBxVS8xaXhZMlh1OVhTU1o5QlBIS0Q0MFl5czR5ejhEQ3N2dlo5SThOODZRV0oxRVlwQlBZOTVOSVBjYTN2UFIKblgvYSs5NVlhZ0FCWTNSdHJhUUtGQUJueEY3dnRwcnh6V0I4MzBVOWhPWGVRV01oRVE3S2RrNk1Td2xYZ2dYeApnNXcxWmJXdnhYWHRZTEo2a1hXdUFHd1MzME8xQ1lrR1Bkd3ZLMnpQcUVUbWZZZjU3amlVek5NRkEyaytiYW5wClZQNzFnNE9jQ3hDbXZ3Y1NWUkpFUFdXNFFXbGFlZUMrK0QxajFOekR4bGVreFYzMVcyRGhvZ3lKZ1RYZUFsZXoKNElKWG40a0NnZ0VCQUp1cGRHbkVjTXg5MldMR1lLRjJzWFVXRE5vbU5MMHIzdTVheE0vdEZFOXNQcjhzZm9CMgpSL2NrWHZhVnp2NXAzNzJYbVBvZDA5bFE2cE4zbmxvOHhLV3AvYjBlUkdUdlJaWitOcFRHNERUR3JJQjN0N0JQCmt5OGNkY2tmOWt1VnZDL2tEKzRSaktIZVJKdElTTmJHL1dlN0poUzNqZ2Mrc0tLTmpMRmQ4MjNvSDkwOUcxUWEKOE1MdzFOdjFUbFRnbzdlMzZpNjdpVUR5N3hrT1pCZFNqazhUY3pDTUZQZzJFcGNtMWwybktpbXAxZUJ5M3pRVgorTllyK2dYdVVJK05FWFA3TXowZnJNemR2ZFVQOTZ4eVdSanh1ZjBzeDE4cmYzNElvKzZNazRtcmswQWhzeE8xCi9aUWdYdThMMzVQbFJuTHNzNENVa0YzOW1GNmprUTlpU1VFQ2dnRUFDeVRPRDlWdWpaT0FSRWE1Z0tmS2RscysKN2s5T1BSUkZ1Y2luRE11U1dWZ2MvQ3hRL28rRzgrT1NwbUg5MllQS3VJUkRTLzZKbXB2cWUyWFpJN0Z5bC8zYwpJN3cyWWdkRVM5OVIvTjNpOUh2Q0VudkFxSTIvcjRiSFZ0SUlhR2MxTm5tclh6azlobDlDeldVODc5cXB0bHB2CjZRTklzOVdlVkhlSmg0dkc2SWx6Nm5iNUxadENqa0ZXQVdIcWNRWTMwN1RnSXcxeDAzM0RXMkt3MUFDUVhXWmMKQS8wMlhJYWNUWmFHM2JNbVJ4M1U4bGduSVZsRXNqbVpZZVVmSTJneTAyYnZkakZjd3RLVVdyQ1RvaEQxYlR5Uwpqd0pQekZXSFE5OWhyUkxzY0lEZGNkZVNsSDg5R09vMm5NNXJzVnRhRmprb3Y4bGZCSjJhNVVERVEzQ2Q1QT09Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==\n","after":" kind: Secret\n metadata:\n creationTimestamp: \"2024-07-05T07:48:29Z\"\n generateName: sealed-secrets-key\n labels:\n sealedsecrets.bitnami.com/sealed-secrets-key: active\n name: sealed-secrets-keydp7k2\n namespace: kube-system\n resourceVe"},"structural_id":"1d846c2374cc26fbc45343177e2839083bb9c878","rule_structural_id":"35bc9170393aecc3777a72fe77e269fc150c91ce","rule_text_id":"np.pem.2","rule_name":"Base64-PEM-Encoded Private Key","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"d7247b31c4416f723e6a0be17096ec5d87f66fa2","rule_name":"Base64-PEM-Encoded Private Key","rule_text_id":"np.pem.2","rule_structural_id":"35bc9170393aecc3777a72fe77e269fc150c91ce","groups":["TFMwdExTMUNSVWRKVGlCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRcE5TVWxLUzJkSlFrRkJTME5CWjBWQmVtUXZNVXhTTkVvMFIycHpjbVowU1V0U2NqVldOV1VyZHpFMU1Tc3ZkRVZTU2xvMVRYUllZMlpLTlhVd2NTdERDbm80VHpCcE9XUkVPV2d3Y21VeFdURnJVMmhLWVVVd1NHeEJUamsyTURFNWFWaGpXbVp5YURNemFFbGxNMGhoU2xoRFVEZGxZVmhUU0RRelN6Uk9MMWNLWW5kclJUWkVjRVp0Y1U5T2VGQnhWVWxwYW1OUmNsSTFXRzFWYUhoaFVtNHZVbGcxUTI1NFRXeEtTV1prY21aeVpuUnhWMjFIWVZGNk1YWldhVWhJWndwWU5sTjVkSEZQTjBrd2RGcG1ZemRLVGtWclZVUXdObVJTTTJkTmJrWmpiRFUxVTNWUWMycGxWakkyTUZwQlVYb3lkR1JDTWxkd2F5OWlUR1EyYldkUENsaERRbXhRVWxKb2EyMHJhRk5aWlRSVVNYbGhZVWQwUlVSVlZUQnBkRkV3VlZnNVZrVnhaM1kyYWxaeVlsaElla2hVTVZSU2QxRjZPRlZCYmtoV1UxY0tlV3BaWTJSeVpqUnNhVkJIZFVSSVdsUTVaa1JvVlVwaEwyaHNUbEZuWkZWeVExcFpVMmxGU1ZONFVVOVVWVlZwUjBocmVHSjRVSE15VVVodVZ6ZFNWUXBQVEdSVlZVNHdVVnBwVG5sb2FFSnpWMHN5Vm1sdk1uSmhWRVkwZG5GdFRXd3pNRTlIVEhocVRXbzVaMFV2VjA5U1ZXMHlUSGRVUVVGR1pXWllUSFIyQ2xjNU1rNVdNRzFhTUdWNGRVOW9ibUV2WW1kWVNXMUNPR1JZZG5RNWVtcDRUV0U0YUVWV1VYZHFaemxIVW14NVUzRlNWR3BQV2xGdGVraElUbU5hUzNnS1dteDNjbGhwV1ZGS1NFWkRSbEpOZFd0a1dqUXZiVTltY2pCSVRVWXlMMlF2UlU5VldYaHdUVXRoYzAxRWN6aHBjWGwyWjNsYUsxaHNORlppZWtKV2NBcEtlbWxrT0dONU5rMUNOMDlGZVdkNmRrdDZZMVZUWkhOUFQzQjVlREppYW14QlkzWXplRE5pTXpSWU1IUnJkMkpEY1hsd1UxcFNZVlZYT0RkeFlXZE9DbmhwU2l0c2RqY3pWREJCWkRKUVpGZFFVa2RDYXk5clRWWXpaSFI0V1dnelFrc3daVk5CVkM5UlV6ZFZWalJpWjNOcFRYSnZja2xGTjFOalEwRjNSVUVLUVZGTFEwRm5SVUY0ZDI5TldIZGtXVzk1WVhWR1NFMUtlUzkyZUV4NlpHUlVhMDVKVEVWek9FMUdaVTloTlVOS056Z3lORGxYWVUxUlRsSkVMMHROZEFwaFNXWkNTSGxuTURrNVkwMVRXazlZYWxGc2JrNTRVV1pHT0ZWWE1rRllLMnhoZGs1UVNGazFlazlTV1RNM05YRnFUMnR2VTFGeUwzQlVRVU5HTkdOdENpOW9LemhGT0VoNllqWmplbVJEV2tvMVVFa3ZiVmhoWlhSMlowVlpOV1pUTjJoNmNqUkljRzFoY1d4dmVWbFVNelJvU1RKUGQyeHNNVkJLUm1WblEwa0tSRGxLYzJabk5YSlNiWEZWZHpCMlRrVlhha2RSUjNsa1JDc3dWMGhWZEZWamVFWnlkeTl4ZDBzMVlreGhhV3BNTlU0clIxZ3pZMnN3ZG5KaVFtaGtjZ3BWWjJ0ek1WRnpja3R2T0ZKU1dIcFlUMVZGT0ZWRVFtcFBTblY2YjNselNqQkNVeTltVUhWaVFWSjZiVWsxVjNwd2FqTlJNSHBIVWpZMFVYWk9jbEZqQ2pKUlRsUjJOR054VVRKQmJDOTJUWFJTT1dOell6TmlhemRPTjFKdldGZHNTMmwzZG5aM1kzWlJhVU5KV0dRMVZTdDRSRU5PYUVnMFIxQkdUa1ozVmtRS1RIbFNkVmxpU1ZneFVrNUxlRlJsUkROMVRIcDNkVkZ1UzNVdlprSmtjR281ZUdrMU1FSTNhMVl3ZWpGNGNGWXZNa0ZQVEZOSlpqZ3pWVzlyUlhwYVZncDBVSEYzYjNFeVJsRnZTMlFyUzBGRlJuSnJVWEpwTjA5TU0wbG1SazFCVVVaa1ZFRmhhemd5TTJaeVExVktWemx3ZVZCd2FsWjFXazlTTTIxd1YyaFdDbVI0VUhSSGNsbDNMM0ZYYTJ4SFJXeFVjRWcxUmtrdlRrcEtSR05PUlhodVMyVmxNbkZGZUV3dmNYcEVSM3B3UTNGaGFua3hWMGRuUVZCalJtdEdiM0lLVkdkRVF6VlJOM3A1UW1jNFRIUk5PR0ZHYzJocGNtWXJla1YzVkRreFlTdFZRaXRXUzBNeGNUWnJZV2hJUjFSS1dWVjVUMVpDU1Zsak1IQlBVSGhHYkFwTU5HcG9XbkpaVEdsclNrMUZiMjU0YVhsRGVtSmlNRGs0VHpFclNDdEtNVUl3UVhrellsWkhVRlZoYUdWRlRqVk5lbXREWjJkRlFrRlBhWGx4Vlc4eENtTktSMXBVS3pKTVNYZ3piVkVyVkVKemFUSm9NV3hhYUhWcldtRXpTbXRuVTFSaVprcEpLMmxLUkVkVFRYUmtPVXQyVlc1VkswcEpSRXRrUmtSV1JUa0tjbXBNZVZRNVJuTjRRVk42ZW5Od1JFaFVlREl6WVU5UWJsazBaWGxZY1RCTk1tVnFhRnAyUmk4MlUwZHlOUzhyYWtWdGRsaEJiRzVCVEd4cVRYQkRSUXBUWVZKdGIxaHVTMEZ0VW01bFdHeE9VbU0zWVhKS1YxSmFRa2RTZFhwTFVUaFllV3Q0TlhRNGJ5OVFSamgzUlZKMGFXa3lTQzg1UlM5WVNHdEhUQ3RTQ2tSdVdrVlhNV2h5YVhkaVRHWldkRVpSVVU1SWJqZDFja1FyYlcxWFVtbExWRmhGTHpOTlZESkNZMlJXVFRWSUsxTlNMemhHTkhkVFpFMXJSVlZzWW1vS2NsWllhR1ZXZG1GWFZGQk5Ra0ZFY1VsUmQzVlVWVU54ZDA1U1NtMVRPRXd3UVZaVVVXRktXak5sUjFCcGRFNHJiM0F6U3k5SmFWVnJNMUZPZUROdlpRcFZNVE01WmxoQ09XbE5PWFI1TTAxRFoyZEZRa0ZQU2pseVEybGFMMFZtYjBaUFYweHJTRUZrUVVNNFZubGtWRGxhZEVwTWExUXpkVVJzVEZsWmJrdERDazV3UzNoaFEzTjFhR2RNTVd0a1NqZ3plRmN4YWpCa1kwMUtXamd4VlUwNVYyOUNZamRNUTJoQ1NGaGxXRTlPY21oclVrdzJjazFhTjBKRk9HNHJaVGtLVVRsSmRYcGpOWEUwUVdkc2NFZElZVVYwVmtOWlRqSlFkSFZDVG1abFkxbG9ZWGxRVW1RMWRsQnljalIxVEZGa2FuUjJXblkxVWl0Q2J6ZFpPVEZOZEFwNWMxUjBSa3RvUmxvd2RXdGtXVUZXTVdORU5IY3pUM1Z3TVZOQmRDdG9NMEl4Ym5wSVoycEhiREo1ZVNzclFWSXdWMjlDWVZCRVJtZzBVekZLVWpaMENsTlRSR012Ukd0M1VqRnBjVmxyYlZGcmMxTllZVzVGVW5WSlpIWnFSRU5VVDFadWJ6Uk1kUzlVUzBOT2RGUnhURUozZG5BelptUk5PR2RGSzNCR1lrOEtSa3Q2UkRCd1pXUlRObXBpV2psbFdsUmtlSGRHV1VnNFprbDVhMlZVVlhreWRIQTNhRlZFWW10dU1FTm5aMFZDUVV4V1EyaHNRa0k1Umk5WFJuTmhid3AyVlVGTVNVSlFVRTVsV1VwNlNsbGFTbWx4Y20xSE4waEZXVVJ0Y2s5dlpHMVRabk5DUTB0TVdUWjZNMW8wV1RaTVdFVlhablJ6Y25WelowRnlSMEZ5Q2pSNmVuVmxNRkpsY0hsV01GTm5NbWRVTVVKdVpIWmFXRGRFY25ONU5sTmtlRkppTlhVeFFtSjZhR1ZRZFRWbGRsaHZZMHRYUm1KMVZsSmlNSGQzTDBZS1dtSjFhMUp4UmxGeFprbEtjMHR2U2xOUVVFOXRkekF5YW05V1ZFeG9SbGROTjJkMVJqWTFZbWcxVDBzeWNqTlViR05FYW5SemRIbFRUblZxVURaNFR3cHBWWFJRY3pKUmJsQkJPRGNyV21OTlJubGpaalYzVFZGeFIxcDRTWEF4YVV4MmIyOTVhbFZOTmxKVk4wZ3pVME0wSzIwMWNtaElNRFZCTm1wNFp6ZG5DblJPT1N0TGFHY3dVMGN6WlcweGNXMUtMMHN4UzJSbVZqQmpTakJMWjI4elEyNXJjbWRUTldneFNGbHdjV3BGVWpKNFNuQnpWbkpWZVVsbVRXSTJkbmtLWmxkR2JUSjZWVU5uWjBWQ1FVNUxTRXR3TTJFNVMzZExVMFpLVDJSdldXZEVkVzB4WjFKVFoweDRSazhyVFZSMVNWSmFWVEpNTTBReEswcHVWVmxNUXdwRVowNHlURWxRVWxkeVVXUlFaaXRCTjBKRlYwaEZORk5ITm5WM2VITlJkMEkyZEdka1JYUlplVlZrTW05alV6RldZamt6T0U1T1EwWkhZWE0xZEZReUNtUjVVbUpwVURoRU5pOXRZbG81Y2t4SFduaEtjVGQ0UTBOUk9ISmFha054YVRBM1ZXNTVkV1JTWjNWS2VtaEVSRlJIYXk5MVJGaDZTRTFaVERobFYzY0tSR0ZKT0ZSd1VYVjBOMEpYUXpabVpVMTBMMVJtYURsNFpFd3phSGhKY3pOMll6RnRWMk5aWjBOa05WWlVVM2g0UkRsVlJscEhiWFJtV1c4d2JqWmhkd292T0VOc1RVSk9aR1JYSzFSd00yUlBiRFEwWXpJNWVsUklURFE0VURWdFJUWnFPV0pQV21kbVdIWTVkRGxqZEVsR1RFOW1aa3hpVEdaSFFsTTNZeTlOQ21kSFYwY3ZTRVpzY1ZGQk9Hd3lSbkZTYjA5ak5YRllVMnBoWjBWd1VYQjVhbmxyUTJkblJVRldObTVvWm1aRGMwcE5URmxpYUdKbGJIVk9NMGg1TjJrS1lYRjNkR0p3TVZwd1ExZzRXV3R2TUVrM1ZXRllVRnBaU1Vkc1YxRllWRFZsUWpCdWJIQlRXVlZMVVcxak9HOXBVa1ZvTjNoRWIwNXlSRnBCY21WeGVBcFJaREJVVG1sdVdrZFZaR3Q1VXpKTFdUUk1ibGsyWTB0aldYUmFUamh0UkM5cFFtTTJOV2RtU0dvNU1saFJUV0pSZUZrMWRUQXdWMFZKT1VOUmVGUXpDalpoVlVwS2REQm1abGRqU2pscloydHlVR0pFVTJ4UUwxaDJVbEJ0Y1dKRVVEZEVObkV6TUhBdk5VdzNZbXBrWnpKT1ZIWTRTMWxzTWpsV1p6SnRTSGtLT0VsemEybEVVRFZKUjJwUE5Fd3dOMmhVYTNSNE1sSTVTV0pQYUdNellrbDZiVW9yUTA0MFVGVlVhMFY2WW5kbVNVTjRTVkJOTlRsMVYyTlNTbk5ZYkFwalMwMXJWVXRWV1RGR1MzWTJSQ3QzTURsc1UwWlBRMHRWSzNRMmFsSmxWV0ptVnk5eGF6VkNiMVpvTW05RFNXeHhZMGxYYWtaRlJYQlBOMlZTVVQwOUNpMHRMUzB0UlU1RUlGSlRRU0JRVWtsV1FWUkZJRXRGV1MwdExTMHRDZz09"],"num_matches":2,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"2fc4236dfb6df4549e96cbf1b9e6bb15940f25da","committer_name":"GitHub","committer_email":"noreply@github.com","committer_timestamp":"1719145094 +0000","author_name":"pre-commit-ci-lite[bot]","author_email":"117423508+pre-commit-ci-lite[bot]@users.noreply.github.com","author_timestamp":"1719145094 +0000","message":"[pre-commit.ci lite] apply automatic fixes"},"blob_path":"private.pem"}}],"blob_metadata":{"id":"1bee033606a82c8b855f955063fc1b13a4201c1c","num_bytes":4333,"mime_essence":"application/x-x509-ca-cert","charset":null},"blob_id":"1bee033606a82c8b855f955063fc1b13a4201c1c","location":{"offset_span":{"start":0,"end":4333},"source_span":{"start":{"line":1,"column":1},"end":{"line":2,"column":0}}},"groups":["TFMwdExTMUNSVWRKVGlCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRcE5TVWxLUzJkSlFrRkJTME5CWjBWQmVtUXZNVXhTTkVvMFIycHpjbVowU1V0U2NqVldOV1VyZHpFMU1Tc3ZkRVZTU2xvMVRYUllZMlpLTlhVd2NTdERDbm80VHpCcE9XUkVPV2d3Y21VeFdURnJVMmhLWVVVd1NHeEJUamsyTURFNWFWaGpXbVp5YURNemFFbGxNMGhoU2xoRFVEZGxZVmhUU0RRelN6Uk9MMWNLWW5kclJUWkVjRVp0Y1U5T2VGQnhWVWxwYW1OUmNsSTFXRzFWYUhoaFVtNHZVbGcxUTI1NFRXeEtTV1prY21aeVpuUnhWMjFIWVZGNk1YWldhVWhJWndwWU5sTjVkSEZQTjBrd2RGcG1ZemRLVGtWclZVUXdObVJTTTJkTmJrWmpiRFUxVTNWUWMycGxWakkyTUZwQlVYb3lkR1JDTWxkd2F5OWlUR1EyYldkUENsaERRbXhRVWxKb2EyMHJhRk5aWlRSVVNYbGhZVWQwUlVSVlZUQnBkRkV3VlZnNVZrVnhaM1kyYWxaeVlsaElla2hVTVZSU2QxRjZPRlZCYmtoV1UxY0tlV3BaWTJSeVpqUnNhVkJIZFVSSVdsUTVaa1JvVlVwaEwyaHNUbEZuWkZWeVExcFpVMmxGU1ZONFVVOVVWVlZwUjBocmVHSjRVSE15VVVodVZ6ZFNWUXBQVEdSVlZVNHdVVnBwVG5sb2FFSnpWMHN5Vm1sdk1uSmhWRVkwZG5GdFRXd3pNRTlIVEhocVRXbzVaMFV2VjA5U1ZXMHlUSGRVUVVGR1pXWllUSFIyQ2xjNU1rNVdNRzFhTUdWNGRVOW9ibUV2WW1kWVNXMUNPR1JZZG5RNWVtcDRUV0U0YUVWV1VYZHFaemxIVW14NVUzRlNWR3BQV2xGdGVraElUbU5hUzNnS1dteDNjbGhwV1ZGS1NFWkRSbEpOZFd0a1dqUXZiVTltY2pCSVRVWXlMMlF2UlU5VldYaHdUVXRoYzAxRWN6aHBjWGwyWjNsYUsxaHNORlppZWtKV2NBcEtlbWxrT0dONU5rMUNOMDlGZVdkNmRrdDZZMVZUWkhOUFQzQjVlREppYW14QlkzWXplRE5pTXpSWU1IUnJkMkpEY1hsd1UxcFNZVlZYT0RkeFlXZE9DbmhwU2l0c2RqY3pWREJCWkRKUVpGZFFVa2RDYXk5clRWWXpaSFI0V1dnelFrc3daVk5CVkM5UlV6ZFZWalJpWjNOcFRYSnZja2xGTjFOalEwRjNSVUVLUVZGTFEwRm5SVUY0ZDI5TldIZGtXVzk1WVhWR1NFMUtlUzkyZUV4NlpHUlVhMDVKVEVWek9FMUdaVTloTlVOS056Z3lORGxYWVUxUlRsSkVMMHROZEFwaFNXWkNTSGxuTURrNVkwMVRXazlZYWxGc2JrNTRVV1pHT0ZWWE1rRllLMnhoZGs1UVNGazFlazlTV1RNM05YRnFUMnR2VTFGeUwzQlVRVU5HTkdOdENpOW9LemhGT0VoNllqWmplbVJEV2tvMVVFa3ZiVmhoWlhSMlowVlpOV1pUTjJoNmNqUkljRzFoY1d4dmVWbFVNelJvU1RKUGQyeHNNVkJLUm1WblEwa0tSRGxLYzJabk5YSlNiWEZWZHpCMlRrVlhha2RSUjNsa1JDc3dWMGhWZEZWamVFWnlkeTl4ZDBzMVlreGhhV3BNTlU0clIxZ3pZMnN3ZG5KaVFtaGtjZ3BWWjJ0ek1WRnpja3R2T0ZKU1dIcFlUMVZGT0ZWRVFtcFBTblY2YjNselNqQkNVeTltVUhWaVFWSjZiVWsxVjNwd2FqTlJNSHBIVWpZMFVYWk9jbEZqQ2pKUlRsUjJOR054VVRKQmJDOTJUWFJTT1dOell6TmlhemRPTjFKdldGZHNTMmwzZG5aM1kzWlJhVU5KV0dRMVZTdDRSRU5PYUVnMFIxQkdUa1ozVmtRS1RIbFNkVmxpU1ZneFVrNUxlRlJsUkROMVRIcDNkVkZ1UzNVdlprSmtjR281ZUdrMU1FSTNhMVl3ZWpGNGNGWXZNa0ZQVEZOSlpqZ3pWVzlyUlhwYVZncDBVSEYzYjNFeVJsRnZTMlFyUzBGRlJuSnJVWEpwTjA5TU0wbG1SazFCVVVaa1ZFRmhhemd5TTJaeVExVktWemx3ZVZCd2FsWjFXazlTTTIxd1YyaFdDbVI0VUhSSGNsbDNMM0ZYYTJ4SFJXeFVjRWcxUmtrdlRrcEtSR05PUlhodVMyVmxNbkZGZUV3dmNYcEVSM3B3UTNGaGFua3hWMGRuUVZCalJtdEdiM0lLVkdkRVF6VlJOM3A1UW1jNFRIUk5PR0ZHYzJocGNtWXJla1YzVkRreFlTdFZRaXRXUzBNeGNUWnJZV2hJUjFSS1dWVjVUMVpDU1Zsak1IQlBVSGhHYkFwTU5HcG9XbkpaVEdsclNrMUZiMjU0YVhsRGVtSmlNRGs0VHpFclNDdEtNVUl3UVhrellsWkhVRlZoYUdWRlRqVk5lbXREWjJkRlFrRlBhWGx4Vlc4eENtTktSMXBVS3pKTVNYZ3piVkVyVkVKemFUSm9NV3hhYUhWcldtRXpTbXRuVTFSaVprcEpLMmxLUkVkVFRYUmtPVXQyVlc1VkswcEpSRXRrUmtSV1JUa0tjbXBNZVZRNVJuTjRRVk42ZW5Od1JFaFVlREl6WVU5UWJsazBaWGxZY1RCTk1tVnFhRnAyUmk4MlUwZHlOUzhyYWtWdGRsaEJiRzVCVEd4cVRYQkRSUXBUWVZKdGIxaHVTMEZ0VW01bFdHeE9VbU0zWVhKS1YxSmFRa2RTZFhwTFVUaFllV3Q0TlhRNGJ5OVFSamgzUlZKMGFXa3lTQzg1UlM5WVNHdEhUQ3RTQ2tSdVdrVlhNV2h5YVhkaVRHWldkRVpSVVU1SWJqZDFja1FyYlcxWFVtbExWRmhGTHpOTlZESkNZMlJXVFRWSUsxTlNMemhHTkhkVFpFMXJSVlZzWW1vS2NsWllhR1ZXZG1GWFZGQk5Ra0ZFY1VsUmQzVlVWVU54ZDA1U1NtMVRPRXd3UVZaVVVXRktXak5sUjFCcGRFNHJiM0F6U3k5SmFWVnJNMUZPZUROdlpRcFZNVE01WmxoQ09XbE5PWFI1TTAxRFoyZEZRa0ZQU2pseVEybGFMMFZtYjBaUFYweHJTRUZrUVVNNFZubGtWRGxhZEVwTWExUXpkVVJzVEZsWmJrdERDazV3UzNoaFEzTjFhR2RNTVd0a1NqZ3plRmN4YWpCa1kwMUtXamd4VlUwNVYyOUNZamRNUTJoQ1NGaGxXRTlPY21oclVrdzJjazFhTjBKRk9HNHJaVGtLVVRsSmRYcGpOWEUwUVdkc2NFZElZVVYwVmtOWlRqSlFkSFZDVG1abFkxbG9ZWGxRVW1RMWRsQnljalIxVEZGa2FuUjJXblkxVWl0Q2J6ZFpPVEZOZEFwNWMxUjBSa3RvUmxvd2RXdGtXVUZXTVdORU5IY3pUM1Z3TVZOQmRDdG9NMEl4Ym5wSVoycEhiREo1ZVNzclFWSXdWMjlDWVZCRVJtZzBVekZLVWpaMENsTlRSR012Ukd0M1VqRnBjVmxyYlZGcmMxTllZVzVGVW5WSlpIWnFSRU5VVDFadWJ6Uk1kUzlVUzBOT2RGUnhURUozZG5BelptUk5PR2RGSzNCR1lrOEtSa3Q2UkRCd1pXUlRObXBpV2psbFdsUmtlSGRHV1VnNFprbDVhMlZVVlhreWRIQTNhRlZFWW10dU1FTm5aMFZDUVV4V1EyaHNRa0k1Umk5WFJuTmhid3AyVlVGTVNVSlFVRTVsV1VwNlNsbGFTbWx4Y20xSE4waEZXVVJ0Y2s5dlpHMVRabk5DUTB0TVdUWjZNMW8wV1RaTVdFVlhablJ6Y25WelowRnlSMEZ5Q2pSNmVuVmxNRkpsY0hsV01GTm5NbWRVTVVKdVpIWmFXRGRFY25ONU5sTmtlRkppTlhVeFFtSjZhR1ZRZFRWbGRsaHZZMHRYUm1KMVZsSmlNSGQzTDBZS1dtSjFhMUp4UmxGeFprbEtjMHR2U2xOUVVFOXRkekF5YW05V1ZFeG9SbGROTjJkMVJqWTFZbWcxVDBzeWNqTlViR05FYW5SemRIbFRUblZxVURaNFR3cHBWWFJRY3pKUmJsQkJPRGNyV21OTlJubGpaalYzVFZGeFIxcDRTWEF4YVV4MmIyOTVhbFZOTmxKVk4wZ3pVME0wSzIwMWNtaElNRFZCTm1wNFp6ZG5DblJPT1N0TGFHY3dVMGN6WlcweGNXMUtMMHN4UzJSbVZqQmpTakJMWjI4elEyNXJjbWRUTldneFNGbHdjV3BGVWpKNFNuQnpWbkpWZVVsbVRXSTJkbmtLWmxkR2JUSjZWVU5uWjBWQ1FVNUxTRXR3TTJFNVMzZExVMFpLVDJSdldXZEVkVzB4WjFKVFoweDRSazhyVFZSMVNWSmFWVEpNTTBReEswcHVWVmxNUXdwRVowNHlURWxRVWxkeVVXUlFaaXRCTjBKRlYwaEZORk5ITm5WM2VITlJkMEkyZEdka1JYUlplVlZrTW05alV6RldZamt6T0U1T1EwWkhZWE0xZEZReUNtUjVVbUpwVURoRU5pOXRZbG81Y2t4SFduaEtjVGQ0UTBOUk9ISmFha054YVRBM1ZXNTVkV1JTWjNWS2VtaEVSRlJIYXk5MVJGaDZTRTFaVERobFYzY0tSR0ZKT0ZSd1VYVjBOMEpYUXpabVpVMTBMMVJtYURsNFpFd3phSGhKY3pOMll6RnRWMk5aWjBOa05WWlVVM2g0UkRsVlJscEhiWFJtV1c4d2JqWmhkd292T0VOc1RVSk9aR1JYSzFSd00yUlBiRFEwWXpJNWVsUklURFE0VURWdFJUWnFPV0pQV21kbVdIWTVkRGxqZEVsR1RFOW1aa3hpVEdaSFFsTTNZeTlOQ21kSFYwY3ZTRVpzY1ZGQk9Hd3lSbkZTYjA5ak5YRllVMnBoWjBWd1VYQjVhbmxyUTJkblJVRldObTVvWm1aRGMwcE5URmxpYUdKbGJIVk9NMGg1TjJrS1lYRjNkR0p3TVZwd1ExZzRXV3R2TUVrM1ZXRllVRnBaU1Vkc1YxRllWRFZsUWpCdWJIQlRXVlZMVVcxak9HOXBVa1ZvTjNoRWIwNXlSRnBCY21WeGVBcFJaREJVVG1sdVdrZFZaR3Q1VXpKTFdUUk1ibGsyWTB0aldYUmFUamh0UkM5cFFtTTJOV2RtU0dvNU1saFJUV0pSZUZrMWRUQXdWMFZKT1VOUmVGUXpDalpoVlVwS2REQm1abGRqU2pscloydHlVR0pFVTJ4UUwxaDJVbEJ0Y1dKRVVEZEVObkV6TUhBdk5VdzNZbXBrWnpKT1ZIWTRTMWxzTWpsV1p6SnRTSGtLT0VsemEybEVVRFZKUjJwUE5Fd3dOMmhVYTNSNE1sSTVTV0pQYUdNellrbDZiVW9yUTA0MFVGVlVhMFY2WW5kbVNVTjRTVkJOTlRsMVYyTlNTbk5ZYkFwalMwMXJWVXRWV1RGR1MzWTJSQ3QzTURsc1UwWlBRMHRWSzNRMmFsSmxWV0ptVnk5eGF6VkNiMVpvTW05RFNXeHhZMGxYYWtaRlJYQlBOMlZTVVQwOUNpMHRMUzB0UlU1RUlGSlRRU0JRVWtsV1FWUkZJRXRGV1MwdExTMHRDZz09"],"snippet":{"before":"","matching":"LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS2dJQkFBS0NBZ0VBemQvMUxSNEo0R2pzcmZ0SUtScjVWNWUrdzE1MSsvdEVSSlo1TXRYY2ZKNXUwcStDCno4TzBpOWREOWgwcmUxWTFrU2hKYUUwSGxBTjk2MDE5aVhjWmZyaDMzaEllM0hhSlhDUDdlYVhTSDQzSzROL1cKYndrRTZEcEZtcU9OeFBxVUlpamNRclI1WG1VaHhhUm4vUlg1Q254TWxKSWZkcmZyZnRxV21HYVF6MXZWaUhIZwpYNlN5dHFPN0kwdFpmYzdKTkVrVUQwNmRSM2dNbkZjbDU1U3VQc2plVjI2MFpBUXoydGRCMldway9iTGQ2bWdPClhDQmxQUlJoa20raFNZZTRUSXlhYUd0RURVVTBpdFEwVVg5VkVxZ3Y2alZyYlhIekhUMVRSd1F6OFVBbkhWU1cKeWpZY2RyZjRsaVBHdURIWlQ5ZkRoVUphL2hsTlFnZFVyQ1pZU2lFSVN4UU9UVVVpR0hreGJ4UHMyUUhuVzdSVQpPTGRVVU4wUVppTnloaEJzV0syVmlvMnJhVEY0dnFtTWwzME9HTHhqTWo5Z0UvV09SVW0yTHdUQUFGZWZYTHR2Clc5Mk5WMG1aMGV4dU9obmEvYmdYSW1COGRYdnQ5emp4TWE4aEVWUXdqZzlHUmx5U3FSVGpPWlFtekhITmNaS3gKWmx3clhpWVFKSEZDRlJNdWtkWjQvbU9mcjBITUYyL2QvRU9VWXhwTUthc01EczhpcXl2Z3laK1hsNFZiekJWcApKemlkOGN5Nk1CN09FeWd6dkt6Y1VTZHNPT3B5eDJiamxBY3YzeDNiMzRYMHRrd2JDcXlwU1pSYVVXODdxYWdOCnhpSitsdjczVDBBZDJQZFdQUkdCay9rTVYzZHR4WWgzQkswZVNBVC9RUzdVVjRiZ3NpTXJvcklFN1NjQ0F3RUEKQVFLQ0FnRUF4d29NWHdkWW95YXVGSE1KeS92eEx6ZGRUa05JTEVzOE1GZU9hNUNKNzgyNDlXYU1RTlJEL0tNdAphSWZCSHlnMDk5Y01TWk9YalFsbk54UWZGOFVXMkFYK2xhdk5QSFk1ek9SWTM3NXFqT2tvU1FyL3BUQUNGNGNtCi9oKzhFOEh6YjZjemRDWko1UEkvbVhhZXR2Z0VZNWZTN2h6cjRIcG1hcWxveVlUMzRoSTJPd2xsMVBKRmVnQ0kKRDlKc2ZnNXJSbXFVdzB2TkVXakdRR3lkRCswV0hVdFVjeEZydy9xd0s1YkxhaWpMNU4rR1gzY2swdnJiQmhkcgpVZ2tzMVFzcktvOFJSWHpYT1VFOFVEQmpPSnV6b3lzSjBCUy9mUHViQVJ6bUk1V3pwajNRMHpHUjY0UXZOclFjCjJRTlR2NGNxUTJBbC92TXRSOWNzYzNiazdON1JvWFdsS2l3dnZ3Y3ZRaUNJWGQ1VSt4RENOaEg0R1BGTkZ3VkQKTHlSdVliSVgxUk5LeFRlRDN1THp3dVFuS3UvZkJkcGo5eGk1MEI3a1YwejF4cFYvMkFPTFNJZjgzVW9rRXpaVgp0UHF3b3EyRlFvS2QrS0FFRnJrUXJpN09MM0lmRk1BUUZkVEFhazgyM2ZyQ1VKVzlweVBwalZ1Wk9SM21wV2hWCmR4UHRHcll3L3FXa2xHRWxUcEg1RkkvTkpKRGNORXhuS2VlMnFFeEwvcXpER3pwQ3FhankxV0dnQVBjRmtGb3IKVGdEQzVRN3p5Qmc4THRNOGFGc2hpcmYrekV3VDkxYStVQitWS0MxcTZrYWhIR1RKWVV5T1ZCSVljMHBPUHhGbApMNGpoWnJZTGlrSk1Fb254aXlDemJiMDk4TzErSCtKMUIwQXkzYlZHUFVhaGVFTjVNemtDZ2dFQkFPaXlxVW8xCmNKR1pUKzJMSXgzbVErVEJzaTJoMWxaaHVrWmEzSmtnU1RiZkpJK2lKREdTTXRkOUt2VW5VK0pJREtkRkRWRTkKcmpMeVQ5RnN4QVN6enNwREhUeDIzYU9Qblk0ZXlYcTBNMmVqaFp2Ri82U0dyNS8rakVtdlhBbG5BTGxqTXBDRQpTYVJtb1huS0FtUm5lWGxOUmM3YXJKV1JaQkdSdXpLUThYeWt4NXQ4by9QRjh3RVJ0aWkySC85RS9YSGtHTCtSCkRuWkVXMWhyaXdiTGZWdEZRUU5Ibjd1ckQrbW1XUmlLVFhFLzNNVDJCY2RWTTVIK1NSLzhGNHdTZE1rRVVsYmoKclZYaGVWdmFXVFBNQkFEcUlRd3VUVUNxd05SSm1TOEwwQVZUUWFKWjNlR1BpdE4rb3AzSy9JaVVrM1FOeDNvZQpVMTM5ZlhCOWlNOXR5M01DZ2dFQkFPSjlyQ2laL0Vmb0ZPV0xrSEFkQUM4VnlkVDladEpMa1QzdURsTFlZbktDCk5wS3hhQ3N1aGdMMWtkSjgzeFcxajBkY01KWjgxVU05V29CYjdMQ2hCSFhlWE9OcmhrUkw2ck1aN0JFOG4rZTkKUTlJdXpjNXE0QWdscEdIYUV0VkNZTjJQdHVCTmZlY1loYXlQUmQ1dlBycjR1TFFkanR2WnY1UitCbzdZOTFNdAp5c1R0RktoRlowdWtkWUFWMWNENHczT3VwMVNBdCtoM0IxbnpIZ2pHbDJ5eSsrQVIwV29CYVBERmg0UzFKUjZ0ClNTRGMvRGt3UjFpcVlrbVFrc1NYYW5FUnVJZHZqRENUT1ZubzRMdS9US0NOdFRxTEJ3dnAzZmRNOGdFK3BGYk8KRkt6RDBwZWRTNmpiWjllWlRkeHdGWUg4Zkl5a2VUVXkydHA3aFVEYmtuMENnZ0VCQUxWQ2hsQkI5Ri9XRnNhbwp2VUFMSUJQUE5lWUp6SllaSmlxcm1HN0hFWURtck9vZG1TZnNCQ0tMWTZ6M1o0WTZMWEVXZnRzcnVzZ0FyR0FyCjR6enVlMFJlcHlWMFNnMmdUMUJuZHZaWDdEcnN5NlNkeFJiNXUxQmJ6aGVQdTVldlhvY0tXRmJ1VlJiMHd3L0YKWmJ1a1JxRlFxZklKc0tvSlNQUE9tdzAyam9WVExoRldNN2d1RjY1Ymg1T0sycjNUbGNEanRzdHlTTnVqUDZ4TwppVXRQczJRblBBODcrWmNNRnljZjV3TVFxR1p4SXAxaUx2b295alVNNlJVN0gzU0M0K201cmhIMDVBNmp4ZzdnCnROOStLaGcwU0czZW0xcW1KL0sxS2RmVjBjSjBLZ28zQ25rcmdTNWgxSFlwcWpFUjJ4SnBzVnJVeUlmTWI2dnkKZldGbTJ6VUNnZ0VCQU5LSEtwM2E5S3dLU0ZKT2RvWWdEdW0xZ1JTZ0x4Rk8rTVR1SVJaVTJMM0QxK0puVVlMQwpEZ04yTElQUldyUWRQZitBN0JFV0hFNFNHNnV3eHNRd0I2dGdkRXRZeVVkMm9jUzFWYjkzOE5OQ0ZHYXM1dFQyCmR5UmJpUDhENi9tYlo5ckxHWnhKcTd4Q0NROHJaakNxaTA3VW55dWRSZ3VKemhERFRHay91RFh6SE1ZTDhlV3cKRGFJOFRwUXV0N0JXQzZmZU10L1RmaDl4ZEwzaHhJczN2YzFtV2NZZ0NkNVZUU3h4RDlVRlpHbXRmWW8wbjZhdwovOENsTUJOZGRXK1RwM2RPbDQ0YzI5elRITDQ4UDVtRTZqOWJPWmdmWHY5dDljdElGTE9mZkxiTGZHQlM3Yy9NCmdHV0cvSEZscVFBOGwyRnFSb09jNXFYU2phZ0VwUXB5anlrQ2dnRUFWNm5oZmZDc0pNTFliaGJlbHVOM0h5N2kKYXF3dGJwMVpwQ1g4WWtvMEk3VWFYUFpZSUdsV1FYVDVlQjBubHBTWVVLUW1jOG9pUkVoN3hEb05yRFpBcmVxeApRZDBUTmluWkdVZGt5UzJLWTRMblk2Y0tjWXRaTjhtRC9pQmM2NWdmSGo5MlhRTWJReFk1dTAwV0VJOUNReFQzCjZhVUpKdDBmZldjSjlrZ2tyUGJEU2xQL1h2UlBtcWJEUDdENnEzMHAvNUw3YmpkZzJOVHY4S1lsMjlWZzJtSHkKOElza2lEUDVJR2pPNEwwN2hUa3R4MlI5SWJPaGMzYkl6bUorQ040UFVUa0V6YndmSUN4SVBNNTl1V2NSSnNYbApjS01rVUtVWTFGS3Y2RCt3MDlsU0ZPQ0tVK3Q2alJlVWJmVy9xazVCb1ZoMm9DSWxxY0lXakZFRXBPN2VSUT09Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==\n","after":""},"structural_id":"f86197cd3407d2a2a83d2b0df6e30148805d1f08","rule_structural_id":"35bc9170393aecc3777a72fe77e269fc150c91ce","rule_text_id":"np.pem.2","rule_name":"Base64-PEM-Encoded Private Key","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"a5600f242eceb1073c316b8aef79623663797c3c","committer_name":"Shubham-Patel07","committer_email":"shubham.patel.btech2020@sitpune.edu.in","committer_timestamp":"1719045275 +0530","author_name":"Shubham-Patel07","author_email":"shubham.patel.btech2020@sitpune.edu.in","author_timestamp":"1719045275 +0530","message":"Fix: Deleted unnecessary files and fixed issue\n"},"blob_path":"private.pem"}}],"blob_metadata":{"id":"2859736cb09feae89bd924156c045e22719d0c8e","num_bytes":4332,"mime_essence":"application/x-x509-ca-cert","charset":null},"blob_id":"2859736cb09feae89bd924156c045e22719d0c8e","location":{"offset_span":{"start":0,"end":4332},"source_span":{"start":{"line":1,"column":1},"end":{"line":1,"column":4332}}},"groups":["TFMwdExTMUNSVWRKVGlCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRcE5TVWxLUzJkSlFrRkJTME5CWjBWQmVtUXZNVXhTTkVvMFIycHpjbVowU1V0U2NqVldOV1VyZHpFMU1Tc3ZkRVZTU2xvMVRYUllZMlpLTlhVd2NTdERDbm80VHpCcE9XUkVPV2d3Y21VeFdURnJVMmhLWVVVd1NHeEJUamsyTURFNWFWaGpXbVp5YURNemFFbGxNMGhoU2xoRFVEZGxZVmhUU0RRelN6Uk9MMWNLWW5kclJUWkVjRVp0Y1U5T2VGQnhWVWxwYW1OUmNsSTFXRzFWYUhoaFVtNHZVbGcxUTI1NFRXeEtTV1prY21aeVpuUnhWMjFIWVZGNk1YWldhVWhJWndwWU5sTjVkSEZQTjBrd2RGcG1ZemRLVGtWclZVUXdObVJTTTJkTmJrWmpiRFUxVTNWUWMycGxWakkyTUZwQlVYb3lkR1JDTWxkd2F5OWlUR1EyYldkUENsaERRbXhRVWxKb2EyMHJhRk5aWlRSVVNYbGhZVWQwUlVSVlZUQnBkRkV3VlZnNVZrVnhaM1kyYWxaeVlsaElla2hVTVZSU2QxRjZPRlZCYmtoV1UxY0tlV3BaWTJSeVpqUnNhVkJIZFVSSVdsUTVaa1JvVlVwaEwyaHNUbEZuWkZWeVExcFpVMmxGU1ZONFVVOVVWVlZwUjBocmVHSjRVSE15VVVodVZ6ZFNWUXBQVEdSVlZVNHdVVnBwVG5sb2FFSnpWMHN5Vm1sdk1uSmhWRVkwZG5GdFRXd3pNRTlIVEhocVRXbzVaMFV2VjA5U1ZXMHlUSGRVUVVGR1pXWllUSFIyQ2xjNU1rNVdNRzFhTUdWNGRVOW9ibUV2WW1kWVNXMUNPR1JZZG5RNWVtcDRUV0U0YUVWV1VYZHFaemxIVW14NVUzRlNWR3BQV2xGdGVraElUbU5hUzNnS1dteDNjbGhwV1ZGS1NFWkRSbEpOZFd0a1dqUXZiVTltY2pCSVRVWXlMMlF2UlU5VldYaHdUVXRoYzAxRWN6aHBjWGwyWjNsYUsxaHNORlppZWtKV2NBcEtlbWxrT0dONU5rMUNOMDlGZVdkNmRrdDZZMVZUWkhOUFQzQjVlREppYW14QlkzWXplRE5pTXpSWU1IUnJkMkpEY1hsd1UxcFNZVlZYT0RkeFlXZE9DbmhwU2l0c2RqY3pWREJCWkRKUVpGZFFVa2RDYXk5clRWWXpaSFI0V1dnelFrc3daVk5CVkM5UlV6ZFZWalJpWjNOcFRYSnZja2xGTjFOalEwRjNSVUVLUVZGTFEwRm5SVUY0ZDI5TldIZGtXVzk1WVhWR1NFMUtlUzkyZUV4NlpHUlVhMDVKVEVWek9FMUdaVTloTlVOS056Z3lORGxYWVUxUlRsSkVMMHROZEFwaFNXWkNTSGxuTURrNVkwMVRXazlZYWxGc2JrNTRVV1pHT0ZWWE1rRllLMnhoZGs1UVNGazFlazlTV1RNM05YRnFUMnR2VTFGeUwzQlVRVU5HTkdOdENpOW9LemhGT0VoNllqWmplbVJEV2tvMVVFa3ZiVmhoWlhSMlowVlpOV1pUTjJoNmNqUkljRzFoY1d4dmVWbFVNelJvU1RKUGQyeHNNVkJLUm1WblEwa0tSRGxLYzJabk5YSlNiWEZWZHpCMlRrVlhha2RSUjNsa1JDc3dWMGhWZEZWamVFWnlkeTl4ZDBzMVlreGhhV3BNTlU0clIxZ3pZMnN3ZG5KaVFtaGtjZ3BWWjJ0ek1WRnpja3R2T0ZKU1dIcFlUMVZGT0ZWRVFtcFBTblY2YjNselNqQkNVeTltVUhWaVFWSjZiVWsxVjNwd2FqTlJNSHBIVWpZMFVYWk9jbEZqQ2pKUlRsUjJOR054VVRKQmJDOTJUWFJTT1dOell6TmlhemRPTjFKdldGZHNTMmwzZG5aM1kzWlJhVU5KV0dRMVZTdDRSRU5PYUVnMFIxQkdUa1ozVmtRS1RIbFNkVmxpU1ZneFVrNUxlRlJsUkROMVRIcDNkVkZ1UzNVdlprSmtjR281ZUdrMU1FSTNhMVl3ZWpGNGNGWXZNa0ZQVEZOSlpqZ3pWVzlyUlhwYVZncDBVSEYzYjNFeVJsRnZTMlFyUzBGRlJuSnJVWEpwTjA5TU0wbG1SazFCVVVaa1ZFRmhhemd5TTJaeVExVktWemx3ZVZCd2FsWjFXazlTTTIxd1YyaFdDbVI0VUhSSGNsbDNMM0ZYYTJ4SFJXeFVjRWcxUmtrdlRrcEtSR05PUlhodVMyVmxNbkZGZUV3dmNYcEVSM3B3UTNGaGFua3hWMGRuUVZCalJtdEdiM0lLVkdkRVF6VlJOM3A1UW1jNFRIUk5PR0ZHYzJocGNtWXJla1YzVkRreFlTdFZRaXRXUzBNeGNUWnJZV2hJUjFSS1dWVjVUMVpDU1Zsak1IQlBVSGhHYkFwTU5HcG9XbkpaVEdsclNrMUZiMjU0YVhsRGVtSmlNRGs0VHpFclNDdEtNVUl3UVhrellsWkhVRlZoYUdWRlRqVk5lbXREWjJkRlFrRlBhWGx4Vlc4eENtTktSMXBVS3pKTVNYZ3piVkVyVkVKemFUSm9NV3hhYUhWcldtRXpTbXRuVTFSaVprcEpLMmxLUkVkVFRYUmtPVXQyVlc1VkswcEpSRXRrUmtSV1JUa0tjbXBNZVZRNVJuTjRRVk42ZW5Od1JFaFVlREl6WVU5UWJsazBaWGxZY1RCTk1tVnFhRnAyUmk4MlUwZHlOUzhyYWtWdGRsaEJiRzVCVEd4cVRYQkRSUXBUWVZKdGIxaHVTMEZ0VW01bFdHeE9VbU0zWVhKS1YxSmFRa2RTZFhwTFVUaFllV3Q0TlhRNGJ5OVFSamgzUlZKMGFXa3lTQzg1UlM5WVNHdEhUQ3RTQ2tSdVdrVlhNV2h5YVhkaVRHWldkRVpSVVU1SWJqZDFja1FyYlcxWFVtbExWRmhGTHpOTlZESkNZMlJXVFRWSUsxTlNMemhHTkhkVFpFMXJSVlZzWW1vS2NsWllhR1ZXZG1GWFZGQk5Ra0ZFY1VsUmQzVlVWVU54ZDA1U1NtMVRPRXd3UVZaVVVXRktXak5sUjFCcGRFNHJiM0F6U3k5SmFWVnJNMUZPZUROdlpRcFZNVE01WmxoQ09XbE5PWFI1TTAxRFoyZEZRa0ZQU2pseVEybGFMMFZtYjBaUFYweHJTRUZrUVVNNFZubGtWRGxhZEVwTWExUXpkVVJzVEZsWmJrdERDazV3UzNoaFEzTjFhR2RNTVd0a1NqZ3plRmN4YWpCa1kwMUtXamd4VlUwNVYyOUNZamRNUTJoQ1NGaGxXRTlPY21oclVrdzJjazFhTjBKRk9HNHJaVGtLVVRsSmRYcGpOWEUwUVdkc2NFZElZVVYwVmtOWlRqSlFkSFZDVG1abFkxbG9ZWGxRVW1RMWRsQnljalIxVEZGa2FuUjJXblkxVWl0Q2J6ZFpPVEZOZEFwNWMxUjBSa3RvUmxvd2RXdGtXVUZXTVdORU5IY3pUM1Z3TVZOQmRDdG9NMEl4Ym5wSVoycEhiREo1ZVNzclFWSXdWMjlDWVZCRVJtZzBVekZLVWpaMENsTlRSR012Ukd0M1VqRnBjVmxyYlZGcmMxTllZVzVGVW5WSlpIWnFSRU5VVDFadWJ6Uk1kUzlVUzBOT2RGUnhURUozZG5BelptUk5PR2RGSzNCR1lrOEtSa3Q2UkRCd1pXUlRObXBpV2psbFdsUmtlSGRHV1VnNFprbDVhMlZVVlhreWRIQTNhRlZFWW10dU1FTm5aMFZDUVV4V1EyaHNRa0k1Umk5WFJuTmhid3AyVlVGTVNVSlFVRTVsV1VwNlNsbGFTbWx4Y20xSE4waEZXVVJ0Y2s5dlpHMVRabk5DUTB0TVdUWjZNMW8wV1RaTVdFVlhablJ6Y25WelowRnlSMEZ5Q2pSNmVuVmxNRkpsY0hsV01GTm5NbWRVTVVKdVpIWmFXRGRFY25ONU5sTmtlRkppTlhVeFFtSjZhR1ZRZFRWbGRsaHZZMHRYUm1KMVZsSmlNSGQzTDBZS1dtSjFhMUp4UmxGeFprbEtjMHR2U2xOUVVFOXRkekF5YW05V1ZFeG9SbGROTjJkMVJqWTFZbWcxVDBzeWNqTlViR05FYW5SemRIbFRUblZxVURaNFR3cHBWWFJRY3pKUmJsQkJPRGNyV21OTlJubGpaalYzVFZGeFIxcDRTWEF4YVV4MmIyOTVhbFZOTmxKVk4wZ3pVME0wSzIwMWNtaElNRFZCTm1wNFp6ZG5DblJPT1N0TGFHY3dVMGN6WlcweGNXMUtMMHN4UzJSbVZqQmpTakJMWjI4elEyNXJjbWRUTldneFNGbHdjV3BGVWpKNFNuQnpWbkpWZVVsbVRXSTJkbmtLWmxkR2JUSjZWVU5uWjBWQ1FVNUxTRXR3TTJFNVMzZExVMFpLVDJSdldXZEVkVzB4WjFKVFoweDRSazhyVFZSMVNWSmFWVEpNTTBReEswcHVWVmxNUXdwRVowNHlURWxRVWxkeVVXUlFaaXRCTjBKRlYwaEZORk5ITm5WM2VITlJkMEkyZEdka1JYUlplVlZrTW05alV6RldZamt6T0U1T1EwWkhZWE0xZEZReUNtUjVVbUpwVURoRU5pOXRZbG81Y2t4SFduaEtjVGQ0UTBOUk9ISmFha054YVRBM1ZXNTVkV1JTWjNWS2VtaEVSRlJIYXk5MVJGaDZTRTFaVERobFYzY0tSR0ZKT0ZSd1VYVjBOMEpYUXpabVpVMTBMMVJtYURsNFpFd3phSGhKY3pOMll6RnRWMk5aWjBOa05WWlVVM2g0UkRsVlJscEhiWFJtV1c4d2JqWmhkd292T0VOc1RVSk9aR1JYSzFSd00yUlBiRFEwWXpJNWVsUklURFE0VURWdFJUWnFPV0pQV21kbVdIWTVkRGxqZEVsR1RFOW1aa3hpVEdaSFFsTTNZeTlOQ21kSFYwY3ZTRVpzY1ZGQk9Hd3lSbkZTYjA5ak5YRllVMnBoWjBWd1VYQjVhbmxyUTJkblJVRldObTVvWm1aRGMwcE5URmxpYUdKbGJIVk9NMGg1TjJrS1lYRjNkR0p3TVZwd1ExZzRXV3R2TUVrM1ZXRllVRnBaU1Vkc1YxRllWRFZsUWpCdWJIQlRXVlZMVVcxak9HOXBVa1ZvTjNoRWIwNXlSRnBCY21WeGVBcFJaREJVVG1sdVdrZFZaR3Q1VXpKTFdUUk1ibGsyWTB0aldYUmFUamh0UkM5cFFtTTJOV2RtU0dvNU1saFJUV0pSZUZrMWRUQXdWMFZKT1VOUmVGUXpDalpoVlVwS2REQm1abGRqU2pscloydHlVR0pFVTJ4UUwxaDJVbEJ0Y1dKRVVEZEVObkV6TUhBdk5VdzNZbXBrWnpKT1ZIWTRTMWxzTWpsV1p6SnRTSGtLT0VsemEybEVVRFZKUjJwUE5Fd3dOMmhVYTNSNE1sSTVTV0pQYUdNellrbDZiVW9yUTA0MFVGVlVhMFY2WW5kbVNVTjRTVkJOTlRsMVYyTlNTbk5ZYkFwalMwMXJWVXRWV1RGR1MzWTJSQ3QzTURsc1UwWlBRMHRWSzNRMmFsSmxWV0ptVnk5eGF6VkNiMVpvTW05RFNXeHhZMGxYYWtaRlJYQlBOMlZTVVQwOUNpMHRMUzB0UlU1RUlGSlRRU0JRVWtsV1FWUkZJRXRGV1MwdExTMHRDZz09"],"snippet":{"before":"","matching":"LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS2dJQkFBS0NBZ0VBemQvMUxSNEo0R2pzcmZ0SUtScjVWNWUrdzE1MSsvdEVSSlo1TXRYY2ZKNXUwcStDCno4TzBpOWREOWgwcmUxWTFrU2hKYUUwSGxBTjk2MDE5aVhjWmZyaDMzaEllM0hhSlhDUDdlYVhTSDQzSzROL1cKYndrRTZEcEZtcU9OeFBxVUlpamNRclI1WG1VaHhhUm4vUlg1Q254TWxKSWZkcmZyZnRxV21HYVF6MXZWaUhIZwpYNlN5dHFPN0kwdFpmYzdKTkVrVUQwNmRSM2dNbkZjbDU1U3VQc2plVjI2MFpBUXoydGRCMldway9iTGQ2bWdPClhDQmxQUlJoa20raFNZZTRUSXlhYUd0RURVVTBpdFEwVVg5VkVxZ3Y2alZyYlhIekhUMVRSd1F6OFVBbkhWU1cKeWpZY2RyZjRsaVBHdURIWlQ5ZkRoVUphL2hsTlFnZFVyQ1pZU2lFSVN4UU9UVVVpR0hreGJ4UHMyUUhuVzdSVQpPTGRVVU4wUVppTnloaEJzV0syVmlvMnJhVEY0dnFtTWwzME9HTHhqTWo5Z0UvV09SVW0yTHdUQUFGZWZYTHR2Clc5Mk5WMG1aMGV4dU9obmEvYmdYSW1COGRYdnQ5emp4TWE4aEVWUXdqZzlHUmx5U3FSVGpPWlFtekhITmNaS3gKWmx3clhpWVFKSEZDRlJNdWtkWjQvbU9mcjBITUYyL2QvRU9VWXhwTUthc01EczhpcXl2Z3laK1hsNFZiekJWcApKemlkOGN5Nk1CN09FeWd6dkt6Y1VTZHNPT3B5eDJiamxBY3YzeDNiMzRYMHRrd2JDcXlwU1pSYVVXODdxYWdOCnhpSitsdjczVDBBZDJQZFdQUkdCay9rTVYzZHR4WWgzQkswZVNBVC9RUzdVVjRiZ3NpTXJvcklFN1NjQ0F3RUEKQVFLQ0FnRUF4d29NWHdkWW95YXVGSE1KeS92eEx6ZGRUa05JTEVzOE1GZU9hNUNKNzgyNDlXYU1RTlJEL0tNdAphSWZCSHlnMDk5Y01TWk9YalFsbk54UWZGOFVXMkFYK2xhdk5QSFk1ek9SWTM3NXFqT2tvU1FyL3BUQUNGNGNtCi9oKzhFOEh6YjZjemRDWko1UEkvbVhhZXR2Z0VZNWZTN2h6cjRIcG1hcWxveVlUMzRoSTJPd2xsMVBKRmVnQ0kKRDlKc2ZnNXJSbXFVdzB2TkVXakdRR3lkRCswV0hVdFVjeEZydy9xd0s1YkxhaWpMNU4rR1gzY2swdnJiQmhkcgpVZ2tzMVFzcktvOFJSWHpYT1VFOFVEQmpPSnV6b3lzSjBCUy9mUHViQVJ6bUk1V3pwajNRMHpHUjY0UXZOclFjCjJRTlR2NGNxUTJBbC92TXRSOWNzYzNiazdON1JvWFdsS2l3dnZ3Y3ZRaUNJWGQ1VSt4RENOaEg0R1BGTkZ3VkQKTHlSdVliSVgxUk5LeFRlRDN1THp3dVFuS3UvZkJkcGo5eGk1MEI3a1YwejF4cFYvMkFPTFNJZjgzVW9rRXpaVgp0UHF3b3EyRlFvS2QrS0FFRnJrUXJpN09MM0lmRk1BUUZkVEFhazgyM2ZyQ1VKVzlweVBwalZ1Wk9SM21wV2hWCmR4UHRHcll3L3FXa2xHRWxUcEg1RkkvTkpKRGNORXhuS2VlMnFFeEwvcXpER3pwQ3FhankxV0dnQVBjRmtGb3IKVGdEQzVRN3p5Qmc4THRNOGFGc2hpcmYrekV3VDkxYStVQitWS0MxcTZrYWhIR1RKWVV5T1ZCSVljMHBPUHhGbApMNGpoWnJZTGlrSk1Fb254aXlDemJiMDk4TzErSCtKMUIwQXkzYlZHUFVhaGVFTjVNemtDZ2dFQkFPaXlxVW8xCmNKR1pUKzJMSXgzbVErVEJzaTJoMWxaaHVrWmEzSmtnU1RiZkpJK2lKREdTTXRkOUt2VW5VK0pJREtkRkRWRTkKcmpMeVQ5RnN4QVN6enNwREhUeDIzYU9Qblk0ZXlYcTBNMmVqaFp2Ri82U0dyNS8rakVtdlhBbG5BTGxqTXBDRQpTYVJtb1huS0FtUm5lWGxOUmM3YXJKV1JaQkdSdXpLUThYeWt4NXQ4by9QRjh3RVJ0aWkySC85RS9YSGtHTCtSCkRuWkVXMWhyaXdiTGZWdEZRUU5Ibjd1ckQrbW1XUmlLVFhFLzNNVDJCY2RWTTVIK1NSLzhGNHdTZE1rRVVsYmoKclZYaGVWdmFXVFBNQkFEcUlRd3VUVUNxd05SSm1TOEwwQVZUUWFKWjNlR1BpdE4rb3AzSy9JaVVrM1FOeDNvZQpVMTM5ZlhCOWlNOXR5M01DZ2dFQkFPSjlyQ2laL0Vmb0ZPV0xrSEFkQUM4VnlkVDladEpMa1QzdURsTFlZbktDCk5wS3hhQ3N1aGdMMWtkSjgzeFcxajBkY01KWjgxVU05V29CYjdMQ2hCSFhlWE9OcmhrUkw2ck1aN0JFOG4rZTkKUTlJdXpjNXE0QWdscEdIYUV0VkNZTjJQdHVCTmZlY1loYXlQUmQ1dlBycjR1TFFkanR2WnY1UitCbzdZOTFNdAp5c1R0RktoRlowdWtkWUFWMWNENHczT3VwMVNBdCtoM0IxbnpIZ2pHbDJ5eSsrQVIwV29CYVBERmg0UzFKUjZ0ClNTRGMvRGt3UjFpcVlrbVFrc1NYYW5FUnVJZHZqRENUT1ZubzRMdS9US0NOdFRxTEJ3dnAzZmRNOGdFK3BGYk8KRkt6RDBwZWRTNmpiWjllWlRkeHdGWUg4Zkl5a2VUVXkydHA3aFVEYmtuMENnZ0VCQUxWQ2hsQkI5Ri9XRnNhbwp2VUFMSUJQUE5lWUp6SllaSmlxcm1HN0hFWURtck9vZG1TZnNCQ0tMWTZ6M1o0WTZMWEVXZnRzcnVzZ0FyR0FyCjR6enVlMFJlcHlWMFNnMmdUMUJuZHZaWDdEcnN5NlNkeFJiNXUxQmJ6aGVQdTVldlhvY0tXRmJ1VlJiMHd3L0YKWmJ1a1JxRlFxZklKc0tvSlNQUE9tdzAyam9WVExoRldNN2d1RjY1Ymg1T0sycjNUbGNEanRzdHlTTnVqUDZ4TwppVXRQczJRblBBODcrWmNNRnljZjV3TVFxR1p4SXAxaUx2b295alVNNlJVN0gzU0M0K201cmhIMDVBNmp4ZzdnCnROOStLaGcwU0czZW0xcW1KL0sxS2RmVjBjSjBLZ28zQ25rcmdTNWgxSFlwcWpFUjJ4SnBzVnJVeUlmTWI2dnkKZldGbTJ6VUNnZ0VCQU5LSEtwM2E5S3dLU0ZKT2RvWWdEdW0xZ1JTZ0x4Rk8rTVR1SVJaVTJMM0QxK0puVVlMQwpEZ04yTElQUldyUWRQZitBN0JFV0hFNFNHNnV3eHNRd0I2dGdkRXRZeVVkMm9jUzFWYjkzOE5OQ0ZHYXM1dFQyCmR5UmJpUDhENi9tYlo5ckxHWnhKcTd4Q0NROHJaakNxaTA3VW55dWRSZ3VKemhERFRHay91RFh6SE1ZTDhlV3cKRGFJOFRwUXV0N0JXQzZmZU10L1RmaDl4ZEwzaHhJczN2YzFtV2NZZ0NkNVZUU3h4RDlVRlpHbXRmWW8wbjZhdwovOENsTUJOZGRXK1RwM2RPbDQ0YzI5elRITDQ4UDVtRTZqOWJPWmdmWHY5dDljdElGTE9mZkxiTGZHQlM3Yy9NCmdHV0cvSEZscVFBOGwyRnFSb09jNXFYU2phZ0VwUXB5anlrQ2dnRUFWNm5oZmZDc0pNTFliaGJlbHVOM0h5N2kKYXF3dGJwMVpwQ1g4WWtvMEk3VWFYUFpZSUdsV1FYVDVlQjBubHBTWVVLUW1jOG9pUkVoN3hEb05yRFpBcmVxeApRZDBUTmluWkdVZGt5UzJLWTRMblk2Y0tjWXRaTjhtRC9pQmM2NWdmSGo5MlhRTWJReFk1dTAwV0VJOUNReFQzCjZhVUpKdDBmZldjSjlrZ2tyUGJEU2xQL1h2UlBtcWJEUDdENnEzMHAvNUw3YmpkZzJOVHY4S1lsMjlWZzJtSHkKOElza2lEUDVJR2pPNEwwN2hUa3R4MlI5SWJPaGMzYkl6bUorQ040UFVUa0V6YndmSUN4SVBNNTl1V2NSSnNYbApjS01rVUtVWTFGS3Y2RCt3MDlsU0ZPQ0tVK3Q2alJlVWJmVy9xazVCb1ZoMm9DSWxxY0lXakZFRXBPN2VSUT09Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==","after":""},"structural_id":"6966b2fcd1edb6d42c0da7c85e1aa22ffae24485","rule_structural_id":"35bc9170393aecc3777a72fe77e269fc150c91ce","rule_text_id":"np.pem.2","rule_name":"Base64-PEM-Encoded Private Key","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"3d014260f6750ff458a0b02343c9645f82f21348","rule_name":"Generic API Key","rule_text_id":"np.generic.2","rule_structural_id":"ac1028729d342a4d0cf282377532d882a48795c6","groups":["Q1Uwb0t0NEd0MWxIRHRKam5STGZkQlVaV2FkbVlJSGV2cS9UeVV6"],"num_matches":2,"num_redundant_matches":1,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"43d6429098e4d3acdf6938dfc159172c4dd99220","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1678401216 +0100","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1678401216 +0100","message":"Update docs for okteto challenge 15\n"},"blob_path":"src/main/resources/explanations/challenge15.adoc"}}],"blob_metadata":{"id":"1590fc5b5b352fd538a6372946b04120bc2b5649","num_bytes":1741,"mime_essence":null,"charset":null},"blob_id":"1590fc5b5b352fd538a6372946b04120bc2b5649","location":{"offset_span":{"start":1613,"end":1663},"source_span":{"start":{"line":32,"column":50},"end":{"line":32,"column":99}}},"groups":["Q1Uwb0t0NEd0MWxIRHRKam5STGZkQlVaV2FkbVlJSGV2cS9UeVV6"],"snippet":{"before":"S4XUU3EPJ\naws_secret_access_key=CU0oKt4Gt1lHDtJjnRLfdBUZWadmYIHevq/TyUz/\nregion=us-east-2\noutput=json\n\n#https://canarytokens.org/manage?token=n0cnd92mavmv1m61tjmyj9of5&auth=6519be82ef910868529091527c3edb3f\n\naws_access_key_id=AKIASP2TPHJS4XUU3EPJaws_secret_","matching":"access_key=CU0oKt4Gt1lHDtJjnRLfdBUZWadmYIHevq/TyUz","after":"/\n\nhttps://wrongsecrets-commjoen.cloud.okteto.net/canaries/tokencallbackdebug\n"},"structural_id":"c56d61ee93a4f093108a146dd1181ec411b1df18","rule_structural_id":"ac1028729d342a4d0cf282377532d882a48795c6","rule_text_id":"np.generic.2","rule_name":"Generic API Key","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"15b6e7abd2ef12bd9bac8666e9a45c9cd5339baf","rule_name":"Generic API Key","rule_text_id":"np.generic.2","rule_structural_id":"ac1028729d342a4d0cf282377532d882a48795c6","groups":["QUtJQVNQMlRQSEpTNFhVVTNFUEphd3Nfc2VjcmV0X2FjY2Vzc19rZXk="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"43d6429098e4d3acdf6938dfc159172c4dd99220","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1678401216 +0100","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1678401216 +0100","message":"Update docs for okteto challenge 15\n"},"blob_path":"src/main/resources/explanations/challenge15.adoc"}}],"blob_metadata":{"id":"1590fc5b5b352fd538a6372946b04120bc2b5649","num_bytes":1741,"mime_essence":null,"charset":null},"blob_id":"1590fc5b5b352fd538a6372946b04120bc2b5649","location":{"offset_span":{"start":1568,"end":1623},"source_span":{"start":{"line":32,"column":5},"end":{"line":32,"column":59}}},"groups":["QUtJQVNQMlRQSEpTNFhVVTNFUEphd3Nfc2VjcmV0X2FjY2Vzc19rZXk="],"snippet":{"before":"cxbv\n\n[default]\naws_access_key_id=AKIASP2TPHJS4XUU3EPJ\naws_secret_access_key=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\nregion=us-east-2\noutput=json\n\n#https://canarytokens.org/manage?token=n0cnd92mavmv1m61tjmyj9of5&auth=6519be82ef910868529091527c3edb3f\n\naws_","matching":"access_key_id=AKIASP2TPHJS4XUU3EPJaws_secret_access_key","after":"=CU0oKt4Gt1lHDtJjnRLfdBUZWadmYIHevq/TyUz/\n\nhttps://wrongsecrets-commjoen.cloud.okteto.net/canaries/tokencallbackdebug\n"},"structural_id":"f09e74268374789bf07f8f0c085491b4eabc3966","rule_structural_id":"ac1028729d342a4d0cf282377532d882a48795c6","rule_text_id":"np.generic.2","rule_name":"Generic API Key","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"a7cdf564d70c7e2a928e273a9d3ee4f2adff9dcf","rule_name":"Generic Password","rule_text_id":"np.generic.5","rule_structural_id":"4742a7e5266ce68dd5633ca6c2c634a4fa706673","groups":["MjZJYWdFVk9nM2RzUTlBd0FTNXlVOGdwaXQ0aU9JWU9SOHNVdU9nWVZwVT0="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"76bc2a8ed945682d3fc6fc9b730bc923a82691ac","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1705822443 +0100","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1705494983 +0100","message":"Update POM file with new version: 1.8.2d\n"},"blob_path":".github/scripts/.bash_history"}}],"blob_metadata":{"id":"35fae43b9edec27151e60bf2a41949f91351774f","num_bytes":14740,"mime_essence":null,"charset":null},"blob_id":"35fae43b9edec27151e60bf2a41949f91351774f","location":{"offset_span":{"start":7201,"end":7256},"source_span":{"start":{"line":350,"column":12},"end":{"line":350,"column":66}}},"groups":["MjZJYWdFVk9nM2RzUTlBd0FTNXlVOGdwaXQ0aU9JWU9SOHNVdU9nWVZwVT0="],"snippet":{"before":"_bin.deb\nsudo apt install libc6-i386\nsudo apt --fix-broken install\nsudo dpkg -i jdk-18_linux-x64_bin.deb\njava --version\nmvn --no-transfer-progress test\ngit status\nrm -rf jdk-18_linux-x64_bin.deb\ngit rebase -i main\ngit rebase -i master\ngit stash\nexport temp","matching":"Password=\"26IagEVOg3dsQ9AwAS5yU8gpit4iOIYOR8sUuOgYVpU=\"","after":"\nmvn run tempPassword\nk6\nnpx k6\nnpm remove @types/k6\nnpm run tests:automatic\nnpm run test:automatic\nk6\nnpm run\nnpm start\nnpm install nodemon --save\nnpm start\nnpm install\ngit status\ngit checkout main\ngit status\ngit stash\ngit log\ngit checkout 0a34816be1f1149"},"structural_id":"2e0e745fcdf8fef423dd27b0791630e7258252c0","rule_structural_id":"4742a7e5266ce68dd5633ca6c2c634a4fa706673","rule_text_id":"np.generic.5","rule_name":"Generic Password","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"7d967ba79a438184cc227b02cb91b59067144e09","rule_name":"Generic Password","rule_text_id":"np.generic.6","rule_structural_id":"623947cab165b1d6c786a051107b4555e41719d5","groups":["dEpiUWpDTT0="],"num_matches":2,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"812d4185f6d835730265679f2748e330568d2460","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1685336295 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1685336295 +0200","message":"Changed to node v18, updated configs, updated pre-commit, susppressed eslint on index.js\n"},"blob_path":"js/index.js"}}],"blob_metadata":{"id":"4a03e02f3b71094bd9ea9a2220f151bc3b0591f6","num_bytes":152,"mime_essence":"text/javascript","charset":null},"blob_id":"4a03e02f3b71094bd9ea9a2220f151bc3b0591f6","location":{"offset_span":{"start":67,"end":88},"source_span":{"start":{"line":2,"column":9},"end":{"line":2,"column":29}}},"groups":["dEpiUWpDTT0="],"snippet":{"before":"function secret () { // eslint-disable-line no-unused-vars\n const ","matching":"password = 'tJbQjCM='","after":" + 9 + 'SnCq' + 6 + 'LBU=' + 2 + 'h5GD' + 7\n return password\n}\n"},"structural_id":"221de10d50ba8bb10943168e9536aa4ac93f4261","rule_structural_id":"623947cab165b1d6c786a051107b4555e41719d5","rule_text_id":"np.generic.6","rule_name":"Generic Password","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"e2947f2b69948c8916b744144ebb02d36f8bd58b","committer_name":"GitHub","committer_email":"noreply@github.com","committer_timestamp":"1685256766 +0000","author_name":"pre-commit-ci-lite[bot]","author_email":"117423508+pre-commit-ci-lite[bot]@users.noreply.github.com","author_timestamp":"1685256766 +0000","message":"[pre-commit.ci lite] apply automatic fixes"},"blob_path":"js/index.js"}}],"blob_metadata":{"id":"a88dd5bb2a766074134a814379630b4f7a13ca25","num_bytes":114,"mime_essence":"text/javascript","charset":null},"blob_id":"a88dd5bb2a766074134a814379630b4f7a13ca25","location":{"offset_span":{"start":29,"end":50},"source_span":{"start":{"line":2,"column":9},"end":{"line":2,"column":29}}},"groups":["dEpiUWpDTT0="],"snippet":{"before":"function secret () {\n const ","matching":"password = 'tJbQjCM='","after":" + 9 + 'SnCq' + 6 + 'LBU=' + 2 + 'h5GD' + 7\n return password\n}\n"},"structural_id":"59bee622a86afc205e14a98339e43590554bc97f","rule_structural_id":"623947cab165b1d6c786a051107b4555e41719d5","rule_text_id":"np.generic.6","rule_name":"Generic Password","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"1d56ba5ba541032ca531a3b07fbefd3d3a58df32","rule_name":"Generic Secret","rule_text_id":"np.generic.1","rule_structural_id":"3a961eccebcf7356ad803ec8e1a711d01801b9d7","groups":["MHg4YjcyZjdjYkFENTA2MjBjNDYyMTlhZDY3NkFkOWQzYTVBMjczNTg3"],"num_matches":3,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"file","path":"./src/main/resources/explanations/challenge25.adoc"},{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"3fd81b9bcc4532eaf62aeb35a9f99231a90fd81c","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1664348148 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1664348148 +0200","message":"fixes for challenges\n"},"blob_path":"src/main/resources/explanations/challenge25.adoc"}}],"blob_metadata":{"id":"12c6ab9a78813e5cf5aa45b505ad858217861a92","num_bytes":270,"mime_essence":null,"charset":null},"blob_id":"12c6ab9a78813e5cf5aa45b505ad858217861a92","location":{"offset_span":{"start":173,"end":241},"source_span":{"start":{"line":5,"column":56},"end":{"line":5,"column":123}}},"groups":["MHg4YjcyZjdjYkFENTA2MjBjNDYyMTlhZDY3NkFkOWQzYTVBMjczNTg3"],"snippet":{"before":"=== Secrets in smart contracts part 1\n\nOn public blockchains, everything that is written on-chain is world-readable.\n\nIn this challenge, you need to read the variable named ","matching":"secret from the contract `0x8b72f7cbAD50620c46219ad676Ad9d3a5A273587","after":"` on the Goerli EVM Testnet.\n"},"structural_id":"c290822f8c5e37199afe269b4367bb37d5aeed04","rule_structural_id":"3a961eccebcf7356ad803ec8e1a711d01801b9d7","rule_text_id":"np.generic.1","rule_name":"Generic Secret","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"b266f31da8df2a2cb7bd90011c2ae1f2700fc9e9","committer_name":"Chris Elbring","committer_email":"chris.elbring@gmail.com","committer_timestamp":"1664240979 -0500","author_name":"Chris Elbring","author_email":"chris.elbring@gmail.com","author_timestamp":"1664240979 -0500","message":"Challenge25\n"},"blob_path":"src/main/resources/explanations/challenge25.adoc"}}],"blob_metadata":{"id":"8d42eb52d9050870e70a5c635c1e0c58bbd12729","num_bytes":458,"mime_essence":null,"charset":null},"blob_id":"8d42eb52d9050870e70a5c635c1e0c58bbd12729","location":{"offset_span":{"start":362,"end":429},"source_span":{"start":{"line":5,"column":56},"end":{"line":5,"column":122}}},"groups":["MHg4YjcyZjdjYkFENTA2MjBjNDYyMTlhZDY3NkFkOWQzYTVBMjczNTg3"],"snippet":{"before":"-readable. So there are various mistakes you can find on https://twitter.com/d_feldman/status/1558309810801631233?s=20&t=z98ii6IPJEZq10cnsGAhpQ[Twitter]. What if our developers made the same mistake?\n\nIn this challenge, you need to read the variable named ","matching":"secret from the contract 0x8b72f7cbAD50620c46219ad676Ad9d3a5A273587","after":" on the goerli evm testnet.\n\n"},"structural_id":"7ff4b8b2c8aca984725c443d7e12697994d15bea","rule_structural_id":"3a961eccebcf7356ad803ec8e1a711d01801b9d7","rule_text_id":"np.generic.1","rule_name":"Generic Secret","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"ec89e8a69cd6fdfa55c02fd35bea29056213a652","committer_name":"Chris Elbring","committer_email":"chris.elbring@gmail.com","committer_timestamp":"1664300830 -0500","author_name":"Chris Elbring","author_email":"chris.elbring@gmail.com","author_timestamp":"1664300830 -0500","message":"Challenge25-6\n"},"blob_path":"src/main/resources/explanations/challenge25.adoc"}}],"blob_metadata":{"id":"deaed2195e9fae8a1098ae159d3075ee59921577","num_bytes":269,"mime_essence":null,"charset":null},"blob_id":"deaed2195e9fae8a1098ae159d3075ee59921577","location":{"offset_span":{"start":173,"end":240},"source_span":{"start":{"line":5,"column":56},"end":{"line":5,"column":122}}},"groups":["MHg4YjcyZjdjYkFENTA2MjBjNDYyMTlhZDY3NkFkOWQzYTVBMjczNTg3"],"snippet":{"before":"=== Secrets in smart contracts part 1\n\nOn public blockchains, everything that is written on-chain is world-readable.\n\nIn this challenge, you need to read the variable named ","matching":"secret from the contract 0x8b72f7cbAD50620c46219ad676Ad9d3a5A273587","after":" on the goerli evm testnet.\n\n"},"structural_id":"6280d23c964b17d622706498d962712e7c1b93f6","rule_structural_id":"3a961eccebcf7356ad803ec8e1a711d01801b9d7","rule_text_id":"np.generic.1","rule_name":"Generic Secret","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"796ae549d04f3e3895387e0ba6e890a3f7e8cf36","rule_name":"Generic Secret","rule_text_id":"np.generic.1","rule_structural_id":"3a961eccebcf7356ad803ec8e1a711d01801b9d7","groups":["aFJacU9FQjBWMGtVNkpoRVhkbThVSDMyVkRBYkFiZFJ4ZzVSTXBv"],"num_matches":6,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"30e36acf62d104ff600b72aedeb14e7b668c1ea1","committer_name":"Jeroen Willemsen","committer_email":"jwillemsen@xebia.com","committer_timestamp":"1644228456 +0100","author_name":"Jeroen Willemsen","author_email":"jwillemsen@xebia.com","author_timestamp":"1644227390 +0100","message":"Updated comments and code in 13\n\nAdded test for challenge 13\n\nUpdated README to include challenge 13\n\nUpdate readme\n"},"blob_path":"src/test/java/org/owasp/wrongsecrets/challenges/docker/Challenge13Test.java"}}],"blob_metadata":{"id":"01f2e1f50867c4d2200edac60290aadaef82e0d7","num_bytes":1683,"mime_essence":"application/octet-stream","charset":null},"blob_id":"01f2e1f50867c4d2200edac60290aadaef82e0d7","location":{"offset_span":{"start":663,"end":712},"source_span":{"start":{"line":23,"column":69},"end":{"line":23,"column":117}}},"groups":["aFJacU9FQjBWMGtVNkpoRVhkbThVSDMyVkRBYkFiZFJ4ZzVSTXBv"],"snippet":{"before":"arsets;\nimport java.util.Base64;\n\n@ExtendWith(MockitoExtension.class)\nclass Challenge13Test {\n\n @Mock\n private ScoreCard scoreCard;\n\n @Test\n void spoilerShouldRevealAnswer() {\n var challenge = new Challenge13(scoreCard, \"This is not the ","matching":"secret\", \"hRZqOEB0V0kU6JhEXdm8UH32VDAbAbdRxg5RMpo","after":"/fA8caUCvJhs=\");\n\n Assertions.assertThat(challenge.spoiler()).isEqualTo(new Spoiler(Base64.getEncoder().encodeToString(\"This is our first key as github secret\".getBytes(StandardCharsets.UTF_8))));\n }\n\n @Test\n void rightAnswerShouldSolveChal"},"structural_id":"9dcdcb8e4717a1f122c57eb4232b01d88dca39a5","rule_structural_id":"3a961eccebcf7356ad803ec8e1a711d01801b9d7","rule_text_id":"np.generic.1","rule_name":"Generic Secret","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"30e36acf62d104ff600b72aedeb14e7b668c1ea1","committer_name":"Jeroen Willemsen","committer_email":"jwillemsen@xebia.com","committer_timestamp":"1644228456 +0100","author_name":"Jeroen Willemsen","author_email":"jwillemsen@xebia.com","author_timestamp":"1644227390 +0100","message":"Updated comments and code in 13\n\nAdded test for challenge 13\n\nUpdated README to include challenge 13\n\nUpdate readme\n"},"blob_path":"src/test/java/org/owasp/wrongsecrets/challenges/docker/Challenge13Test.java"}}],"blob_metadata":{"id":"01f2e1f50867c4d2200edac60290aadaef82e0d7","num_bytes":1683,"mime_essence":"application/octet-stream","charset":null},"blob_id":"01f2e1f50867c4d2200edac60290aadaef82e0d7","location":{"offset_span":{"start":1046,"end":1095},"source_span":{"start":{"line":30,"column":69},"end":{"line":30,"column":117}}},"groups":["aFJacU9FQjBWMGtVNkpoRVhkbThVSDMyVkRBYkFiZFJ4ZzVSTXBv"],"snippet":{"before":"(new Spoiler(Base64.getEncoder().encodeToString(\"This is our first key as github secret\".getBytes(StandardCharsets.UTF_8))));\n }\n\n @Test\n void rightAnswerShouldSolveChallenge() {\n var challenge = new Challenge13(scoreCard, \"This is not the ","matching":"secret\", \"hRZqOEB0V0kU6JhEXdm8UH32VDAbAbdRxg5RMpo","after":"/fA8caUCvJhs=\");\n\n Assertions.assertThat(challenge.solved(Base64.getEncoder().encodeToString(\"This is our first key as github secret\".getBytes(StandardCharsets.UTF_8)))).isTrue();\n Mockito.verify(scoreCard).completeChallenge(challenge);\n }"},"structural_id":"929d26e0314bf73ed4b938fbb7f08951a60fdb89","rule_structural_id":"3a961eccebcf7356ad803ec8e1a711d01801b9d7","rule_text_id":"np.generic.1","rule_name":"Generic Secret","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"30e36acf62d104ff600b72aedeb14e7b668c1ea1","committer_name":"Jeroen Willemsen","committer_email":"jwillemsen@xebia.com","committer_timestamp":"1644228456 +0100","author_name":"Jeroen Willemsen","author_email":"jwillemsen@xebia.com","author_timestamp":"1644227390 +0100","message":"Updated comments and code in 13\n\nAdded test for challenge 13\n\nUpdated README to include challenge 13\n\nUpdate readme\n"},"blob_path":"src/test/java/org/owasp/wrongsecrets/challenges/docker/Challenge13Test.java"}}],"blob_metadata":{"id":"01f2e1f50867c4d2200edac60290aadaef82e0d7","num_bytes":1683,"mime_essence":"application/octet-stream","charset":null},"blob_id":"01f2e1f50867c4d2200edac60290aadaef82e0d7","location":{"offset_span":{"start":1483,"end":1532},"source_span":{"start":{"line":38,"column":69},"end":{"line":38,"column":117}}},"groups":["aFJacU9FQjBWMGtVNkpoRVhkbThVSDMyVkRBYkFiZFJ4ZzVSTXBv"],"snippet":{"before":" secret\".getBytes(StandardCharsets.UTF_8)))).isTrue();\n Mockito.verify(scoreCard).completeChallenge(challenge);\n }\n\n @Test\n void incorrectAnswerShouldNotSolveChallenge() {\n var challenge = new Challenge13(scoreCard, \"This is not the ","matching":"secret\", \"hRZqOEB0V0kU6JhEXdm8UH32VDAbAbdRxg5RMpo","after":"/fA8caUCvJhs=\");\n\n Assertions.assertThat(challenge.solved(\"wrong answer\")).isFalse();\n Mockito.verifyNoInteractions(scoreCard);\n }\n\n}\n"},"structural_id":"63c61a042d7112b91910ccf66fd4ceb15706b4d2","rule_structural_id":"3a961eccebcf7356ad803ec8e1a711d01801b9d7","rule_text_id":"np.generic.1","rule_name":"Generic Secret","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"025edf89aabf5730eba20f56a2bdd3152d7da1c1","rule_name":"Generic Username and Password","rule_text_id":"np.generic.3","rule_structural_id":"8cca3a4a548b00450bae08c40f5f33f06173b21f","groups":["c3RhdGljLXVzZXI=","JChvcGVuc3NsIHJhbmQgLWJhc2U2NCAxNik="],"num_matches":5,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"f72cdca5ddc696ddd03b0c1926379d6d618eadd5","committer_name":"GitHub","committer_email":"noreply@github.com","committer_timestamp":"1604486227 +0100","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1604486227 +0100","message":"Update k8s-vault-minkube-start.sh\n\nCo-authored-by: Ben de Haan <53901866+bendehaan@users.noreply.github.com>"},"blob_path":"k8s-vault-minkube-start.sh"}}],"blob_metadata":{"id":"611c57d0dd9f26eba2cb3689ecc8544e61c2e9b9","num_bytes":3828,"mime_essence":"application/x-sh","charset":null},"blob_id":"611c57d0dd9f26eba2cb3689ecc8544e61c2e9b9","location":{"offset_span":{"start":2565,"end":2625},"source_span":{"start":{"line":70,"column":59},"end":{"line":70,"column":118}}},"groups":["c3RhdGljLXVzZXI=","JChvcGVuc3NsIHJhbmQgLWJhc2U2NCAxNik="],"snippet":{"before":"ken)\n\necho \"Logging in\"\nkubectl exec vault-0 -- vault login $ROOTTOKEN \n\necho \"Enabling kv-v2 kubernetes\"\nkubectl exec vault-0 -- vault secrets enable -path=secret kv-v2\n\necho \"Putting a secret in\"\nkubectl exec vault-0 -- vault kv put secret/webapp/config ","matching":"username=\"static-user\" password=\"$(openssl rand -base64 16)\"","after":"\n\necho \"Enable k8s auth\"\nkubectl exec vault-0 -- vault auth enable kubernetes\n\necho \"Writing k8s auth config\" \n#TODO: below should be executed on he host only, so pick it up from the pod!\nkubectl exec vault-0 -- bash -c 'vault write auth/kubernetes/config "},"structural_id":"adcc890b7f6162534d2cca50dd84530060e68a17","rule_structural_id":"8cca3a4a548b00450bae08c40f5f33f06173b21f","rule_text_id":"np.generic.3","rule_name":"Generic Username and Password","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"cbd13f218be083ca063e1bc03da7f4ef2b34fd2c","committer_name":"Jeroen Willemsen","committer_email":"jwillemsen@xebia.com","committer_timestamp":"1604524065 +0100","author_name":"Jeroen Willemsen","author_email":"jwillemsen@xebia.com","author_timestamp":"1604524065 +0100","message":"enable proper port forwarding\n"},"blob_path":"k8s-vault-minkube-start.sh"}}],"blob_metadata":{"id":"653a441f774d3251f466b37599f576f2e659df9d","num_bytes":3903,"mime_essence":"application/x-sh","charset":null},"blob_id":"653a441f774d3251f466b37599f576f2e659df9d","location":{"offset_span":{"start":2565,"end":2625},"source_span":{"start":{"line":70,"column":59},"end":{"line":70,"column":118}}},"groups":["c3RhdGljLXVzZXI=","JChvcGVuc3NsIHJhbmQgLWJhc2U2NCAxNik="],"snippet":{"before":"ken)\n\necho \"Logging in\"\nkubectl exec vault-0 -- vault login $ROOTTOKEN \n\necho \"Enabling kv-v2 kubernetes\"\nkubectl exec vault-0 -- vault secrets enable -path=secret kv-v2\n\necho \"Putting a secret in\"\nkubectl exec vault-0 -- vault kv put secret/webapp/config ","matching":"username=\"static-user\" password=\"$(openssl rand -base64 16)\"","after":"\n\necho \"Enable k8s auth\"\nkubectl exec vault-0 -- vault auth enable kubernetes\n\necho \"Writing k8s auth config\" \n\nkubectl exec vault-0 -- /bin/sh -c 'vault write auth/kubernetes/config \\\n token_reviewer_jwt=\"$(cat /var/run/secrets/kubernetes.io/servic"},"structural_id":"a1cd108348201e0f920b0b966d6843653831054b","rule_structural_id":"8cca3a4a548b00450bae08c40f5f33f06173b21f","rule_text_id":"np.generic.3","rule_name":"Generic Username and Password","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"39056f14229af2f3880ba85193f933059ac4828d","committer_name":"Jeroen Willemsen","committer_email":"jwillemsen@xebia.com","committer_timestamp":"1604430603 +0100","author_name":"Jeroen Willemsen","author_email":"jwillemsen@xebia.com","author_timestamp":"1604430603 +0100","message":"update\n"},"blob_path":"k8s-vault-minkube-start.sh"}}],"blob_metadata":{"id":"7da1220ff8fd5ce55a3e6adfe82605910c4efb0e","num_bytes":3682,"mime_essence":"application/x-sh","charset":null},"blob_id":"7da1220ff8fd5ce55a3e6adfe82605910c4efb0e","location":{"offset_span":{"start":2430,"end":2490},"source_span":{"start":{"line":70,"column":59},"end":{"line":70,"column":118}}},"groups":["c3RhdGljLXVzZXI=","JChvcGVuc3NsIHJhbmQgLWJhc2U2NCAxNik="],"snippet":{"before":"ken)\n\necho \"Logging in\"\nkubectl exec vault-0 -- vault login $ROOTTOKEN \n\necho \"Enabling kv-v2 kubernetes\"\nkubectl exec vault-0 -- vault secrets enable -path=secret kv-v2\n\necho \"Putting a secret in\"\nkubectl exec vault-0 -- vault kv put secret/webapp/config ","matching":"username=\"static-user\" password=\"$(openssl rand -base64 16)\"","after":"\n\necho \"Enable k8s auth\"\nkubectl exec vault-0 -- vault auth enable kubernetes\n\necho \"Writing k8s auth config\" \n#TODO: below should be executed on he host only, so pick it up from the pod!\nkubectl exec vault-0 -- vault write auth/kubernetes/config \\\n "},"structural_id":"8f41699c92acc6b1a85fbf4b0fee76b6afa52c9c","rule_structural_id":"8cca3a4a548b00450bae08c40f5f33f06173b21f","rule_text_id":"np.generic.3","rule_name":"Generic Username and Password","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"9521950b90ee23af6a5c95f9094f7f53f4dfe693","rule_name":"Generic Username and Password","rule_text_id":"np.generic.3","rule_structural_id":"8cca3a4a548b00450bae08c40f5f33f06173b21f","groups":["c3RhdGljLXVzZXI=","c3RhdGljLXBhc3N3b3Jk"],"num_matches":10,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"d6b18f36bc470399463ae34b7d2bd8a3ba6c6126","committer_name":"Jeroen Willemsen","committer_email":"jwillemsen@xebia.com","committer_timestamp":"1604393608 +0100","author_name":"Jeroen Willemsen","author_email":"jwillemsen@xebia.com","author_timestamp":"1604393608 +0100","message":"Updated script (working till k8s\n"},"blob_path":"k8s-vault-minkube-start.sh"}}],"blob_metadata":{"id":"00751cca0c9da1639ce36e69c86647d3afcb21a1","num_bytes":3162,"mime_essence":"application/x-sh","charset":null},"blob_id":"00751cca0c9da1639ce36e69c86647d3afcb21a1","location":{"offset_span":{"start":2947,"end":2996},"source_span":{"start":{"line":83,"column":39},"end":{"line":83,"column":87}}},"groups":["c3RhdGljLXVzZXI=","c3RhdGljLXBhc3N3b3Jk"],"snippet":{"before":" for webapp\"\nkubectl exec vault-0 -- vault write auth/kubernetes/role/webapp \\\n bound_service_account_names=vault \\\n bound_service_account_namespaces=default \\\n policies=webapp \\\n ttl=24h \\\n && vault kv put secret/webapp/config ","matching":"username=\"static-user\" password=\"static-password\"","after":"\n\n#kubectl apply -f k8s/secret-challenge-deployment.yml\n#kubectl expose deployment secret-challenge --type=LoadBalancer --port=8080\n#minikube service secret-challenge"},"structural_id":"3ea18eb858a2bebbccc79478bd392daba876f73e","rule_structural_id":"8cca3a4a548b00450bae08c40f5f33f06173b21f","rule_text_id":"np.generic.3","rule_name":"Generic Username and Password","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"255fb6def8a2546d29fb673fb55e94c0a9a4ee00","committer_name":"Jeroen Willemsen","committer_email":"jwillemsen@xebia.com","committer_timestamp":"1604295194 +0100","author_name":"Jeroen Willemsen","author_email":"jwillemsen@xebia.com","author_timestamp":"1604295194 +0100","message":"Processed feedback\n"},"blob_path":"k8s-vault-minkube-start.sh"}}],"blob_metadata":{"id":"39d7129d565c361b36b28d3f08ac7429b149be5e","num_bytes":2419,"mime_essence":"application/x-sh","charset":null},"blob_id":"39d7129d565c361b36b28d3f08ac7429b149be5e","location":{"offset_span":{"start":2204,"end":2253},"source_span":{"start":{"line":63,"column":108},"end":{"line":63,"column":156}}},"groups":["c3RhdGljLXVzZXI=","c3RhdGljLXBhc3N3b3Jk"],"snippet":{"before":"mes=vault \\\n bound_service_account_namespaces=default \\\n policies=webapp \\\n ttl=24h\ncat cluster-keys.json | jq -r \".root_token\"\nkubectl exec vault-0 login && vault secrets enable -path=secret kv-v2 && vault kv put secret/webapp/config ","matching":"username=\"static-user\" password=\"static-password\"","after":"\n\n#kubectl apply -f k8s/secret-challenge-deployment.yml\n#kubectl expose deployment secret-challenge --type=LoadBalancer --port=8080\n#minikube service secret-challenge"},"structural_id":"e768dc2f2936f6b49980a9be7bb3791497df896d","rule_structural_id":"8cca3a4a548b00450bae08c40f5f33f06173b21f","rule_text_id":"np.generic.3","rule_name":"Generic Username and Password","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"f72cdca5ddc696ddd03b0c1926379d6d618eadd5","committer_name":"GitHub","committer_email":"noreply@github.com","committer_timestamp":"1604486227 +0100","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1604486227 +0100","message":"Update k8s-vault-minkube-start.sh\n\nCo-authored-by: Ben de Haan <53901866+bendehaan@users.noreply.github.com>"},"blob_path":"k8s-vault-minkube-start.sh"}}],"blob_metadata":{"id":"611c57d0dd9f26eba2cb3689ecc8544e61c2e9b9","num_bytes":3828,"mime_essence":"application/x-sh","charset":null},"blob_id":"611c57d0dd9f26eba2cb3689ecc8544e61c2e9b9","location":{"offset_span":{"start":3560,"end":3609},"source_span":{"start":{"line":95,"column":39},"end":{"line":95,"column":87}}},"groups":["c3RhdGljLXVzZXI=","c3RhdGljLXBhc3N3b3Jk"],"snippet":{"before":" for webapp\"\nkubectl exec vault-0 -- vault write auth/kubernetes/role/webapp \\\n bound_service_account_names=vault \\\n bound_service_account_namespaces=default \\\n policies=webapp \\\n ttl=24h \\\n && vault kv put secret/webapp/config ","matching":"username=\"static-user\" password=\"static-password\"","after":"\n\nkubectl apply -f k8s/secret-challenge-deployment.yml\nkubectl expose deployment secret-challenge --type=LoadBalancer --port=8080\nkubectl port-forward secret-challenge 8080:8080 \n#or \n#minikube service secret-challenge\n"},"structural_id":"522f63916db353188ddab9414096210673e21085","rule_structural_id":"8cca3a4a548b00450bae08c40f5f33f06173b21f","rule_text_id":"np.generic.3","rule_name":"Generic Username and Password","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"6bd2fc96f6ca817526063128466d97d3ac22d631","rule_name":"GitHub Personal Access Token","rule_text_id":"np.github.1","rule_structural_id":"f6c4fca24a1c7f275d51d2718a1585ca6e4ae664","groups":["Z2hwX2cwR0FReXZQcGpiNFREcEZTUGZBckU2OE11U2JxUzRGR1ZFNA=="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"ade903e02bf5e9832a21f0f38ff1136ab4b497c5","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1653281696 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1650227203 +0200","message":"Added github access token for #201\n"},"blob_path":"secretscache/token"}}],"blob_metadata":{"id":"217e905d55d11baa4403d26e174cf98fa5168496","num_bytes":41,"mime_essence":null,"charset":null},"blob_id":"217e905d55d11baa4403d26e174cf98fa5168496","location":{"offset_span":{"start":0,"end":40},"source_span":{"start":{"line":1,"column":1},"end":{"line":1,"column":40}}},"groups":["Z2hwX2cwR0FReXZQcGpiNFREcEZTUGZBckU2OE11U2JxUzRGR1ZFNA=="],"snippet":{"before":"","matching":"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","after":"\n"},"structural_id":"aad91b86c86aa4d87732dcf1c41585f1214ff9a6","rule_structural_id":"f6c4fca24a1c7f275d51d2718a1585ca6e4ae664","rule_text_id":"np.github.1","rule_name":"GitHub Personal Access Token","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"90ab285686cd020122f3fe710a2a1b77e9c6e0b3","rule_name":"GitHub Personal Access Token (fine-grained permissions)","rule_text_id":"np.github.7","rule_structural_id":"8a8de711c438d48576508a096971b13135fb73cb","groups":["Z2l0aHViX3BhdF8xMUFDTDRTNFEwQ0xiY1ZySXowZ2ROX1NzWGdMRlpwNXVsdGN4NkNBdkJaQTlmeHNNNHpxRHVUZVYxbkFHTFpUeGI0NkE0Wkk2QnRwOVdFeDR2"],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"ca8ed47675496c48a8d801a5b4fe538312e22b7f","committer_name":"Rodolfo Cabral Neves","committer_email":"roddas360@gmail.com","committer_timestamp":"1696519709 -0300","author_name":"Rodolfo Cabral Neves","author_email":"roddas360@gmail.com","author_timestamp":"1696519709 -0300","message":" feat #984 : Add the main script\n"},"blob_path":"scripts/sort_contibutors/main.py"}}],"blob_metadata":{"id":"ea7626f56a7a81abf9769dae451666044eae5f62","num_bytes":1374,"mime_essence":"text/plain","charset":null},"blob_id":"ea7626f56a7a81abf9769dae451666044eae5f62","location":{"offset_span":{"start":1141,"end":1234},"source_span":{"start":{"line":38,"column":10},"end":{"line":38,"column":102}}},"groups":["Z2l0aHViX3BhdF8xMUFDTDRTNFEwQ0xiY1ZySXowZ2ROX1NzWGdMRlpwNXVsdGN4NkNBdkJaQTlmeHNNNHpxRHVUZVYxbkFHTFpUeGI0NkE0Wkk2QnRwOVdFeDR2"],"snippet":{"before":"st:\n\theaders = {'X-GitHub-Api-Version':'2022-11-28','Accept':'application/vnd.github+json','Authorization':'Bearer ' + user_token}\n\tr = requests.get('https://api.github.com/repos/OWASP/'+project+'/contributors',headers=headers)\n\treturn r.json()\n\t\ntoken = '","matching":"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","after":"'\nproject = 'wrongsecrets'\n\ncontributors_list = parse_contributor_list(get_contibutor_list(project,token))\nprint_list(contributors_list[1])\n"},"structural_id":"f8fa7e7f2f788acae3af96fe4e459091e6b95a8c","rule_structural_id":"8a8de711c438d48576508a096971b13135fb73cb","rule_text_id":"np.github.7","rule_name":"GitHub Personal Access Token (fine-grained permissions)","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"430a3b39efb937edef71eb3cf18e76532bea7fd5","rule_name":"GitLab Personal Access Token","rule_text_id":"np.gitlab.2","rule_structural_id":"c9d156209ee37a65c39b8845464831ca8936ff79","groups":["Z2xwYXQtNVB5N3loa0toR3JUVzZzd0tBeV8="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"ff2179e667e7a8cbbf994ffcf7b431ea53eb5414","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1655622003 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1655622003 +0200","message":"Added segment.io admin token #201\n"},"blob_path":"secretscache/gitlab/revoked_access_tokens.txt"}}],"blob_metadata":{"id":"b02b4a67f92ced4fcf47d5784f72017b26697cc1","num_bytes":90,"mime_essence":"text/plain","charset":null},"blob_id":"b02b4a67f92ced4fcf47d5784f72017b26697cc1","location":{"offset_span":{"start":5,"end":31},"source_span":{"start":{"line":1,"column":6},"end":{"line":1,"column":31}}},"groups":["Z2xwYXQtNVB5N3loa0toR3JUVzZzd0tBeV8="],"snippet":{"before":"PAT: ","matching":"glpat-5Py7yhkKhGrTW6swKAy_","after":"\nCalendar: RBKUnE1hzuWMTxAcxD9J\nMail: RG2UFyvxu84w8TTMbKRZ\n"},"structural_id":"6d98bf44886dfdcdb71392262fd6806e3461d0d0","rule_structural_id":"c9d156209ee37a65c39b8845464831ca8936ff79","rule_text_id":"np.gitlab.2","rule_name":"GitLab Personal Access Token","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"0267af8fb4a4efa5a061cfd920a4903ac27be4a8","rule_name":"Google API Key","rule_text_id":"np.google.5","rule_structural_id":"2574397bc0dd4560b0f59cbe1018bc33016e819b","groups":["QUl6YVN5QlNwSHZ0OGwxZjlxbHBwSnFRVzI4MHZHYWNYZ3dObnJr"],"num_matches":4,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"5dfc72f20ef5c048f1bc9afa1d94c7c0bf2df36c","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1692169868 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1692169868 +0200","message":"Add docs\n"},"blob_path":"src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge36.java"}}],"blob_metadata":{"id":"b65081351e1ec71d426addd36c55f723a695c893","num_bytes":1631,"mime_essence":"application/octet-stream","charset":null},"blob_id":"b65081351e1ec71d426addd36c55f723a695c893","location":{"offset_span":{"start":1581,"end":1621},"source_span":{"start":{"line":65,"column":13},"end":{"line":65,"column":52}}},"groups":["QUl6YVN5QlNwSHZ0OGwxZjlxbHBwSnFRVzI4MHZHYWNYZ3dObnJr"],"snippet":{"before":"lineHosted() {\n return false;\n }\n\n @Override\n public List supportedRuntimeEnvironments() {\n return List.of(RuntimeEnvironment.Environment.DOCKER);\n }\n\n private String getKey() {\n //google api key\n return \"","matching":"AIzaSyBSpHvt8l1f9qlppJqQW280vGacXgwNnrk\"","after":";\n }\n\n\n}\n"},"structural_id":"04d00ff2f88309a0f6cc04167a7698581a814b2a","rule_structural_id":"2574397bc0dd4560b0f59cbe1018bc33016e819b","rule_text_id":"np.google.5","rule_name":"Google API Key","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"92740436df98d0d100f4c6457a9fb58199958fbc","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1692161491 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1692161491 +0200","message":"Add experimental key\n"},"blob_path":"src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge36.java"}}],"blob_metadata":{"id":"bf79098769f91bc9e5d63e9c81953e429a07b031","num_bytes":1745,"mime_essence":"application/octet-stream","charset":null},"blob_id":"bf79098769f91bc9e5d63e9c81953e429a07b031","location":{"offset_span":{"start":1695,"end":1735},"source_span":{"start":{"line":67,"column":13},"end":{"line":67,"column":52}}},"groups":["QUl6YVN5QlNwSHZ0OGwxZjlxbHBwSnFRVzI4MHZHYWNYZ3dObnJr"],"snippet":{"before":"lineHosted() {\n return false;\n }\n\n @Override\n public List supportedRuntimeEnvironments() {\n return List.of(RuntimeEnvironment.Environment.DOCKER);\n }\n\n private String getKey() {\n //google api key\n return \"","matching":"AIzaSyBSpHvt8l1f9qlppJqQW280vGacXgwNnrk\"","after":";\n }\n\n\n}\n"},"structural_id":"5e86afe4c8673bc81f55bee3422f692fcc0fc5ac","rule_structural_id":"2574397bc0dd4560b0f59cbe1018bc33016e819b","rule_text_id":"np.google.5","rule_name":"Google API Key","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"8ccc3f982bcfc89bc629a6b30bc3b2a9e883359e","committer_name":"GitHub","committer_email":"noreply@github.com","committer_timestamp":"1692170466 +0000","author_name":"pre-commit-ci-lite[bot]","author_email":"117423508+pre-commit-ci-lite[bot]@users.noreply.github.com","author_timestamp":"1692170466 +0000","message":"[pre-commit.ci lite] apply automatic fixes"},"blob_path":"src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge36.java"}}],"blob_metadata":{"id":"e350ade649fb48c8615108b1dd66baad62a527aa","num_bytes":1624,"mime_essence":"application/octet-stream","charset":null},"blob_id":"e350ade649fb48c8615108b1dd66baad62a527aa","location":{"offset_span":{"start":1576,"end":1616},"source_span":{"start":{"line":63,"column":13},"end":{"line":63,"column":52}}},"groups":["QUl6YVN5QlNwSHZ0OGwxZjlxbHBwSnFRVzI4MHZHYWNYZ3dObnJr"],"snippet":{"before":"nlineHosted() {\n return false;\n }\n\n @Override\n public List supportedRuntimeEnvironments() {\n return List.of(RuntimeEnvironment.Environment.DOCKER);\n }\n\n private String getKey() {\n // google api key\n return \"","matching":"AIzaSyBSpHvt8l1f9qlppJqQW280vGacXgwNnrk\"","after":";\n }\n}\n"},"structural_id":"1356f42c72da0485d20b872dcfc4a59a04349ba0","rule_structural_id":"2574397bc0dd4560b0f59cbe1018bc33016e819b","rule_text_id":"np.google.5","rule_name":"Google API Key","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"58c620bd85b8287ec6b1bb9baef7d0c9ae9e0172","rule_name":"Google API Key","rule_text_id":"np.google.5","rule_structural_id":"2574397bc0dd4560b0f59cbe1018bc33016e819b","groups":["QUl6YVN5QmdRM29ZV3FmR3VGNloya0ZIYkl2dzBHTDJHY3l2QU9v"],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"da6446dd45adf849b72dfa118bb1f9adf8608432","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1655529712 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1655529712 +0200","message":"Made the secrets cache easier to overview in #201\n"},"blob_path":"secretscache/firebase/google-services.json"}}],"blob_metadata":{"id":"a1ebecd777886802cf0bdf167743adc17889dd80","num_bytes":1006,"mime_essence":"application/json","charset":null},"blob_id":"a1ebecd777886802cf0bdf167743adc17889dd80","location":{"offset_span":{"start":617,"end":657},"source_span":{"start":{"line":23,"column":27},"end":{"line":23,"column":66}}},"groups":["QUl6YVN5QmdRM29ZV3FmR3VGNloya0ZIYkl2dzBHTDJHY3l2QU9v"],"snippet":{"before":"s\"\n }\n },\n \"oauth_client\": [\n {\n \"client_id\": \"368606766077-9h639dm2huccj5bmb9gd6aapuimcgihf.apps.googleusercontent.com\",\n \"client_type\": 3\n }\n ],\n \"api_key\": [\n {\n \"current_key\": \"","matching":"AIzaSyBgQ3oYWqfGuF6Z2kFHbIvw0GL2GcyvAOo\"","after":"\n }\n ],\n \"services\": {\n \"appinvite_service\": {\n \"other_platform_oauth_client\": [\n {\n \"client_id\": \"368606766077-9h639dm2huccj5bmb9gd6aapuimcgihf.apps.googleusercontent.com\",\n \"client_typ"},"structural_id":"d5726bc9dbaa3e8c272948ccd05c1e6ff50c56df","rule_structural_id":"2574397bc0dd4560b0f59cbe1018bc33016e819b","rule_text_id":"np.google.5","rule_name":"Google API Key","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"60c5f47b58e4414a214a79d4d004619b91a56eb9","rule_name":"HTTP Basic Authentication","rule_text_id":"np.http.1","rule_structural_id":"83c76359a051a0490f1d57406bccfdd289cb113d","groups":["UVd4aFpHUnBianB2Y0dWdUlITmxjMkZ0WlE9PQ=="],"num_matches":2,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"ae013ddca2804e0059e91fa693cc12a7f9e09d02","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1653721229 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1653721229 +0200","message":"Merge branch 'master' into experiment-bed\n"},"blob_path":"secretscache/curl.sh"}}],"blob_metadata":{"id":"03643e2808d897e4238f7994a5a7da37c7fbc6d5","num_bytes":129,"mime_essence":"application/x-sh","charset":null},"blob_id":"03643e2808d897e4238f7994a5a7da37c7fbc6d5","location":{"offset_span":{"start":21,"end":71},"source_span":{"start":{"line":3,"column":9},"end":{"line":3,"column":58}}},"groups":["UVd4aFpHUnBianB2Y0dWdUlITmxjMkZ0WlE9PQ=="],"snippet":{"before":"#!/bin/bash\n\ncurl -H ","matching":"Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== ","after":"https://en.wikipedia.org/wiki/Basic_access_authentication\n"},"structural_id":"464c7549cfcd3a05199ff3e7094b968eb39cebfe","rule_structural_id":"83c76359a051a0490f1d57406bccfdd289cb113d","rule_text_id":"np.http.1","rule_name":"HTTP Basic Authentication","score":null,"comment":null,"status":null,"redundant_to":[]},{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"f62c9fd5d5ac5c0add01cb3f02055404d19da7e9","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1693794249 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1693794249 +0200","message":"silly setup for getting challenge to work\n"},"blob_path":".github/workflows/dast-zap-test.yml"}}],"blob_metadata":{"id":"e50dcdfb4b5d6af494a1f91de0e67458a0de0990","num_bytes":1041,"mime_essence":"text/x-yaml","charset":null},"blob_id":"e50dcdfb4b5d6af494a1f91de0e67458a0de0990","location":{"offset_span":{"start":766,"end":816},"source_span":{"start":{"line":29,"column":35},"end":{"line":29,"column":84}}},"groups":["UVd4aFpHUnBianB2Y0dWdUlITmxjMkZ0WlE9PQ=="],"snippet":{"before":".skip=true -Dexec.skip\n - name: Start wrongsecrets\n run: nohup ./mvnw spring-boot:run -Dspring-boot.run.profiles=without-vault &\n - name: ZAP Scan\n uses: zaproxy/action-baseline@v0.9.0\n env:\n ZAP_AUTH_HEADER_VALUE: \"","matching":"Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==\"","after":"\n with:\n allow_issue_writing: false\n docker_name: \"owasp/zap2docker-stable\"\n target: \"http://localhost:8080\"\n rules_file_name: config/zap/rule-config.tsv\n fail_action: true\n"},"structural_id":"1b767368fbca584eb01aba2c152c44179d2121f1","rule_structural_id":"83c76359a051a0490f1d57406bccfdd289cb113d","rule_text_id":"np.http.1","rule_name":"HTTP Basic Authentication","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"c753b17c895df529327b5a0823b9413455bc8b7d","rule_name":"Hardcoded Gradle Credentials","rule_text_id":"np.gradle.1","rule_structural_id":"a12f90a50f965526bfcf34016b914665483c389d","groups":["YWFkbWlu","bm90YXBhc3N3b3Jk"],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"3f7c9d3531e919508587da3a0855e755b37b79b6","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1653721717 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1653721717 +0200","message":"add a few mor secrets for #201\n"},"blob_path":"secretscache/gradle/build.gradle"}}],"blob_metadata":{"id":"698d1a63b99b948f85bb9b09455759bb40d1c207","num_bytes":173,"mime_essence":null,"charset":null},"blob_id":"698d1a63b99b948f85bb9b09455759bb40d1c207","location":{"offset_span":{"start":75,"end":154},"source_span":{"start":{"line":4,"column":9},"end":{"line":6,"column":35}}},"groups":["YWFkbWlu","bm90YXBhc3N3b3Jk"],"snippet":{"before":"repositories {\n maven {\n url \"http://repo.mycompany.com\"\n ","matching":"credentials {\n username \"aadmin\"\n password \"notapassword\"","after":"\n }\n }\n}\n"},"structural_id":"7d76ab48ae1eb825470a018cd3a71d3493e2ad12","rule_structural_id":"a12f90a50f965526bfcf34016b914665483c389d","rule_text_id":"np.gradle.1","rule_name":"Hardcoded Gradle Credentials","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"b33ada155b6fb43aa0593b81634eaf94dd93b189","rule_name":"JSON Web Token (base64url-encoded)","rule_text_id":"np.jwt.1","rule_structural_id":"6e2b42f8571e4534c13a22f26a39c78b0596edb7","groups":["ZXlKaGJHY2lPaUpGVXpJMU5pSXNJbXRwWkNJNkluVnBhV3huTW05dmVIaGpOSGhzTm10bVlYWjFjbWh2TkRWMUlpd2lkSGx3SWpvaVNsZFVJbjAuZXlJeGNHRnpjM2R2Y21RdVkyOXRMMkYxZFdsa0lqb2lUMHMyVERkV016UlJUa2RSTjFCYVZsazNRbGxJUWxaTU5WRWlMQ0l4Y0dGemMzZHZjbVF1WTI5dEwzUnZhMlZ1SWpvaVZURjRjR2hpWVRkMmFUWnROSEJIU0RaUk5uSkpRVjlxUW1vd2RqRkljellpTENJeGNHRnpjM2R2Y21RdVkyOXRMMlowY3lJNld5SjJZWFZzZEdGalkyVnpjeUpkTENJeGNHRnpjM2R2Y21RdVkyOXRMM1owY3lJNlczc2lkU0k2SW5KeU1uQmtjVzVsZDJZeWRIaHFZalZ3TWpkclpYbHplR0p4SWl3aVlTSTZORGg5WFN3aVlYVmtJanBiSW1OdmJTNHhjR0Z6YzNkdmNtUXVZMjl1Ym1WamRDSmRMQ0p6ZFdJaU9pSkxSVll5UVROTVFqWkdSemRXVEV4TU5rcFlWRXBhU0VaUVdTSXNJbVY0Y0NJNk1UWTFPVEV6T1RFNU9Td2lhV0YwSWpveE5qVTJORGMyT1RBM0xDSnBjM01pT2lKamIyMHVNWEJoYzNOM2IzSmtMbUkxSWl3aWFuUnBJam9pYVhBMGFIUmxibWx0Ympka1lXOXVZV0p6YVdGcWNUSXpaMkVpZlEuZTZMRjFyd1lqRGZOQmhlLXRNbl9pRUtQMkwyWVhlVWVfQ1IxaFBJbUJqVkFsZFRqLWhadmdYR3I1dmNLYnBVX2lMai1SVW9oTUdYVnJiVTAyWXpPWWc="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"ce6451a2b7218680f16ba4983c39be6f12c08e18","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1656477757 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1656477757 +0200","message":"Added 1password for #201\n"},"blob_path":"secretscache/1password/accesstoken.txt"}}],"blob_metadata":{"id":"f249e323f168bdaac0e5f57b67fb55715ff6fc1c","num_bytes":665,"mime_essence":"text/plain","charset":null},"blob_id":"f249e323f168bdaac0e5f57b67fb55715ff6fc1c","location":{"offset_span":{"start":0,"end":665},"source_span":{"start":{"line":1,"column":1},"end":{"line":1,"column":665}}},"groups":["ZXlKaGJHY2lPaUpGVXpJMU5pSXNJbXRwWkNJNkluVnBhV3huTW05dmVIaGpOSGhzTm10bVlYWjFjbWh2TkRWMUlpd2lkSGx3SWpvaVNsZFVJbjAuZXlJeGNHRnpjM2R2Y21RdVkyOXRMMkYxZFdsa0lqb2lUMHMyVERkV016UlJUa2RSTjFCYVZsazNRbGxJUWxaTU5WRWlMQ0l4Y0dGemMzZHZjbVF1WTI5dEwzUnZhMlZ1SWpvaVZURjRjR2hpWVRkMmFUWnROSEJIU0RaUk5uSkpRVjlxUW1vd2RqRkljellpTENJeGNHRnpjM2R2Y21RdVkyOXRMMlowY3lJNld5SjJZWFZzZEdGalkyVnpjeUpkTENJeGNHRnpjM2R2Y21RdVkyOXRMM1owY3lJNlczc2lkU0k2SW5KeU1uQmtjVzVsZDJZeWRIaHFZalZ3TWpkclpYbHplR0p4SWl3aVlTSTZORGg5WFN3aVlYVmtJanBiSW1OdmJTNHhjR0Z6YzNkdmNtUXVZMjl1Ym1WamRDSmRMQ0p6ZFdJaU9pSkxSVll5UVROTVFqWkdSemRXVEV4TU5rcFlWRXBhU0VaUVdTSXNJbVY0Y0NJNk1UWTFPVEV6T1RFNU9Td2lhV0YwSWpveE5qVTJORGMyT1RBM0xDSnBjM01pT2lKamIyMHVNWEJoYzNOM2IzSmtMbUkxSWl3aWFuUnBJam9pYVhBMGFIUmxibWx0Ympka1lXOXVZV0p6YVdGcWNUSXpaMkVpZlEuZTZMRjFyd1lqRGZOQmhlLXRNbl9pRUtQMkwyWVhlVWVfQ1IxaFBJbUJqVkFsZFRqLWhadmdYR3I1dmNLYnBVX2lMai1SVW9oTUdYVnJiVTAyWXpPWWc="],"snippet":{"before":"","matching":"eyJhbGciOiJFUzI1NiIsImtpZCI6InVpaWxnMm9veHhjNHhsNmtmYXZ1cmhvNDV1IiwidHlwIjoiSldUIn0.eyIxcGFzc3dvcmQuY29tL2F1dWlkIjoiT0s2TDdWMzRRTkdRN1BaVlk3QllIQlZMNVEiLCIxcGFzc3dvcmQuY29tL3Rva2VuIjoiVTF4cGhiYTd2aTZtNHBHSDZRNnJJQV9qQmowdjFIczYiLCIxcGFzc3dvcmQuY29tL2Z0cyI6WyJ2YXVsdGFjY2VzcyJdLCIxcGFzc3dvcmQuY29tL3Z0cyI6W3sidSI6InJyMnBkcW5ld2YydHhqYjVwMjdrZXlzeGJxIiwiYSI6NDh9XSwiYXVkIjpbImNvbS4xcGFzc3dvcmQuY29ubmVjdCJdLCJzdWIiOiJLRVYyQTNMQjZGRzdWTExMNkpYVEpaSEZQWSIsImV4cCI6MTY1OTEzOTE5OSwiaWF0IjoxNjU2NDc2OTA3LCJpc3MiOiJjb20uMXBhc3N3b3JkLmI1IiwianRpIjoiaXA0aHRlbmltbjdkYW9uYWJzaWFqcTIzZ2EifQ.e6LF1rwYjDfNBhe-tMn_iEKP2L2YXeUe_CR1hPImBjVAldTj-hZvgXGr5vcKbpU_iLj-RUohMGXVrbU02YzOYg","after":""},"structural_id":"105a5b29dfb3d60b4e941133cc464f9c0d8293b3","rule_structural_id":"6e2b42f8571e4534c13a22f26a39c78b0596edb7","rule_text_id":"np.jwt.1","rule_name":"JSON Web Token (base64url-encoded)","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"1f0747f7e41976c37054e342011438fac87498aa","rule_name":"JSON Web Token (base64url-encoded)","rule_text_id":"np.jwt.1","rule_structural_id":"6e2b42f8571e4534c13a22f26a39c78b0596edb7","groups":["ZXlKaGJHY2lPaUpTVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SnpkV0lpT2lJeE1qTTBOVFkzT0Rrd0lpd2libUZ0WlNJNklrcHZhRzRnUkc5bElpd2lZV1J0YVc0aU9uUnlkV1VzSW1saGRDSTZNVFV4TmpJek9UQXlNbjAuTkhWYVllMjZNYnRPWWhTS2tvS1lkRlZvbWc0aThaSmQ4Xy1SVThWTmJmdGM0VFNNYjRiWFAzbDNZbE5XQUN3eVhQR2ZmejVhWEhjNmx0eTFZMnQ0U1dScUd0ZXJhZ3NWZFp1ZkRuNUJsbkpsOXBkUl9rZFZGVXNyYTJyV0tFb2ZrWmVJQzR5V3l0RTU4c01JaWh2bzlIMVNjbW1Wd0JjUVA2WEVUcVlkMGFTSHAxZ09hOVJkVVBEdm9YUTVvcXlnVHFWdHhhRHI2d1VGS3JLSXRnQk16V0lkTlo2eTdPOUUwRGhFUFRiRTlyZkJvNktURnNIQVpuTWc0azY4Q0RwMndvWUlhWGJtWVRXY3Ziekl1SE83XzM3R1Q3OVhkSXdrbTk1UUo3aFlDOVJpd3JWN21lc2JZNFBBYWhFUkphd250aG8wbXk5NDJYaGVWTG1Hd0xNQmtR"],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"b3a4110481b3eaf973b33bf12829b6ae3e85e8b6","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1655623794 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1655623794 +0200","message":"added JWT with keys #201\n"},"blob_path":"secretscache/jwt/jwt.txt"}}],"blob_metadata":{"id":"65ba47f9f492716d579e88b89a7afaa692e34e39","num_bytes":471,"mime_essence":"text/plain","charset":null},"blob_id":"65ba47f9f492716d579e88b89a7afaa692e34e39","location":{"offset_span":{"start":0,"end":471},"source_span":{"start":{"line":1,"column":1},"end":{"line":1,"column":471}}},"groups":["ZXlKaGJHY2lPaUpTVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SnpkV0lpT2lJeE1qTTBOVFkzT0Rrd0lpd2libUZ0WlNJNklrcHZhRzRnUkc5bElpd2lZV1J0YVc0aU9uUnlkV1VzSW1saGRDSTZNVFV4TmpJek9UQXlNbjAuTkhWYVllMjZNYnRPWWhTS2tvS1lkRlZvbWc0aThaSmQ4Xy1SVThWTmJmdGM0VFNNYjRiWFAzbDNZbE5XQUN3eVhQR2ZmejVhWEhjNmx0eTFZMnQ0U1dScUd0ZXJhZ3NWZFp1ZkRuNUJsbkpsOXBkUl9rZFZGVXNyYTJyV0tFb2ZrWmVJQzR5V3l0RTU4c01JaWh2bzlIMVNjbW1Wd0JjUVA2WEVUcVlkMGFTSHAxZ09hOVJkVVBEdm9YUTVvcXlnVHFWdHhhRHI2d1VGS3JLSXRnQk16V0lkTlo2eTdPOUUwRGhFUFRiRTlyZkJvNktURnNIQVpuTWc0azY4Q0RwMndvWUlhWGJtWVRXY3Ziekl1SE83XzM3R1Q3OVhkSXdrbTk1UUo3aFlDOVJpd3JWN21lc2JZNFBBYWhFUkphd250aG8wbXk5NDJYaGVWTG1Hd0xNQmtR"],"snippet":{"before":"","matching":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.NHVaYe26MbtOYhSKkoKYdFVomg4i8ZJd8_-RU8VNbftc4TSMb4bXP3l3YlNWACwyXPGffz5aXHc6lty1Y2t4SWRqGteragsVdZufDn5BlnJl9pdR_kdVFUsra2rWKEofkZeIC4yWytE58sMIihvo9H1ScmmVwBcQP6XETqYd0aSHp1gOa9RdUPDvoXQ5oqygTqVtxaDr6wUFKrKItgBMzWIdNZ6y7O9E0DhEPTbE9rfBo6KTFsHAZnMg4k68CDp2woYIaXbmYTWcvbzIuHO7_37GT79XdIwkm95QJ7hYC9RiwrV7mesbY4PAahERJawntho0my942XheVLmGwLMBkQ","after":""},"structural_id":"a95366399dc670d4b155061de1ec1ecb3d2efd83","rule_structural_id":"6e2b42f8571e4534c13a22f26a39c78b0596edb7","rule_text_id":"np.jwt.1","rule_name":"JSON Web Token (base64url-encoded)","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"3c83ac99b70dbd5190f5ef0efab27dec109b7aa3","rule_name":"PEM-Encoded Private Key","rule_text_id":"np.pem.1","rule_structural_id":"046a96dd5272aa399275afb853a54884611769c0","groups":["TUhjQ0FRRUVJRVF5VDlQMkUyUVNoeEZSWUMwV1FNekl5RXBST2hLVjg4MGdSNFA5YTUwQW9Bb0dDQ3FHU000OQpBd0VIb1VRRFFnQUUrQVU1OWowd2libGw3RHc2VTVPcmM2N3d0cHJQS3JEcWFOaUJXUjRiR3B2bVo2bFF6L2ZYCktpaGpneWZSU0lhTFA5VEZiR3NMUjFTa3crYWpKVTdIRlE9PQo="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"546451ada89cfebfdbdfce7c1bfcb8f5931ee745","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1653281695 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1650226987 +0200","message":"Added RSA/ECC keys for #201\n"},"blob_path":"secretscache/keys/eccprivate-key.pem"}}],"blob_metadata":{"id":"91278c54477f5a251e10e4e7c500f05862c6ca7f","num_bytes":227,"mime_essence":"application/x-x509-ca-cert","charset":null},"blob_id":"91278c54477f5a251e10e4e7c500f05862c6ca7f","location":{"offset_span":{"start":0,"end":226},"source_span":{"start":{"line":1,"column":1},"end":{"line":5,"column":28}}},"groups":["TUhjQ0FRRUVJRVF5VDlQMkUyUVNoeEZSWUMwV1FNekl5RXBST2hLVjg4MGdSNFA5YTUwQW9Bb0dDQ3FHU000OQpBd0VIb1VRRFFnQUUrQVU1OWowd2libGw3RHc2VTVPcmM2N3d0cHJQS3JEcWFOaUJXUjRiR3B2bVo2bFF6L2ZYCktpaGpneWZSU0lhTFA5VEZiR3NMUjFTa3crYWpKVTdIRlE9PQo="],"snippet":{"before":"","matching":"-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIEQyT9P2E2QShxFRYC0WQMzIyEpROhKV880gR4P9a50AoAoGCCqGSM49\nAwEHoUQDQgAE+AU59j0wibll7Dw6U5Orc67wtprPKrDqaNiBWR4bGpvmZ6lQz/fX\nKihjgyfRSIaLP9TFbGsLR1Skw+ajJU7HFQ==\n-----END EC PRIVATE KEY-----","after":"\n"},"structural_id":"0ec652afaeb5dfa032abe8a58df816323c5622d8","rule_structural_id":"046a96dd5272aa399275afb853a54884611769c0","rule_text_id":"np.pem.1","rule_name":"PEM-Encoded Private Key","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"3e348cf2520dd9b40880ca270e2914ab930d9d00","rule_name":"PEM-Encoded Private Key","rule_text_id":"np.pem.1","rule_structural_id":"046a96dd5272aa399275afb853a54884611769c0","groups":["TUlJRXZ3SUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2t3Z2dTbEFnRUFBb0lCQVFDN1ZKVFV0OVVzOGNLagpNekVmWXlqaVdBNFI0L00yYlMxR0I0dDdOWHA5OEMzU0M2ZFZNdkR1aWN0R2V1clQ4ak5idkpaSHRDU3VZRXZ1Ck5Nb1NmbTc2b3FGdkFwOEd5MGl6NXN4alptU25YeUNkUEVvdkdoTGEwVnpNYVE4cytDTE95UzU2WXlDRkdlSloKcWd0eko2R1IzZXFvWVNXOWI5VU12a0JwWk9EU2N0V1NOR2ozUDdqUkZETzVWb1R3Q1FBV2JGbk9qRGZINVVsZwpwMlBLU1FuU0pQM0FKTFFORk5lN2JyMVhicmhWLy9lTyt0NTFtSXBHU0RDVXYzRTBEREZjV0RUSDljWERUVGxSClpWRWlSMkJ3cFpPT2tFL1owL0JWbmhaWUw3MW9aVjM0YktmV2pRSXQ2Vi9pc1NNYWhkc0FBU0FDcDRaVEd0d2kKVnVOZDl0eWJBZ01CQUFFQ2dnRUJBS1RtamFTNnRrSzhCbFBYQ2xUUTJ2cHovTjZ1eERlUzM1bVhwcWFzcXNrVgpsYUFpZGdnL3NXcXBqWERiWHI5M290SU1MbFdzTStYMENxTURnU1hLZWpMUzJqeDRHRGpJMVpUWGcrKzBBTUo4CnNKNzRwV3pWRE9mbUNFUS83d1hzMytjYm5YaEtyaU84WjAzNnE5MlFjMStOODdTSTM4bmtHYTBBQkg5Q044M0gKbVFxdDRmQjdVZEh6dUlSZS9tZTJQR2hJcTVaQnpqNmgzQnBvUEd6RVAreDNsOVltSzh0LzFjTjBwcUkrZFF3WQpkZ2ZHamFja0x1LzJxSDgwTUNGN0l5UWFzZVpVT0p5S3JDTHRTRC9JaXh2L2h6REVVUGZPQ2pGRGdUcHpmM2N3CnRhOCtvRTR3SENvMWlJMS80VGxQa3dtWHg0cVNYdG13NGFRUHo3SURRdkVDZ1lFQThLTlRoQ08yZ3NDMkk5UFEKRE0vOEN3ME85ODNXQ0RZK29pKzdKUGlOQUp3djVEWUJxRVpCMVFZZGowNllEMTZYbEMvSEFaTXNNa3UxbmEyVApOMGRyaXdlblFRV3pvZXYzZzJTN2dSRG9TL0ZDSlNJM2pKK2tqZ3RhQTdRbXpsZ2sxVHhPRE4rRzFIOTFIVzd0CjBsN1ZuTDI3SVd5WW8ycVJSSzNqenhxVWlQVUNnWUVBeDBvUXMycmVCUUdNVlpuQXBEMWplcTduNE12TkxjUHYKdDhiL2VVOWlVdjZZNE1qMFN1by9BVThsWVpYbTh1YmJxQWx3ejJWU1Z1bkQydE9wbEh5TVVydEN0T2JBZlZEVQpBaENuZEthQTlnQXBnZmIzeHcxSUtidVExdTRJRjFGSmwzVnR1bWZRbi8vTGlIMUIzclhoY2R5bzMvdkl0dEVrCjQ4UmFrVUtDbFU4Q2dZRUF6VjdXM0NPT2xERGNRZDkzNURkdEtCRlJBUFJQQWxzcFFVbnpNaTVlU0hNRC9JU0wKRFk1SWlRSGJJSDgzRDRidlhxMFg3cVFvU0JTTlA3RHZ2M0hZdXFNaGYwRGFlZ3JsQnVKbGxGVlZxOXFQVlJuSwp4dDFJbDJIZ3hPQnZiaE9UKzlpbjFCekErWUo5OVV6Qzg1TzBRejA2QStDbXRIRXk0YVoya2o1aEhqRUNnWUVBCm1OUzQrQThGa3NzOEpzMVJpZUsyTG5pQnhNZ21ZbWwzcGZWTEtHbnptbmc3SDIrY3dQTGhQSXpJdXd5dFh5d2gKMmJ6YnNZRWZZeDNFb0VWZ01FcFBob2FyUW5ZUHVrckpPNGd3RTJvNVRlNlQ1bUpTWkdsUUpRajlxNFpCMkRmegpldDZJTnNLMG9HOFhWR1hTcFF2UWgzUlVZZWtDWlFrQkJGY3BxV3BiSUVzQ2dZQW5NM0RRZjNGSm9TblhhTWhyClZCSW92aWM1bDB4RmtFSHNrQWpGVGV2Tzg2RnN6MUMyYVNlUktTcUdGb09RMHRtSnpCRXMxUjZLcW5ISW5pY0QKVFFyS2hBcmdMWFg0djNDZGRqZlRSSmtGV0RiRS9Da3ZLWk5PcmNmMW5oYUdDUHNwUkpqMktVa2oxRmhsOUNuYwpkbi9Sc1lFT05id1FTaklmTVBrdnhGKzhIUT09Cg=="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"b3a4110481b3eaf973b33bf12829b6ae3e85e8b6","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1655623794 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1655623794 +0200","message":"added JWT with keys #201\n"},"blob_path":"secretscache/jwt/privatekey.txt"}}],"blob_metadata":{"id":"3314ab6e7a5c175778131071bf423b2e6cecd847","num_bytes":1707,"mime_essence":"text/plain","charset":null},"blob_id":"3314ab6e7a5c175778131071bf423b2e6cecd847","location":{"offset_span":{"start":0,"end":1707},"source_span":{"start":{"line":1,"column":1},"end":{"line":28,"column":25}}},"groups":["TUlJRXZ3SUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2t3Z2dTbEFnRUFBb0lCQVFDN1ZKVFV0OVVzOGNLagpNekVmWXlqaVdBNFI0L00yYlMxR0I0dDdOWHA5OEMzU0M2ZFZNdkR1aWN0R2V1clQ4ak5idkpaSHRDU3VZRXZ1Ck5Nb1NmbTc2b3FGdkFwOEd5MGl6NXN4alptU25YeUNkUEVvdkdoTGEwVnpNYVE4cytDTE95UzU2WXlDRkdlSloKcWd0eko2R1IzZXFvWVNXOWI5VU12a0JwWk9EU2N0V1NOR2ozUDdqUkZETzVWb1R3Q1FBV2JGbk9qRGZINVVsZwpwMlBLU1FuU0pQM0FKTFFORk5lN2JyMVhicmhWLy9lTyt0NTFtSXBHU0RDVXYzRTBEREZjV0RUSDljWERUVGxSClpWRWlSMkJ3cFpPT2tFL1owL0JWbmhaWUw3MW9aVjM0YktmV2pRSXQ2Vi9pc1NNYWhkc0FBU0FDcDRaVEd0d2kKVnVOZDl0eWJBZ01CQUFFQ2dnRUJBS1RtamFTNnRrSzhCbFBYQ2xUUTJ2cHovTjZ1eERlUzM1bVhwcWFzcXNrVgpsYUFpZGdnL3NXcXBqWERiWHI5M290SU1MbFdzTStYMENxTURnU1hLZWpMUzJqeDRHRGpJMVpUWGcrKzBBTUo4CnNKNzRwV3pWRE9mbUNFUS83d1hzMytjYm5YaEtyaU84WjAzNnE5MlFjMStOODdTSTM4bmtHYTBBQkg5Q044M0gKbVFxdDRmQjdVZEh6dUlSZS9tZTJQR2hJcTVaQnpqNmgzQnBvUEd6RVAreDNsOVltSzh0LzFjTjBwcUkrZFF3WQpkZ2ZHamFja0x1LzJxSDgwTUNGN0l5UWFzZVpVT0p5S3JDTHRTRC9JaXh2L2h6REVVUGZPQ2pGRGdUcHpmM2N3CnRhOCtvRTR3SENvMWlJMS80VGxQa3dtWHg0cVNYdG13NGFRUHo3SURRdkVDZ1lFQThLTlRoQ08yZ3NDMkk5UFEKRE0vOEN3ME85ODNXQ0RZK29pKzdKUGlOQUp3djVEWUJxRVpCMVFZZGowNllEMTZYbEMvSEFaTXNNa3UxbmEyVApOMGRyaXdlblFRV3pvZXYzZzJTN2dSRG9TL0ZDSlNJM2pKK2tqZ3RhQTdRbXpsZ2sxVHhPRE4rRzFIOTFIVzd0CjBsN1ZuTDI3SVd5WW8ycVJSSzNqenhxVWlQVUNnWUVBeDBvUXMycmVCUUdNVlpuQXBEMWplcTduNE12TkxjUHYKdDhiL2VVOWlVdjZZNE1qMFN1by9BVThsWVpYbTh1YmJxQWx3ejJWU1Z1bkQydE9wbEh5TVVydEN0T2JBZlZEVQpBaENuZEthQTlnQXBnZmIzeHcxSUtidVExdTRJRjFGSmwzVnR1bWZRbi8vTGlIMUIzclhoY2R5bzMvdkl0dEVrCjQ4UmFrVUtDbFU4Q2dZRUF6VjdXM0NPT2xERGNRZDkzNURkdEtCRlJBUFJQQWxzcFFVbnpNaTVlU0hNRC9JU0wKRFk1SWlRSGJJSDgzRDRidlhxMFg3cVFvU0JTTlA3RHZ2M0hZdXFNaGYwRGFlZ3JsQnVKbGxGVlZxOXFQVlJuSwp4dDFJbDJIZ3hPQnZiaE9UKzlpbjFCekErWUo5OVV6Qzg1TzBRejA2QStDbXRIRXk0YVoya2o1aEhqRUNnWUVBCm1OUzQrQThGa3NzOEpzMVJpZUsyTG5pQnhNZ21ZbWwzcGZWTEtHbnptbmc3SDIrY3dQTGhQSXpJdXd5dFh5d2gKMmJ6YnNZRWZZeDNFb0VWZ01FcFBob2FyUW5ZUHVrckpPNGd3RTJvNVRlNlQ1bUpTWkdsUUpRajlxNFpCMkRmegpldDZJTnNLMG9HOFhWR1hTcFF2UWgzUlVZZWtDWlFrQkJGY3BxV3BiSUVzQ2dZQW5NM0RRZjNGSm9TblhhTWhyClZCSW92aWM1bDB4RmtFSHNrQWpGVGV2Tzg2RnN6MUMyYVNlUktTcUdGb09RMHRtSnpCRXMxUjZLcW5ISW5pY0QKVFFyS2hBcmdMWFg0djNDZGRqZlRSSmtGV0RiRS9Da3ZLWk5PcmNmMW5oYUdDUHNwUkpqMktVa2oxRmhsOUNuYwpkbi9Sc1lFT05id1FTaklmTVBrdnhGKzhIUT09Cg=="],"snippet":{"before":"","matching":"-----BEGIN PRIVATE KEY-----\nMIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC7VJTUt9Us8cKj\nMzEfYyjiWA4R4/M2bS1GB4t7NXp98C3SC6dVMvDuictGeurT8jNbvJZHtCSuYEvu\nNMoSfm76oqFvAp8Gy0iz5sxjZmSnXyCdPEovGhLa0VzMaQ8s+CLOyS56YyCFGeJZ\nqgtzJ6GR3eqoYSW9b9UMvkBpZODSctWSNGj3P7jRFDO5VoTwCQAWbFnOjDfH5Ulg\np2PKSQnSJP3AJLQNFNe7br1XbrhV//eO+t51mIpGSDCUv3E0DDFcWDTH9cXDTTlR\nZVEiR2BwpZOOkE/Z0/BVnhZYL71oZV34bKfWjQIt6V/isSMahdsAASACp4ZTGtwi\nVuNd9tybAgMBAAECggEBAKTmjaS6tkK8BlPXClTQ2vpz/N6uxDeS35mXpqasqskV\nlaAidgg/sWqpjXDbXr93otIMLlWsM+X0CqMDgSXKejLS2jx4GDjI1ZTXg++0AMJ8\nsJ74pWzVDOfmCEQ/7wXs3+cbnXhKriO8Z036q92Qc1+N87SI38nkGa0ABH9CN83H\nmQqt4fB7UdHzuIRe/me2PGhIq5ZBzj6h3BpoPGzEP+x3l9YmK8t/1cN0pqI+dQwY\ndgfGjackLu/2qH80MCF7IyQaseZUOJyKrCLtSD/Iixv/hzDEUPfOCjFDgTpzf3cw\nta8+oE4wHCo1iI1/4TlPkwmXx4qSXtmw4aQPz7IDQvECgYEA8KNThCO2gsC2I9PQ\nDM/8Cw0O983WCDY+oi+7JPiNAJwv5DYBqEZB1QYdj06YD16XlC/HAZMsMku1na2T\nN0driwenQQWzoev3g2S7gRDoS/FCJSI3jJ+kjgtaA7Qmzlgk1TxODN+G1H91HW7t\n0l7VnL27IWyYo2qRRK3jzxqUiPUCgYEAx0oQs2reBQGMVZnApD1jeq7n4MvNLcPv\nt8b/eU9iUv6Y4Mj0Suo/AU8lYZXm8ubbqAlwz2VSVunD2tOplHyMUrtCtObAfVDU\nAhCndKaA9gApgfb3xw1IKbuQ1u4IF1FJl3VtumfQn//LiH1B3rXhcdyo3/vIttEk\n48RakUKClU8CgYEAzV7W3COOlDDcQd935DdtKBFRAPRPAlspQUnzMi5eSHMD/ISL\nDY5IiQHbIH83D4bvXq0X7qQoSBSNP7Dvv3HYuqMhf0DaegrlBuJllFVVq9qPVRnK\nxt1Il2HgxOBvbhOT+9in1BzA+YJ99UzC85O0Qz06A+CmtHEy4aZ2kj5hHjECgYEA\nmNS4+A8Fkss8Js1RieK2LniBxMgmYml3pfVLKGnzmng7H2+cwPLhPIzIuwytXywh\n2bzbsYEfYx3EoEVgMEpPhoarQnYPukrJO4gwE2o5Te6T5mJSZGlQJQj9q4ZB2Dfz\net6INsK0oG8XVGXSpQvQh3RUYekCZQkBBFcpqWpbIEsCgYAnM3DQf3FJoSnXaMhr\nVBIovic5l0xFkEHskAjFTevO86Fsz1C2aSeRKSqGFoOQ0tmJzBEs1R6KqnHInicD\nTQrKhArgLXX4v3CddjfTRJkFWDbE/CkvKZNOrcf1nhaGCPspRJj2KUkj1Fhl9Cnc\ndn/RsYEONbwQSjIfMPkvxF+8HQ==\n-----END PRIVATE KEY-----","after":""},"structural_id":"8ad7b3b3581e72dbb9ddedbbe3a714d02c990c03","rule_structural_id":"046a96dd5272aa399275afb853a54884611769c0","rule_text_id":"np.pem.1","rule_name":"PEM-Encoded Private Key","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"e25450d6863684f5ee94aa8de0f38e57c0a6df1e","rule_name":"PEM-Encoded Private Key","rule_text_id":"np.pem.1","rule_structural_id":"046a96dd5272aa399275afb853a54884611769c0","groups":["bEZnRVlseDV0eFlKS3dZQkJBSGFSdzhCQVFkQWVPV0dTNERNWkFlR1k4WG9oOXZLeUJxK212WTdzT0RwVHIzbgprOHRFaFpVQUFQOUVSYlV3dEVNb2JFemtQZXVlb3dWaWlrK2xIdll4clZ2NmVJck91Y29VZ1JDbHRCVm1ZV2xzCmRYSmxRR1JsZEdWamRHbHZiaTVqYjIySWxnUVRGZ29BUGhZaEJJZEt3ZUtTK2drTHdrVGdCZUhtajhFSzdQTE4KQlFKaVhIbTNBaHNEQlFrRHdtY0FCUXNKQ0FjREJSVUtDUWdMQlJZQ0F3RUFBaDRGQWhlQUFBb0pFT0htajhFSwo3UExORHZjQS9pcW13VnNjVlJWYmVMaHlhSVhwMHBpT0pENG0yQUttNGFhcXJSbE1DOUlDQVA5Vmd1NVZCQ2UrCmVxMEFOVE5vWnVKZXNaUWQ4S2k0Q20zYklsTjlXUi9tRHB4ZEJHSmNlYmNTQ2lzR0FRUUJsMVVCQlFFQkIwREcKaXQyV3hIOFZTdjRhR2pMTG90eFZ3VS9pZkNjRWQ4cityS3NnUzlsU09nTUJDQWNBQVA5Y0NNeGZUMGtrVGxKUQovQ3JVUFFzM3JJMlZ1eXFaUWR1MmJxZmovVUlSSUE4NWlIZ0VHQllLQUNBV0lRU0hTc0hpa3ZvSkM4SkU0QVhoCjVvL0JDdXp5elFVQ1lseDV0d0liREFBS0NSRGg1by9CQ3V6eXpSYVdBUDRvaVZ1ckxFc2FXZHlnL2lCVDRPaDgKZy9iWWFLUkFzTi9ibmFzcXo2RW5md0Q5RS8wOFRnM205YlFiWThhNWZHNnU5MlN3M1dneVNCdjFSWE5rVXkvRgpZZ1E9Cj1oZkhOCg=="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"6337e8e528efb6940c7bd4523d6c7663546bb473","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1655623003 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1655623003 +0200","message":"add armored gpg keys\n"},"blob_path":"secretscache/gpg/private_key.asc"}}],"blob_metadata":{"id":"cdb2ed5b92e8cd4eaab8154fe5c10481337e9cb7","num_bytes":736,"mime_essence":"application/pgp-signature","charset":null},"blob_id":"cdb2ed5b92e8cd4eaab8154fe5c10481337e9cb7","location":{"offset_span":{"start":0,"end":735},"source_span":{"start":{"line":1,"column":1},"end":{"line":15,"column":35}}},"groups":["bEZnRVlseDV0eFlKS3dZQkJBSGFSdzhCQVFkQWVPV0dTNERNWkFlR1k4WG9oOXZLeUJxK212WTdzT0RwVHIzbgprOHRFaFpVQUFQOUVSYlV3dEVNb2JFemtQZXVlb3dWaWlrK2xIdll4clZ2NmVJck91Y29VZ1JDbHRCVm1ZV2xzCmRYSmxRR1JsZEdWamRHbHZiaTVqYjIySWxnUVRGZ29BUGhZaEJJZEt3ZUtTK2drTHdrVGdCZUhtajhFSzdQTE4KQlFKaVhIbTNBaHNEQlFrRHdtY0FCUXNKQ0FjREJSVUtDUWdMQlJZQ0F3RUFBaDRGQWhlQUFBb0pFT0htajhFSwo3UExORHZjQS9pcW13VnNjVlJWYmVMaHlhSVhwMHBpT0pENG0yQUttNGFhcXJSbE1DOUlDQVA5Vmd1NVZCQ2UrCmVxMEFOVE5vWnVKZXNaUWQ4S2k0Q20zYklsTjlXUi9tRHB4ZEJHSmNlYmNTQ2lzR0FRUUJsMVVCQlFFQkIwREcKaXQyV3hIOFZTdjRhR2pMTG90eFZ3VS9pZkNjRWQ4cityS3NnUzlsU09nTUJDQWNBQVA5Y0NNeGZUMGtrVGxKUQovQ3JVUFFzM3JJMlZ1eXFaUWR1MmJxZmovVUlSSUE4NWlIZ0VHQllLQUNBV0lRU0hTc0hpa3ZvSkM4SkU0QVhoCjVvL0JDdXp5elFVQ1lseDV0d0liREFBS0NSRGg1by9CQ3V6eXpSYVdBUDRvaVZ1ckxFc2FXZHlnL2lCVDRPaDgKZy9iWWFLUkFzTi9ibmFzcXo2RW5md0Q5RS8wOFRnM205YlFiWThhNWZHNnU5MlN3M1dneVNCdjFSWE5rVXkvRgpZZ1E9Cj1oZkhOCg=="],"snippet":{"before":"","matching":"-----BEGIN PGP PRIVATE KEY BLOCK-----\n\nlFgEYlx5txYJKwYBBAHaRw8BAQdAeOWGS4DMZAeGY8Xoh9vKyBq+mvY7sODpTr3n\nk8tEhZUAAP9ERbUwtEMobEzkPeueowViik+lHvYxrVv6eIrOucoUgRCltBVmYWls\ndXJlQGRldGVjdGlvbi5jb22IlgQTFgoAPhYhBIdKweKS+gkLwkTgBeHmj8EK7PLN\nBQJiXHm3AhsDBQkDwmcABQsJCAcDBRUKCQgLBRYCAwEAAh4FAheAAAoJEOHmj8EK\n7PLNDvcA/iqmwVscVRVbeLhyaIXp0piOJD4m2AKm4aaqrRlMC9ICAP9Vgu5VBCe+\neq0ANTNoZuJesZQd8Ki4Cm3bIlN9WR/mDpxdBGJcebcSCisGAQQBl1UBBQEBB0DG\nit2WxH8VSv4aGjLLotxVwU/ifCcEd8r+rKsgS9lSOgMBCAcAAP9cCMxfT0kkTlJQ\n/CrUPQs3rI2VuyqZQdu2bqfj/UIRIA85iHgEGBYKACAWIQSHSsHikvoJC8JE4AXh\n5o/BCuzyzQUCYlx5twIbDAAKCRDh5o/BCuzyzRaWAP4oiVurLEsaWdyg/iBT4Oh8\ng/bYaKRAsN/bnasqz6EnfwD9E/08Tg3m9bQbY8a5fG6u92Sw3WgySBv1RXNkUy/F\nYgQ=\n=hfHN\n-----END PGP PRIVATE KEY BLOCK-----","after":"\n"},"structural_id":"47d1535adc8f74a21d4cebb4ebd56dbd36a56f3a","rule_structural_id":"046a96dd5272aa399275afb853a54884611769c0","rule_text_id":"np.pem.1","rule_name":"PEM-Encoded Private Key","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"61a76f28932780cb03402457c97a21e76d2bc2ec","rule_name":"Slack Webhook","rule_text_id":"np.slack.3","rule_structural_id":"05ed2105125034f509474d7ee7689a11e1fdded7","groups":["aHR0cHM6Ly9ob29rcy5zbGFjay5jb20vc2VydmljZXMvVDA0VDQwTkhYL0IwM0JUNkQwVUQ4LzZoUG9ObHhsU2xESEJSTUpvOWR3UUNtVQ=="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"git_repo","repo_path":"./.git","first_commit":{"commit_metadata":{"commit_id":"9fe0e6522f6c54f4fc1b9e93111de1e34dd9cb4f","committer_name":"Jeroen Willemsen","committer_email":"jeroenwillemsen2001@gmail.com","committer_timestamp":"1653281698 +0200","author_name":"Jeroen Willemsen","author_email":"jeroenwillemsen2001@gmail.com","author_timestamp":"1650228902 +0200","message":"Added active slack callback url for #201\n"},"blob_path":"secretscache/slack/callback.url"}}],"blob_metadata":{"id":"c30b3360a03c2cc3d8e47bb9afa897ccf3a2f8e4","num_bytes":80,"mime_essence":null,"charset":null},"blob_id":"c30b3360a03c2cc3d8e47bb9afa897ccf3a2f8e4","location":{"offset_span":{"start":0,"end":79},"source_span":{"start":{"line":1,"column":1},"end":{"line":1,"column":79}}},"groups":["aHR0cHM6Ly9ob29rcy5zbGFjay5jb20vc2VydmljZXMvVDA0VDQwTkhYL0IwM0JUNkQwVUQ4LzZoUG9ObHhsU2xESEJSTUpvOWR3UUNtVQ=="],"snippet":{"before":"","matching":"https://hooks.slack.com/services/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","after":"\n"},"structural_id":"2a3aaac9bbd49760849128169ddffd0c881ac53b","rule_structural_id":"05ed2105125034f509474d7ee7689a11e1fdded7","rule_text_id":"np.slack.3","rule_name":"Slack Webhook","score":null,"comment":null,"status":null,"redundant_to":[]}]} From 9df49a0e52df9d308d86159f6e9c8689014b33a4 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Tue, 14 Jan 2025 17:21:50 +0100 Subject: [PATCH 3/9] :hammer: restructure --- dojo/tools/noseyparker/parser.py | 165 ++++++++++++++++++++----------- 1 file changed, 108 insertions(+), 57 deletions(-) diff --git a/dojo/tools/noseyparker/parser.py b/dojo/tools/noseyparker/parser.py index 65b475a490..d431d97348 100644 --- a/dojo/tools/noseyparker/parser.py +++ b/dojo/tools/noseyparker/parser.py @@ -24,78 +24,129 @@ def get_findings(self, file, test): Returns findings from jsonlines file and uses filter to skip findings and determine severity """ - dupes = {} - + self.dupes = {} # Turn JSONL file into DataFrame if file is None: return None if file.name.lower().endswith(".jsonl"): # Process JSON lines into Dict data = [json.loads(line) for line in file] - # Check for empty file if len(data[0]) == 0: return [] - # Parse through each secret in each JSON line for line in data: # Set rule to the current secret type (e.g. AWS S3 Bucket) - try: - rule_name = line["rule_name"] - secret = line["match_content"] - except Exception: + if line.get("rule_name") is not None and line.get("match_content") is not None: + self.version_0_16_0(line, test) + elif line.get("rule_name") is not None and line.get("finding_id") is not None: + self.version_0_22_0(line, test) + else: msg = "Invalid Nosey Parker data, make sure to use Nosey Parker v0.16.0" raise ValueError(msg) - - # Set Finding details - for match in line["matches"]: - # The following path is to account for the variability in the JSON lines output - num_elements = len(match["provenance"]) - 1 - json_path = match["provenance"][num_elements] - - title = f"Secret(s) Found in Repository with Commit ID {json_path['commit_provenance']['commit_metadata']['commit_id']}" - filepath = json_path["commit_provenance"]["blob_path"] - line_num = match["location"]["source_span"]["start"]["line"] - description = f"Secret found of type: {rule_name} \n" \ - f"SECRET starts with: '{secret[:3]}' \n" \ - f"Committer Name: {json_path['commit_provenance']['commit_metadata']['committer_name']} \n" \ - f"Committer Email: {json_path['commit_provenance']['commit_metadata']['committer_email']} \n" \ - f"Commit ID: {json_path['commit_provenance']['commit_metadata']['commit_id']} \n" \ - f"Location: {filepath} line #{line_num} \n" \ - f"Line #{line_num} \n" - - # Internal de-duplication - key = hashlib.md5((filepath + "|" + secret + "|" + str(line_num)).encode("utf-8")).hexdigest() - - # If secret already exists with the same filepath/secret/linenum - if key in dupes: - finding = dupes[key] - finding.nb_occurences += 1 - dupes[key] = finding - else: - dupes[key] = True - # Create Finding object - finding = Finding( - test=test, - cwe=798, - title=title, - description=description, - severity="High", - mitigation="Reset the account/token and remove from source code. Store secrets/tokens/passwords in secret managers or secure vaults.", - date=datetime.today().strftime("%Y-%m-%d"), - verified=False, - active=True, - is_mitigated=False, - file_path=filepath, - line=line_num, - static_finding=True, - nb_occurences=1, - dynamic_finding=False, - - ) - dupes[key] = finding else: msg = "JSON lines format not recognized (.jsonl file extension). Make sure to use Nosey Parker v0.16.0" raise ValueError(msg) - return list(dupes.values()) + return list(self.dupes.values()) + + + def version_0_16_0(self, line, test): + rule_name = line["rule_name"] + secret = line["match_content"] + for match in line["matches"]: + # The following path is to account for the variability in the JSON lines output + num_elements = len(match["provenance"]) - 1 + json_path = match["provenance"][num_elements] + + title = f"Secret(s) Found in Repository with Commit ID {json_path['commit_provenance']['commit_metadata']['commit_id']}" + filepath = json_path["commit_provenance"]["blob_path"] + line_num = match["location"]["source_span"]["start"]["line"] + description = f"Secret found of type: {rule_name} \n" \ + f"SECRET starts with: '{secret[:3]}' \n" \ + f"Committer Name: {json_path['commit_provenance']['commit_metadata']['committer_name']} \n" \ + f"Committer Email: {json_path['commit_provenance']['commit_metadata']['committer_email']} \n" \ + f"Commit ID: {json_path['commit_provenance']['commit_metadata']['commit_id']} \n" \ + f"Location: {filepath} line #{line_num} \n" \ + f"Line #{line_num} \n" + + # Internal de-duplication + key = hashlib.md5((filepath + "|" + secret + "|" + str(line_num)).encode("utf-8")).hexdigest() + + # If secret already exists with the same filepath/secret/linenum + if key in self.dupes: + finding = self.dupes[key] + finding.nb_occurences += 1 + self.dupes[key] = finding + else: + self.dupes[key] = True + # Create Finding object + finding = Finding( + test=test, + cwe=798, + title=title, + description=description, + severity="High", + mitigation="Reset the account/token and remove from source code. Store secrets/tokens/passwords in secret managers or secure vaults.", + date=datetime.today().strftime("%Y-%m-%d"), + verified=False, + active=True, + is_mitigated=False, + file_path=filepath, + line=line_num, + static_finding=True, + nb_occurences=1, + dynamic_finding=False, + + ) + self.dupes[key] = finding + + def version_0_22_0(self, line, test): + print("TODO") + # rule_name = line["rule_name"] + # secret = line["match_content"] + # for match in line["matches"]: + # # The following path is to account for the variability in the JSON lines output + # num_elements = len(match["provenance"]) - 1 + # json_path = match["provenance"][num_elements] + + # title = f"Secret(s) Found in Repository with Commit ID {json_path['commit_provenance']['commit_metadata']['commit_id']}" + # filepath = json_path["commit_provenance"]["blob_path"] + # line_num = match["location"]["source_span"]["start"]["line"] + # description = f"Secret found of type: {rule_name} \n" \ + # f"SECRET starts with: '{secret[:3]}' \n" \ + # f"Committer Name: {json_path['commit_provenance']['commit_metadata']['committer_name']} \n" \ + # f"Committer Email: {json_path['commit_provenance']['commit_metadata']['committer_email']} \n" \ + # f"Commit ID: {json_path['commit_provenance']['commit_metadata']['commit_id']} \n" \ + # f"Location: {filepath} line #{line_num} \n" \ + # f"Line #{line_num} \n" + + # # Internal de-duplication + # key = hashlib.md5((filepath + "|" + secret + "|" + str(line_num)).encode("utf-8")).hexdigest() + + # # If secret already exists with the same filepath/secret/linenum + # if key in self.dupes: + # finding = self.dupes[key] + # finding.nb_occurences += 1 + # self.dupes[key] = finding + # else: + # self.dupes[key] = True + # # Create Finding object + # finding = Finding( + # test=test, + # cwe=798, + # title=title, + # description=description, + # severity="High", + # mitigation="Reset the account/token and remove from source code. Store secrets/tokens/passwords in secret managers or secure vaults.", + # date=datetime.today().strftime("%Y-%m-%d"), + # verified=False, + # active=True, + # is_mitigated=False, + # file_path=filepath, + # line=line_num, + # static_finding=True, + # nb_occurences=1, + # dynamic_finding=False, + # ) + # self.dupes[key] = finding \ No newline at end of file From 02ed0abf02083f86288fdf6cfe3b6921d65b2774 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Tue, 14 Jan 2025 17:31:36 +0100 Subject: [PATCH 4/9] fix version 0.22.0 --- dojo/tools/noseyparker/parser.py | 95 +++++++++++----------- unittests/tools/test_noseyparker_parser.py | 6 +- 2 files changed, 52 insertions(+), 49 deletions(-) diff --git a/dojo/tools/noseyparker/parser.py b/dojo/tools/noseyparker/parser.py index d431d97348..fbbd303a4b 100644 --- a/dojo/tools/noseyparker/parser.py +++ b/dojo/tools/noseyparker/parser.py @@ -102,51 +102,50 @@ def version_0_16_0(self, line, test): self.dupes[key] = finding def version_0_22_0(self, line, test): - print("TODO") - # rule_name = line["rule_name"] - # secret = line["match_content"] - # for match in line["matches"]: - # # The following path is to account for the variability in the JSON lines output - # num_elements = len(match["provenance"]) - 1 - # json_path = match["provenance"][num_elements] - - # title = f"Secret(s) Found in Repository with Commit ID {json_path['commit_provenance']['commit_metadata']['commit_id']}" - # filepath = json_path["commit_provenance"]["blob_path"] - # line_num = match["location"]["source_span"]["start"]["line"] - # description = f"Secret found of type: {rule_name} \n" \ - # f"SECRET starts with: '{secret[:3]}' \n" \ - # f"Committer Name: {json_path['commit_provenance']['commit_metadata']['committer_name']} \n" \ - # f"Committer Email: {json_path['commit_provenance']['commit_metadata']['committer_email']} \n" \ - # f"Commit ID: {json_path['commit_provenance']['commit_metadata']['commit_id']} \n" \ - # f"Location: {filepath} line #{line_num} \n" \ - # f"Line #{line_num} \n" - - # # Internal de-duplication - # key = hashlib.md5((filepath + "|" + secret + "|" + str(line_num)).encode("utf-8")).hexdigest() - - # # If secret already exists with the same filepath/secret/linenum - # if key in self.dupes: - # finding = self.dupes[key] - # finding.nb_occurences += 1 - # self.dupes[key] = finding - # else: - # self.dupes[key] = True - # # Create Finding object - # finding = Finding( - # test=test, - # cwe=798, - # title=title, - # description=description, - # severity="High", - # mitigation="Reset the account/token and remove from source code. Store secrets/tokens/passwords in secret managers or secure vaults.", - # date=datetime.today().strftime("%Y-%m-%d"), - # verified=False, - # active=True, - # is_mitigated=False, - # file_path=filepath, - # line=line_num, - # static_finding=True, - # nb_occurences=1, - # dynamic_finding=False, - # ) - # self.dupes[key] = finding \ No newline at end of file + rule_name = line["rule_name"] + rule_text_id = line["rule_text_id"] + for match in line["matches"]: + # The following path is to account for the variability in the JSON lines output + num_elements = len(match["provenance"]) - 1 + json_path = match["provenance"][num_elements] + + title = f"Secret(s) Found in Repository with Commit ID {json_path['first_commit']['commit_metadata']['commit_id']}" + filepath = json_path["first_commit"]["blob_path"] + line_num = match["location"]["source_span"]["start"]["line"] + description = f"Secret found of type: {rule_name} \n" \ + f"SECRET starts with: '{rule_text_id[:3]}' \n" \ + f"Committer Name: {json_path['first_commit']['commit_metadata']['committer_name']} \n" \ + f"Committer Email: {json_path['first_commit']['commit_metadata']['committer_email']} \n" \ + f"Commit ID: {json_path['first_commit']['commit_metadata']['commit_id']} \n" \ + f"Location: {filepath} line #{line_num} \n" \ + f"Line #{line_num} \n" + + # Internal de-duplication + key = hashlib.md5((filepath + "|" + rule_text_id + "|" + str(line_num)).encode("utf-8")).hexdigest() + + # If secret already exists with the same filepath/secret/linenum + if key in self.dupes: + finding = self.dupes[key] + finding.nb_occurences += 1 + self.dupes[key] = finding + else: + self.dupes[key] = True + # Create Finding object + finding = Finding( + test=test, + cwe=798, + title=title, + description=description, + severity="High", + mitigation="Reset the account/token and remove from source code. Store secrets/tokens/passwords in secret managers or secure vaults.", + date=datetime.today().strftime("%Y-%m-%d"), + verified=False, + active=True, + is_mitigated=False, + file_path=filepath, + line=line_num, + static_finding=True, + nb_occurences=1, + dynamic_finding=False, + ) + self.dupes[key] = finding diff --git a/unittests/tools/test_noseyparker_parser.py b/unittests/tools/test_noseyparker_parser.py index 09ee36eb46..af89a8ae2c 100644 --- a/unittests/tools/test_noseyparker_parser.py +++ b/unittests/tools/test_noseyparker_parser.py @@ -49,4 +49,8 @@ def test_noseyparker_version_0_22_0(self): parser = NoseyParkerParser() findings = parser.get_findings(testfile, Test()) finding = findings[0] - self.assertEqual("Critical", finding.severity) + self.assertEqual("High", finding.severity) + self.assertEqual(798, finding.cwe) + self.assertEqual(33, len(findings)) + finding = findings[10] + self.assertEqual("High", finding.severity) From 646a32ba2151053160162b5ddcf2d2ce581d6343 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Tue, 14 Jan 2025 17:33:08 +0100 Subject: [PATCH 5/9] ruff --- dojo/tools/noseyparker/parser.py | 1 - 1 file changed, 1 deletion(-) diff --git a/dojo/tools/noseyparker/parser.py b/dojo/tools/noseyparker/parser.py index fbbd303a4b..b22199704d 100644 --- a/dojo/tools/noseyparker/parser.py +++ b/dojo/tools/noseyparker/parser.py @@ -50,7 +50,6 @@ def get_findings(self, file, test): return list(self.dupes.values()) - def version_0_16_0(self, line, test): rule_name = line["rule_name"] secret = line["match_content"] From 5c62e719e23a0ec785d61074f192575f659254ba Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Tue, 14 Jan 2025 19:08:41 +0100 Subject: [PATCH 6/9] update docs --- .../en/connecting_your_tools/parsers/file/noseyparker.md | 3 ++- dojo/tools/noseyparker/parser.py | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/content/en/connecting_your_tools/parsers/file/noseyparker.md b/docs/content/en/connecting_your_tools/parsers/file/noseyparker.md index fc08cbf03b..7b0e3b98ce 100644 --- a/docs/content/en/connecting_your_tools/parsers/file/noseyparker.md +++ b/docs/content/en/connecting_your_tools/parsers/file/noseyparker.md @@ -6,8 +6,9 @@ Input Type: - This parser takes JSON Lines Output from Nosey Parker: https://github.com/praetorian-inc/noseyparkerSupports -Supports version 0.16.0: +Supports versions 0.16.0 and 0.22.0: https://github.com/praetorian-inc/noseyparker/releases/tag/v0.16.0 +https://github.com/praetorian-inc/noseyparker/releases/tag/v0.22.0 Things to note about the Nosey Parker Parser: - diff --git a/dojo/tools/noseyparker/parser.py b/dojo/tools/noseyparker/parser.py index b22199704d..8ba6f4207a 100644 --- a/dojo/tools/noseyparker/parser.py +++ b/dojo/tools/noseyparker/parser.py @@ -17,7 +17,7 @@ def get_label_for_scan_types(self, scan_type): def get_description_for_scan_types(self, scan_type): return "Nosey Parker report file can be imported in JSON Lines format (option --jsonl). " \ - "Supports v0.16.0 of https://github.com/praetorian-inc/noseyparker" + "Supports v0.16.0 and v0.22.0 of https://github.com/praetorian-inc/noseyparker" def get_findings(self, file, test): """ From fe97f4fd7e7f2fe58d13859cc0e959e58da51ecf Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Tue, 14 Jan 2025 20:10:26 +0100 Subject: [PATCH 7/9] update docs --- .../en/connecting_your_tools/parsers/file/noseyparker.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/docs/content/en/connecting_your_tools/parsers/file/noseyparker.md b/docs/content/en/connecting_your_tools/parsers/file/noseyparker.md index 7b0e3b98ce..69abfb99b0 100644 --- a/docs/content/en/connecting_your_tools/parsers/file/noseyparker.md +++ b/docs/content/en/connecting_your_tools/parsers/file/noseyparker.md @@ -6,9 +6,7 @@ Input Type: - This parser takes JSON Lines Output from Nosey Parker: https://github.com/praetorian-inc/noseyparkerSupports -Supports versions 0.16.0 and 0.22.0: -https://github.com/praetorian-inc/noseyparker/releases/tag/v0.16.0 -https://github.com/praetorian-inc/noseyparker/releases/tag/v0.22.0 +Supports versions [0.16.0](https://github.com/praetorian-inc/noseyparker/releases/tag/v0.16.0) and [0.22.0](https://github.com/praetorian-inc/noseyparker/releases/tag/v0.22.0) Things to note about the Nosey Parker Parser: - From 1636cdd4f88fc0f7b41fc5d409faa7190bb13090 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Thu, 23 Jan 2025 08:24:06 +0100 Subject: [PATCH 8/9] cover another usecase --- dojo/tools/noseyparker/parser.py | 27 ++++++++++++------- ...oseyparker_0_22_0_without_githistory.jsonl | 6 +++++ unittests/tools/test_noseyparker_parser.py | 9 +++++++ 3 files changed, 32 insertions(+), 10 deletions(-) create mode 100644 unittests/scans/noseyparker/noseyparker_0_22_0_without_githistory.jsonl diff --git a/dojo/tools/noseyparker/parser.py b/dojo/tools/noseyparker/parser.py index 8ba6f4207a..1c3308875a 100644 --- a/dojo/tools/noseyparker/parser.py +++ b/dojo/tools/noseyparker/parser.py @@ -107,17 +107,24 @@ def version_0_22_0(self, line, test): # The following path is to account for the variability in the JSON lines output num_elements = len(match["provenance"]) - 1 json_path = match["provenance"][num_elements] - - title = f"Secret(s) Found in Repository with Commit ID {json_path['first_commit']['commit_metadata']['commit_id']}" - filepath = json_path["first_commit"]["blob_path"] line_num = match["location"]["source_span"]["start"]["line"] - description = f"Secret found of type: {rule_name} \n" \ - f"SECRET starts with: '{rule_text_id[:3]}' \n" \ - f"Committer Name: {json_path['first_commit']['commit_metadata']['committer_name']} \n" \ - f"Committer Email: {json_path['first_commit']['commit_metadata']['committer_email']} \n" \ - f"Commit ID: {json_path['first_commit']['commit_metadata']['commit_id']} \n" \ - f"Location: {filepath} line #{line_num} \n" \ - f"Line #{line_num} \n" + if json_path.get("first_commit"): + title = f"Secret(s) Found in Repository with Commit ID {json_path['first_commit']['commit_metadata']['commit_id']}" + filepath = json_path["first_commit"]["blob_path"] + description = f"Secret found of type: {rule_name} \n" \ + f"SECRET starts with: '{rule_text_id[:3]}' \n" \ + f"Committer Name: {json_path['first_commit']['commit_metadata']['committer_name']} \n" \ + f"Committer Email: {json_path['first_commit']['commit_metadata']['committer_email']} \n" \ + f"Commit ID: {json_path['first_commit']['commit_metadata']['commit_id']} \n" \ + f"Location: {filepath} line #{line_num} \n" \ + f"Line #{line_num} \n" + else: + title = "Secret(s) Found in Repository" + filepath = json_path["path"] + description = f"Secret found of type: {rule_name} \n" \ + f"SECRET starts with: '{rule_text_id[:3]}' \n" \ + f"Location: {filepath} line #{line_num} \n" \ + f"Line #{line_num} \n" # Internal de-duplication key = hashlib.md5((filepath + "|" + rule_text_id + "|" + str(line_num)).encode("utf-8")).hexdigest() diff --git a/unittests/scans/noseyparker/noseyparker_0_22_0_without_githistory.jsonl b/unittests/scans/noseyparker/noseyparker_0_22_0_without_githistory.jsonl new file mode 100644 index 0000000000..3bea238c81 --- /dev/null +++ b/unittests/scans/noseyparker/noseyparker_0_22_0_without_githistory.jsonl @@ -0,0 +1,6 @@ +{"finding_id":"1c82eb8796a72495efce9ecf618b84fba10ffc84","rule_name":"Base64-PEM-Encoded Private Key","rule_text_id":"np.pem.2","rule_structural_id":"35bc9170393aecc3777a72fe77e269fc150c91ce","groups":["TFMwdExTMUNSVWRKVGlCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRcE5TVWxLUzJkSlFrRkJTME5CWjBWQmMzZFhVMnRwWlU5bk5rSmhkRWxHVFVKMFZsZHpaVzluVFd3MFVraFlOblJKUTFsUU0wRXdWelJKU2pocmMxZzJDbXh2V0VWeE15czNOV3hUWjBVMVJ6UkdTMk5YWVVWNVV6ZGpjR0V5Y0VSVU5UTjVSbU4xTlRkdFQwdFJWa2gyT0c1VmN6VnJNM2hYY1VGWE5pczNNMEVLT1RabE1IWnRlbmxLYkc5T1JVa3dPVTFwUzBac00zZHNTelZMTjJWQ1JsRnBiMnRSYjNZeFNsRnFPVVo0VkdGSU1EQlNNR3BxSzAwM0wzaFdTV0ZJS3dweGFtVTNOMHhhU2pCcWRESkRWWGRLVkc5NFVUTXlSRVl3VkRRNE1IaDRjRE5QTTNaWU9FUkNUbmhaUzNNMUt6Vk5RekV4TWtweFp6QnJZbXBUYVZNMUNpOHZaWEYzU1hGd1R6VXpaVXhETjJGMVVWbHRUVTVEYjFaTVduTm1hVzF0ZURGd1RYTjRiRWh1VEVKeGNWTkdiVzVzZVZCb09WcHZlVmRTWkROUWRIY0tVV1UzVjIwNVptcHJaU3RYTlc1eWFIYzNNMjV1TVhGS056TjBRWFU1WkZReVQybEZjV1pRTmpNM01YZFRkSHBaVXpCR2EwbGxWV2xWWkVSeGRXRlhVQW9yUjFNM1VrUlFhbk5MTVhaTUszbG1XbEJNYkROWVNrdHZLMFl6UlVKcmIyZGpiM05MZHpOdWVFaHNjRUkwVFd0VFJuSkViMmRKUVVrMFJVOVZTelIzQ2toc1JqZE1jU3REZDA0eGFYRkNkbFp2YldGT1NqVldURlZKVlRWamNtcFZMMUk1U1hkSU56Tk5OSFpYU0ZaV2QzaFFOV0ZxVW01cE9HMXdlV3BaUzIwS2VHd3JSMXBSTDI1bmJFMUxUVzlTY0c5dVNEVnFMMFJOTms4MVdURTVkVmcyT1VsbVRFRlNhRGhST0dOMFIwcG1PRzA0Wkd0NWVsaEhLMmRTWWxvNGNncEtkVk0wVFVWNmJtcFNhMkpyYUdodEwyZzFUVGR4WkM5RmRUSm5ibWxUT1c5eVkzVlVNR0UzTlVkMFJtbHNTbE15YTNwbVRsZGFVamhOY0VGSlFXNXFDbWh1YlhJeWNEVTJNVEJCUkVORU1uSnFSbkJUUlV0UFN6bFBOVUY1YWxSUWVsWnNaRFJ3WlhZNU0ybGpjVzFQVHprMGJEQnhjVXBIY21NNFEwRjNSVUVLUVZGTFEwRm5SVUZ2T0U1VFVFTTNRbGRNYkd0dlJVTjVLMjlHU0RaRlRFUktla0ZVZFdkYU5tVnlSVEo1ZEdGVFpXUm5SQ3QzVUhWWmNXMUdjV3hwVkFveU0xUkpXbTQxYW1oVmFpOHpNMDVGTmxFck1rbHpRbVpwUWk5S2REaFNaUzlvUlhKa1NURnFTR05UUm5FNWQxQk1WemR2YVVsamFITmhjMUpXVXpBeUNrdHJNSGRNUm1JemFIaG5OMWR6VEhaQlltZGtiRUV4UzNaNEx6VlFlRUY1V25NMldXeFljRE55TlZOemFISXJkSFp2TnpKc1YybHhTRXMwVmxVNGJrSUtTaTlpU3pKSFFtUkdlVk5YYVc1RWRFcExZM0JZZG14alFXZFZTMlF5TlU1cldWZDRWRzVYY2treE5VTnpiREZ3UW14S1oyTjRLemR2YlVzclMxcHVkUXBwTmtkNlltNXRRMFJqVjBwU1FtaHpSU3R2TkhaM1VqbEZNVzlSVm1KdGJsZzNaVzFMYjJSeFdua3hTRUY2ZW04MlIyNVBlakp4V0Zjd2ExQjFjMjh6Q2pJdlZIVTVia2R6WlhKSlN6UjVVV2RyUW10UmN6UlRZbkZCTW5vMVNHRnZPU3RLVEZVMGRFdExXVVF2WkRkMk1IQTFTa0ZKUkdSU1lsQTNVMWhSU2pBS2RURjJOWGxxVm1sU2JFNDJiVkpuZVd0Tk5rODVTSGN3YWtWWFF5dE5SRzV6Tm04eFMySnhiM1p5TDNOWk4zVk5SVVpyVkVaeFdFY3lUbmRZTm1FMVVBbzJTbmRIV1U1RFNYSk5hWHBqYUVZd2RVNTBTVUZJUzFScE1tOU9jak0wY1ZaUWIwWnJWV3N2VmxJNFYzUjFOSGM1Y3pCWlNsaDFaM3BsV2xBclJ6TjZDbTVGZUhSV05qUkNhWFJ3THk5MWExcDZOVWMzWmtvMlFqRkZTV1pDTTJWek1uZFliVTV1TVdWbk9YVjZjWEpoTWxCMVNHRnBjWGxoYTB4ak1YTktURm9LZG01Rk5VMU9XRTF1WTNaalVHUkdRbGRqT0V3d1JGWkhRMjlyZFcxQ1dqSTFabWRQUjNGcFVrRlBiMHRFZDAxVWFtMWxNR1ZzTkdRdlFVNXlabFJTZFFvMVRWZHJNRXRTU1VscUt6ZEdjeXRTUldkYVZUVnlRazl1VWpORWNuVllSeXRXWTI1MUswbzBSbk5yWjJOSmFqRldhMFZEWjJkRlFrRk5SMHRrYlhBeUNuRnRlVVJDVW1GYWVuRnNORXRRVlZGMFVGVmlTMDVDT1Vad1YycHdZVXhrVUdaVE1VRjFOMEl2WjJoYU56UndhamgxZEhsalNrZFpkMWt5ZFdsb2NURUtTRzlFY2tOaFExZE9jbmhDZHpKWGQwTTRPSGwyU1dsbGRtRkhhRXBSVG5KNFJuRmFiWEJIWkdzNFRpdFJNeTlsYW5scFpWQjJTMVJZWTB0RU9TdFlXUXBOZGtacFpWaHpRbWhsVW5sa1QzYzFZM00zT1hjck1YazJOVGRLT1VScGVVdzRaVlpHVkU0emFFWlBUQzlUV1hCamEzaGtiRVZOZDJGbVlrOXVXRTlsQ25wQmJFdEJlR1ppUldKRlNsZzJUR3hIY0RkcWQydE5abVJvV1d4ak9Ya3pWSE5WVGpsU1REbDBaVkZsVUZSS1N6Wk1VRzVvYldOSlZEVjBTSGxsWVZVS2NIQlJRWFZyZEZZdlkxUmhNa3N5VUZSRVkyVk1LMFpvY1dacVFVdzFObE5GY0d0U2QwSXhSV296Y1RrdkwyVTRaa2xCZVZkdVUwTnZWM0F4UjNGb1dRcFpRMEUxZFdoa1MzVjRXbGhVS3poRFoyZEZRa0ZQZWt4dGFqTnpTSFpRU21GcFVqZDNibmhuYTAxWU9WZzBiMGd6UmpNNFIydEVORkZwVUhNNWJsYzJDblJDTVN0RGQycEtaekZHTkVSc1QwaEVVVTh2Y1RnM2QwSXJZa0ZMUlVwTWJGZGFiR1Z4VlhaNlpFTnlTalJMVTNJeWFHZDNUbWh3Wnl0Mk5IZGhVVlVLWm5kUGVXY3JVbk5xUmpac1FXUlFiRlpCU0hNMldsWXJhQzgwZW5wMFJ6WlZlbXRwUjAxcU9HbDJSMk5uSzNCRE4wMTVOVTVHVjBOUVJtVlZWSGd2TmdwWlNuRlRkV2xQY1cxeU5qQm9XVTVaY25KYVpUTlVaRGhXVlZsWWFtWjNZVmxwYjFWVWFVMDVjREZSTVRrNU9FSlBObmhDTlhveVNXMUhOV1EyUzFCMUNuQlhkR2hHVEZaTFZWYzJhWGwxUW0wd1IyOVhlazVKVFVZdldIZG1Xa3R1TWt0bWFtUldRVUpZVXpWRFRtOXlabUpoWjBGa05tdFBTR3Q2V1RGSE55c0thRkp3UTBWdVVIUkRiRVF6Y2k5SFl6VnZSemM1ZEM5QmRDOVFOVTVVUzA5UWRHZzNLMkpJZDI5RFJVTm5aMFZDUVVzeGJIWkZiMDlJZDI5NFMwaElhZ3BSTUVOaFNYcG1UWHBDVGpsVVkyWmtRMnR5ZFROM2RGaGFTbUpHVW1Wa1ltSndiRlV5YTFGSE5FUkZTbmx6YW01TWVVbGpObWxoWW1SelZGSjZNRXBOQ2pCeFZTOHhhWGhaTWxoMU9WaFRVMW81UWxCSVMwUTBNRmw1Y3pSNWVqaEVRM04yZGxvNVNUaE9PRFpSVjBveFJWbHdRbEJaT1RWT1NWQmpZVE4yVUZJS2JsZ3ZZU3M1TlZsaFowRkNXVE5TZEhKaFVVdEdRVUp1ZUVZM2RuUndjbmg2VjBJNE16QlZPV2hQV0dWUlYwMW9SVkUzUzJSck5rMVRkMnhZWjJkWWVBcG5OWGN4V21KWGRuaFlXSFJaVEVvMmExaFhkVUZIZDFNek1FOHhRMWxyUjFCa2QzWkxNbnBRY1VWVWJXWlpaalUzYW1sVmVrNU5Sa0V5YXl0aVlXNXdDbFpRTnpGbk5FOWpRM2hEYlhaM1kxTldVa3BGVUZkWE5GRlhiR0ZsWlVNckswUXhhakZPZWtSNGJHVnJlRll6TVZjeVJHaHZaM2xLWjFSWVpVRnNaWG9LTkVsS1dHNDBhME5uWjBWQ1FVcDFjR1JIYmtWalRYZzVNbGRNUjFsTFJqSnpXRlZYUkU1dmJVNU1NSEl6ZFRWaGVFMHZkRVpGT1hOUWNqaHpabTlDTWdwU0wyTnJXSFpoVm5wMk5YQXpOekpZYlZCdlpEQTViRkUyY0U0emJteHZPSGhMVjNBdllqQmxVa2RVZGxKYVdpdE9jRlJITkVSVVIzSkpRak4wTjBKUUNtdDVPR05rWTJ0bU9XdDFWblpETDJ0RUt6UlNha3RJWlZKS2RFbFRUbUpITDFkbE4wcG9Vek5xWjJNcmMwdExUbXBNUm1RNE1qTnZTRGt3T1VjeFVXRUtPRTFNZHpGT2RqRlViRlJuYnpkbE16WnBOamRwVlVSNU4zaHJUMXBDWkZOcWF6aFVZM3BEVFVaUVp6SkZjR050TVd3eWJrdHBiWEF4WlVKNU0zcFJWZ29yVGxseUsyZFlkVlZKSzA1RldGQTNUWG93Wm5KTmVtUjJaRlZRT1RaNGVWZFNhbmgxWmpCemVERTRjbVl6TkVsdkt6Wk5helJ0Y21zd1FXaHplRTh4Q2k5YVVXZFlkVGhNTXpWUWJGSnVUSE56TkVOVmEwWXpPVzFHTm1wclVUbHBVMVZGUTJkblJVRkRlVlJQUkRsV2RXcGFUMEZTUldFMVowdG1TMlJzY3lzS04yczVUMUJTVWtaMVkybHVSRTExVTFkV1oyTXZRM2hSTDI4clJ6Z3JUMU53YlVnNU1sbFFTM1ZKVWtSVEx6WktiWEIyY1dVeVdGcEpOMFo1YkM4ell3cEpOM2N5V1dka1JWTTVPVkl2VGpOcE9VaDJRMFZ1ZGtGeFNUSXZjalJpU0ZaMFNVbGhSMk14VG01dGNsaDZhemxvYkRsRGVsZFZPRGM1Y1hCMGJIQjJDalpSVGtsek9WZGxWa2hsU21nMGRrYzJTV3g2Tm01aU5VeGFkRU5xYTBaWFFWZEljV05SV1RNd04xUm5TWGN4ZURBek0wUlhNa3QzTVVGRFVWaFhXbU1LUVM4d01saEpZV05VV21GSE0ySk5iVko0TTFVNGJHZHVTVlpzUlhOcWJWcFpaVlZtU1RKbmVUQXlZblprYWtaamQzUkxWVmR5UTFSdmFFUXhZbFI1VXdwcWQwcFFla1pYU0ZFNU9XaHlVa3h6WTBsRVpHTmtaVk5zU0RnNVIwOXZNbTVOTlhKelZuUmhSbXByYjNZNGJHWkNTakpoTlZWRVJWRXpRMlExUVQwOUNpMHRMUzB0UlU1RUlGSlRRU0JRVWtsV1FWUkZJRXRGV1MwdExTMHRDZz09"],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"file","path":"./k8s/main.key"}],"blob_metadata":{"id":"f5407810e2991e97e14756fe20d0263020eb6981","num_bytes":7091,"mime_essence":null,"charset":null},"blob_id":"f5407810e2991e97e14756fe20d0263020eb6981","location":{"offset_span":{"start":2374,"end":6707},"source_span":{"start":{"line":6,"column":14},"end":{"line":7,"column":0}}},"groups":["TFMwdExTMUNSVWRKVGlCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRcE5TVWxLUzJkSlFrRkJTME5CWjBWQmMzZFhVMnRwWlU5bk5rSmhkRWxHVFVKMFZsZHpaVzluVFd3MFVraFlOblJKUTFsUU0wRXdWelJKU2pocmMxZzJDbXh2V0VWeE15czNOV3hUWjBVMVJ6UkdTMk5YWVVWNVV6ZGpjR0V5Y0VSVU5UTjVSbU4xTlRkdFQwdFJWa2gyT0c1VmN6VnJNM2hYY1VGWE5pczNNMEVLT1RabE1IWnRlbmxLYkc5T1JVa3dPVTFwUzBac00zZHNTelZMTjJWQ1JsRnBiMnRSYjNZeFNsRnFPVVo0VkdGSU1EQlNNR3BxSzAwM0wzaFdTV0ZJS3dweGFtVTNOMHhhU2pCcWRESkRWWGRLVkc5NFVUTXlSRVl3VkRRNE1IaDRjRE5QTTNaWU9FUkNUbmhaUzNNMUt6Vk5RekV4TWtweFp6QnJZbXBUYVZNMUNpOHZaWEYzU1hGd1R6VXpaVXhETjJGMVVWbHRUVTVEYjFaTVduTm1hVzF0ZURGd1RYTjRiRWh1VEVKeGNWTkdiVzVzZVZCb09WcHZlVmRTWkROUWRIY0tVV1UzVjIwNVptcHJaU3RYTlc1eWFIYzNNMjV1TVhGS056TjBRWFU1WkZReVQybEZjV1pRTmpNM01YZFRkSHBaVXpCR2EwbGxWV2xWWkVSeGRXRlhVQW9yUjFNM1VrUlFhbk5MTVhaTUszbG1XbEJNYkROWVNrdHZLMFl6UlVKcmIyZGpiM05MZHpOdWVFaHNjRUkwVFd0VFJuSkViMmRKUVVrMFJVOVZTelIzQ2toc1JqZE1jU3REZDA0eGFYRkNkbFp2YldGT1NqVldURlZKVlRWamNtcFZMMUk1U1hkSU56Tk5OSFpYU0ZaV2QzaFFOV0ZxVW01cE9HMXdlV3BaUzIwS2VHd3JSMXBSTDI1bmJFMUxUVzlTY0c5dVNEVnFMMFJOTms4MVdURTVkVmcyT1VsbVRFRlNhRGhST0dOMFIwcG1PRzA0Wkd0NWVsaEhLMmRTWWxvNGNncEtkVk0wVFVWNmJtcFNhMkpyYUdodEwyZzFUVGR4WkM5RmRUSm5ibWxUT1c5eVkzVlVNR0UzTlVkMFJtbHNTbE15YTNwbVRsZGFVamhOY0VGSlFXNXFDbWh1YlhJeWNEVTJNVEJCUkVORU1uSnFSbkJUUlV0UFN6bFBOVUY1YWxSUWVsWnNaRFJ3WlhZNU0ybGpjVzFQVHprMGJEQnhjVXBIY21NNFEwRjNSVUVLUVZGTFEwRm5SVUZ2T0U1VFVFTTNRbGRNYkd0dlJVTjVLMjlHU0RaRlRFUktla0ZVZFdkYU5tVnlSVEo1ZEdGVFpXUm5SQ3QzVUhWWmNXMUdjV3hwVkFveU0xUkpXbTQxYW1oVmFpOHpNMDVGTmxFck1rbHpRbVpwUWk5S2REaFNaUzlvUlhKa1NURnFTR05UUm5FNWQxQk1WemR2YVVsamFITmhjMUpXVXpBeUNrdHJNSGRNUm1JemFIaG5OMWR6VEhaQlltZGtiRUV4UzNaNEx6VlFlRUY1V25NMldXeFljRE55TlZOemFISXJkSFp2TnpKc1YybHhTRXMwVmxVNGJrSUtTaTlpU3pKSFFtUkdlVk5YYVc1RWRFcExZM0JZZG14alFXZFZTMlF5TlU1cldWZDRWRzVYY2treE5VTnpiREZ3UW14S1oyTjRLemR2YlVzclMxcHVkUXBwTmtkNlltNXRRMFJqVjBwU1FtaHpSU3R2TkhaM1VqbEZNVzlSVm1KdGJsZzNaVzFMYjJSeFdua3hTRUY2ZW04MlIyNVBlakp4V0Zjd2ExQjFjMjh6Q2pJdlZIVTVia2R6WlhKSlN6UjVVV2RyUW10UmN6UlRZbkZCTW5vMVNHRnZPU3RLVEZVMGRFdExXVVF2WkRkMk1IQTFTa0ZKUkdSU1lsQTNVMWhSU2pBS2RURjJOWGxxVm1sU2JFNDJiVkpuZVd0Tk5rODVTSGN3YWtWWFF5dE5SRzV6Tm04eFMySnhiM1p5TDNOWk4zVk5SVVpyVkVaeFdFY3lUbmRZTm1FMVVBbzJTbmRIV1U1RFNYSk5hWHBqYUVZd2RVNTBTVUZJUzFScE1tOU9jak0wY1ZaUWIwWnJWV3N2VmxJNFYzUjFOSGM1Y3pCWlNsaDFaM3BsV2xBclJ6TjZDbTVGZUhSV05qUkNhWFJ3THk5MWExcDZOVWMzWmtvMlFqRkZTV1pDTTJWek1uZFliVTV1TVdWbk9YVjZjWEpoTWxCMVNHRnBjWGxoYTB4ak1YTktURm9LZG01Rk5VMU9XRTF1WTNaalVHUkdRbGRqT0V3d1JGWkhRMjlyZFcxQ1dqSTFabWRQUjNGcFVrRlBiMHRFZDAxVWFtMWxNR1ZzTkdRdlFVNXlabFJTZFFvMVRWZHJNRXRTU1VscUt6ZEdjeXRTUldkYVZUVnlRazl1VWpORWNuVllSeXRXWTI1MUswbzBSbk5yWjJOSmFqRldhMFZEWjJkRlFrRk5SMHRrYlhBeUNuRnRlVVJDVW1GYWVuRnNORXRRVlZGMFVGVmlTMDVDT1Vad1YycHdZVXhrVUdaVE1VRjFOMEl2WjJoYU56UndhamgxZEhsalNrZFpkMWt5ZFdsb2NURUtTRzlFY2tOaFExZE9jbmhDZHpKWGQwTTRPSGwyU1dsbGRtRkhhRXBSVG5KNFJuRmFiWEJIWkdzNFRpdFJNeTlsYW5scFpWQjJTMVJZWTB0RU9TdFlXUXBOZGtacFpWaHpRbWhsVW5sa1QzYzFZM00zT1hjck1YazJOVGRLT1VScGVVdzRaVlpHVkU0emFFWlBUQzlUV1hCamEzaGtiRVZOZDJGbVlrOXVXRTlsQ25wQmJFdEJlR1ppUldKRlNsZzJUR3hIY0RkcWQydE5abVJvV1d4ak9Ya3pWSE5WVGpsU1REbDBaVkZsVUZSS1N6Wk1VRzVvYldOSlZEVjBTSGxsWVZVS2NIQlJRWFZyZEZZdlkxUmhNa3N5VUZSRVkyVk1LMFpvY1dacVFVdzFObE5GY0d0U2QwSXhSV296Y1RrdkwyVTRaa2xCZVZkdVUwTnZWM0F4UjNGb1dRcFpRMEUxZFdoa1MzVjRXbGhVS3poRFoyZEZRa0ZQZWt4dGFqTnpTSFpRU21GcFVqZDNibmhuYTAxWU9WZzBiMGd6UmpNNFIydEVORkZwVUhNNWJsYzJDblJDTVN0RGQycEtaekZHTkVSc1QwaEVVVTh2Y1RnM2QwSXJZa0ZMUlVwTWJGZGFiR1Z4VlhaNlpFTnlTalJMVTNJeWFHZDNUbWh3Wnl0Mk5IZGhVVlVLWm5kUGVXY3JVbk5xUmpac1FXUlFiRlpCU0hNMldsWXJhQzgwZW5wMFJ6WlZlbXRwUjAxcU9HbDJSMk5uSzNCRE4wMTVOVTVHVjBOUVJtVlZWSGd2TmdwWlNuRlRkV2xQY1cxeU5qQm9XVTVaY25KYVpUTlVaRGhXVlZsWWFtWjNZVmxwYjFWVWFVMDVjREZSTVRrNU9FSlBObmhDTlhveVNXMUhOV1EyUzFCMUNuQlhkR2hHVEZaTFZWYzJhWGwxUW0wd1IyOVhlazVKVFVZdldIZG1Xa3R1TWt0bWFtUldRVUpZVXpWRFRtOXlabUpoWjBGa05tdFBTR3Q2V1RGSE55c0thRkp3UTBWdVVIUkRiRVF6Y2k5SFl6VnZSemM1ZEM5QmRDOVFOVTVVUzA5UWRHZzNLMkpJZDI5RFJVTm5aMFZDUVVzeGJIWkZiMDlJZDI5NFMwaElhZ3BSTUVOaFNYcG1UWHBDVGpsVVkyWmtRMnR5ZFROM2RGaGFTbUpHVW1Wa1ltSndiRlV5YTFGSE5FUkZTbmx6YW01TWVVbGpObWxoWW1SelZGSjZNRXBOQ2pCeFZTOHhhWGhaTWxoMU9WaFRVMW81UWxCSVMwUTBNRmw1Y3pSNWVqaEVRM04yZGxvNVNUaE9PRFpSVjBveFJWbHdRbEJaT1RWT1NWQmpZVE4yVUZJS2JsZ3ZZU3M1TlZsaFowRkNXVE5TZEhKaFVVdEdRVUp1ZUVZM2RuUndjbmg2VjBJNE16QlZPV2hQV0dWUlYwMW9SVkUzUzJSck5rMVRkMnhZWjJkWWVBcG5OWGN4V21KWGRuaFlXSFJaVEVvMmExaFhkVUZIZDFNek1FOHhRMWxyUjFCa2QzWkxNbnBRY1VWVWJXWlpaalUzYW1sVmVrNU5Sa0V5YXl0aVlXNXdDbFpRTnpGbk5FOWpRM2hEYlhaM1kxTldVa3BGVUZkWE5GRlhiR0ZsWlVNckswUXhhakZPZWtSNGJHVnJlRll6TVZjeVJHaHZaM2xLWjFSWVpVRnNaWG9LTkVsS1dHNDBhME5uWjBWQ1FVcDFjR1JIYmtWalRYZzVNbGRNUjFsTFJqSnpXRlZYUkU1dmJVNU1NSEl6ZFRWaGVFMHZkRVpGT1hOUWNqaHpabTlDTWdwU0wyTnJXSFpoVm5wMk5YQXpOekpZYlZCdlpEQTViRkUyY0U0emJteHZPSGhMVjNBdllqQmxVa2RVZGxKYVdpdE9jRlJITkVSVVIzSkpRak4wTjBKUUNtdDVPR05rWTJ0bU9XdDFWblpETDJ0RUt6UlNha3RJWlZKS2RFbFRUbUpITDFkbE4wcG9Vek5xWjJNcmMwdExUbXBNUm1RNE1qTnZTRGt3T1VjeFVXRUtPRTFNZHpGT2RqRlViRlJuYnpkbE16WnBOamRwVlVSNU4zaHJUMXBDWkZOcWF6aFVZM3BEVFVaUVp6SkZjR050TVd3eWJrdHBiWEF4WlVKNU0zcFJWZ29yVGxseUsyZFlkVlZKSzA1RldGQTNUWG93Wm5KTmVtUjJaRlZRT1RaNGVWZFNhbmgxWmpCemVERTRjbVl6TkVsdkt6Wk5helJ0Y21zd1FXaHplRTh4Q2k5YVVXZFlkVGhNTXpWUWJGSnVUSE56TkVOVmEwWXpPVzFHTm1wclVUbHBVMVZGUTJkblJVRkRlVlJQUkRsV2RXcGFUMEZTUldFMVowdG1TMlJzY3lzS04yczVUMUJTVWtaMVkybHVSRTExVTFkV1oyTXZRM2hSTDI4clJ6Z3JUMU53YlVnNU1sbFFTM1ZKVWtSVEx6WktiWEIyY1dVeVdGcEpOMFo1YkM4ell3cEpOM2N5V1dka1JWTTVPVkl2VGpOcE9VaDJRMFZ1ZGtGeFNUSXZjalJpU0ZaMFNVbGhSMk14VG01dGNsaDZhemxvYkRsRGVsZFZPRGM1Y1hCMGJIQjJDalpSVGtsek9WZGxWa2hsU21nMGRrYzJTV3g2Tm01aU5VeGFkRU5xYTBaWFFWZEljV05SV1RNd04xUm5TWGN4ZURBek0wUlhNa3QzTVVGRFVWaFhXbU1LUVM4d01saEpZV05VV21GSE0ySk5iVko0TTFVNGJHZHVTVlpzUlhOcWJWcFpaVlZtU1RKbmVUQXlZblprYWtaamQzUkxWVmR5UTFSdmFFUXhZbFI1VXdwcWQwcFFla1pYU0ZFNU9XaHlVa3h6WTBsRVpHTmtaVk5zU0RnNVIwOXZNbTVOTlhKelZuUmhSbXByYjNZNGJHWkNTakpoTlZWRVJWRXpRMlExUVQwOUNpMHRMUzB0UlU1RUlGSlRRU0JRVWtsV1FWUkZJRXRGV1MwdExTMHRDZz09"],"snippet":{"before":"lIVUx3WURSTmJyNjVZb2RhRU9WRE1ITW5ZUWptMWlNUElLM3QyMkdmcEErCktyRENHMUVlZnZkUTU0eGhreUtZVjZOZko0R0gyOVJicXNkeVMyS1hDUXJINDlqV1h3RHpRZ09iK1BUcW9nNCsKNzVVemhsQ2pYT3FPRFFaY1JjWXVyZTJjK2Z1elU2cVJ1L1o5SlJZM0MyOD0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=\n tls.key: ","matching":"LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS2dJQkFBS0NBZ0VBc3dXU2tpZU9nNkJhdElGTUJ0VldzZW9nTWw0UkhYNnRJQ1lQM0EwVzRJSjhrc1g2CmxvWEVxMys3NWxTZ0U1RzRGS2NXYUV5UzdjcGEycERUNTN5RmN1NTdtT0tRVkh2OG5VczVrM3hXcUFXNis3M0EKOTZlMHZtenlKbG9ORUkwOU1pS0ZsM3dsSzVLN2VCRlFpb2tRb3YxSlFqOUZ4VGFIMDBSMGpqK003L3hWSWFIKwpxamU3N0xaSjBqdDJDVXdKVG94UTMyREYwVDQ4MHh4cDNPM3ZYOERCTnhZS3M1KzVNQzExMkpxZzBrYmpTaVM1Ci8vZXF3SXFwTzUzZUxDN2F1UVltTU5Db1ZMWnNmaW1teDFwTXN4bEhuTEJxcVNGbW5seVBoOVpveVdSZDNQdHcKUWU3V205ZmprZStXNW5yaHc3M25uMXFKNzN0QXU5ZFQyT2lFcWZQNjM3MXdTdHpZUzBGa0llVWlVZERxdWFXUAorR1M3UkRQanNLMXZMK3lmWlBMbDNYSktvK0YzRUJrb2djb3NLdzNueEhscEI0TWtTRnJEb2dJQUk0RU9VSzR3CkhsRjdMcStDd04xaXFCdlZvbWFOSjVWTFVJVTVjcmpVL1I5SXdINzNNNHZXSFZWd3hQNWFqUm5pOG1weWpZS20KeGwrR1pRL25nbE1LTW9ScG9uSDVqL0RNNk81WTE5dVg2OUlmTEFSaDhROGN0R0pmOG04ZGt5elhHK2dSYlo4cgpKdVM0TUV6bmpSa2JraGhtL2g1TTdxZC9FdTJnbmlTOW9yY3VUMGE3NUd0RmlsSlMya3pmTldaUjhNcEFJQW5qCmhubXIycDU2MTBBRENEMnJqRnBTRUtPSzlPNUF5alRQelZsZDRwZXY5M2ljcW1PTzk0bDBxcUpHcmM4Q0F3RUEKQVFLQ0FnRUFvOE5TUEM3QldMbGtvRUN5K29GSDZFTERKekFUdWdaNmVyRTJ5dGFTZWRnRCt3UHVZcW1GcWxpVAoyM1RJWm41amhVai8zM05FNlErMklzQmZpQi9KdDhSZS9oRXJkSTFqSGNTRnE5d1BMVzdvaUljaHNhc1JWUzAyCktrMHdMRmIzaHhnN1dzTHZBYmdkbEExS3Z4LzVQeEF5WnM2WWxYcDNyNVNzaHIrdHZvNzJsV2lxSEs0VlU4bkIKSi9iSzJHQmRGeVNXaW5EdEpLY3BYdmxjQWdVS2QyNU5rWVd4VG5XckkxNUNzbDFwQmxKZ2N4KzdvbUsrS1pudQppNkd6Ym5tQ0RjV0pSQmhzRStvNHZ3UjlFMW9RVmJtblg3ZW1Lb2RxWnkxSEF6em82R25PejJxWFcwa1B1c28zCjIvVHU5bkdzZXJJSzR5UWdrQmtRczRTYnFBMno1SGFvOStKTFU0dEtLWUQvZDd2MHA1SkFJRGRSYlA3U1hRSjAKdTF2NXlqVmlSbE42bVJneWtNNk85SHcwakVXQytNRG5zNm8xS2Jxb3ZyL3NZN3VNRUZrVEZxWEcyTndYNmE1UAo2SndHWU5DSXJNaXpjaEYwdU50SUFIS1RpMm9OcjM0cVZQb0ZrVWsvVlI4V3R1NHc5czBZSlh1Z3plWlArRzN6Cm5FeHRWNjRCaXRwLy91a1p6NUc3Zko2QjFFSWZCM2VzMndYbU5uMWVnOXV6cXJhMlB1SGFpcXlha0xjMXNKTFoKdm5FNU1OWE1uY3ZjUGRGQldjOEwwRFZHQ29rdW1CWjI1ZmdPR3FpUkFPb0tEd01Uam1lMGVsNGQvQU5yZlRSdQo1TVdrMEtSSUlqKzdGcytSRWdaVTVyQk9uUjNEcnVYRytWY251K0o0RnNrZ2NJajFWa0VDZ2dFQkFNR0tkbXAyCnFteURCUmFaenFsNEtQVVF0UFViS05COUZwV2pwYUxkUGZTMUF1N0IvZ2haNzRwajh1dHljSkdZd1kydWlocTEKSG9EckNhQ1dOcnhCdzJXd0M4OHl2SWlldmFHaEpRTnJ4RnFabXBHZGs4TitRMy9lanlpZVB2S1RYY0tEOStYWQpNdkZpZVhzQmhlUnlkT3c1Y3M3OXcrMXk2NTdKOURpeUw4ZVZGVE4zaEZPTC9TWXBja3hkbEVNd2FmYk9uWE9lCnpBbEtBeGZiRWJFSlg2TGxHcDdqd2tNZmRoWWxjOXkzVHNVTjlSTDl0ZVFlUFRKSzZMUG5obWNJVDV0SHllYVUKcHBRQXVrdFYvY1RhMksyUFREY2VMK0ZocWZqQUw1NlNFcGtSd0IxRWozcTkvL2U4ZklBeVduU0NvV3AxR3FoWQpZQ0E1dWhkS3V4WlhUKzhDZ2dFQkFPekxtajNzSHZQSmFpUjd3bnhna01YOVg0b0gzRjM4R2tENFFpUHM5blc2CnRCMStDd2pKZzFGNERsT0hEUU8vcTg3d0IrYkFLRUpMbFdabGVxVXZ6ZENySjRLU3IyaGd3TmhwZyt2NHdhUVUKZndPeWcrUnNqRjZsQWRQbFZBSHM2WlYraC80enp0RzZVemtpR01qOGl2R2NnK3BDN015NU5GV0NQRmVVVHgvNgpZSnFTdWlPcW1yNjBoWU5ZcnJaZTNUZDhWVVlYamZ3YVlpb1VUaU05cDFRMTk5OEJPNnhCNXoySW1HNWQ2S1B1CnBXdGhGTFZLVVc2aXl1Qm0wR29Xek5JTUYvWHdmWktuMktmamRWQUJYUzVDTm9yZmJhZ0FkNmtPSGt6WTFHNysKaFJwQ0VuUHRDbEQzci9HYzVvRzc5dC9BdC9QNU5US09QdGg3K2JId29DRUNnZ0VCQUsxbHZFb09Id294S0hIagpRMENhSXpmTXpCTjlUY2ZkQ2tydTN3dFhaSmJGUmVkYmJwbFUya1FHNERFSnlzam5MeUljNmlhYmRzVFJ6MEpNCjBxVS8xaXhZMlh1OVhTU1o5QlBIS0Q0MFl5czR5ejhEQ3N2dlo5SThOODZRV0oxRVlwQlBZOTVOSVBjYTN2UFIKblgvYSs5NVlhZ0FCWTNSdHJhUUtGQUJueEY3dnRwcnh6V0I4MzBVOWhPWGVRV01oRVE3S2RrNk1Td2xYZ2dYeApnNXcxWmJXdnhYWHRZTEo2a1hXdUFHd1MzME8xQ1lrR1Bkd3ZLMnpQcUVUbWZZZjU3amlVek5NRkEyaytiYW5wClZQNzFnNE9jQ3hDbXZ3Y1NWUkpFUFdXNFFXbGFlZUMrK0QxajFOekR4bGVreFYzMVcyRGhvZ3lKZ1RYZUFsZXoKNElKWG40a0NnZ0VCQUp1cGRHbkVjTXg5MldMR1lLRjJzWFVXRE5vbU5MMHIzdTVheE0vdEZFOXNQcjhzZm9CMgpSL2NrWHZhVnp2NXAzNzJYbVBvZDA5bFE2cE4zbmxvOHhLV3AvYjBlUkdUdlJaWitOcFRHNERUR3JJQjN0N0JQCmt5OGNkY2tmOWt1VnZDL2tEKzRSaktIZVJKdElTTmJHL1dlN0poUzNqZ2Mrc0tLTmpMRmQ4MjNvSDkwOUcxUWEKOE1MdzFOdjFUbFRnbzdlMzZpNjdpVUR5N3hrT1pCZFNqazhUY3pDTUZQZzJFcGNtMWwybktpbXAxZUJ5M3pRVgorTllyK2dYdVVJK05FWFA3TXowZnJNemR2ZFVQOTZ4eVdSanh1ZjBzeDE4cmYzNElvKzZNazRtcmswQWhzeE8xCi9aUWdYdThMMzVQbFJuTHNzNENVa0YzOW1GNmprUTlpU1VFQ2dnRUFDeVRPRDlWdWpaT0FSRWE1Z0tmS2RscysKN2s5T1BSUkZ1Y2luRE11U1dWZ2MvQ3hRL28rRzgrT1NwbUg5MllQS3VJUkRTLzZKbXB2cWUyWFpJN0Z5bC8zYwpJN3cyWWdkRVM5OVIvTjNpOUh2Q0VudkFxSTIvcjRiSFZ0SUlhR2MxTm5tclh6azlobDlDeldVODc5cXB0bHB2CjZRTklzOVdlVkhlSmg0dkc2SWx6Nm5iNUxadENqa0ZXQVdIcWNRWTMwN1RnSXcxeDAzM0RXMkt3MUFDUVhXWmMKQS8wMlhJYWNUWmFHM2JNbVJ4M1U4bGduSVZsRXNqbVpZZVVmSTJneTAyYnZkakZjd3RLVVdyQ1RvaEQxYlR5Uwpqd0pQekZXSFE5OWhyUkxzY0lEZGNkZVNsSDg5R09vMm5NNXJzVnRhRmprb3Y4bGZCSjJhNVVERVEzQ2Q1QT09Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==\n","after":" kind: Secret\n metadata:\n creationTimestamp: \"2024-07-05T07:48:29Z\"\n generateName: sealed-secrets-key\n labels:\n sealedsecrets.bitnami.com/sealed-secrets-key: active\n name: sealed-secrets-keydp7k2\n namespace: kube-system\n resourceVe"},"structural_id":"1d846c2374cc26fbc45343177e2839083bb9c878","rule_structural_id":"35bc9170393aecc3777a72fe77e269fc150c91ce","rule_text_id":"np.pem.2","rule_name":"Base64-PEM-Encoded Private Key","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"38e3edc1387124ef61e8c76070e663d115f5bc99","rule_name":"Generic Password","rule_text_id":"np.generic.5","rule_structural_id":"4742a7e5266ce68dd5633ca6c2c634a4fa706673","groups":["RGVmYXVsdExvZ2luUGFzc3dvcmREb05vdENoYW5nZSE="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"file","path":"./src/main/java/org/owasp/wrongsecrets/challenges/docker/WrongSecretsConstants.java"}],"blob_metadata":{"id":"96c52dfccb8eb84609a82a256110eedda4533660","num_bytes":351,"mime_essence":"application/octet-stream","charset":null},"blob_id":"96c52dfccb8eb84609a82a256110eedda4533660","location":{"offset_span":{"start":216,"end":261},"source_span":{"start":{"line":9,"column":30},"end":{"line":9,"column":74}}},"groups":["RGVmYXVsdExvZ2luUGFzc3dvcmREb05vdENoYW5nZSE="],"snippet":{"before":"package org.owasp.wrongsecrets.challenges.docker;\n\nimport lombok.experimental.UtilityClass;\n\n/** used for Challenges their secrets. */\n@UtilityClass\npublic class WrongSecretsConstants {\n\n public static final String ","matching":"password = \"DefaultLoginPasswordDoNotChange!\"","after":";\n public static final String newKey = \"mISydD0En55Fq8FXbUfX720K8Vc6/aQYtkFmkp7ntsM=\";\n}\n"},"structural_id":"cf11aba33d3a6f47d2754fb27a0744cbf0e1b84b","rule_structural_id":"4742a7e5266ce68dd5633ca6c2c634a4fa706673","rule_text_id":"np.generic.5","rule_name":"Generic Password","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"d8bca20ca68b780e7d767742e9ac645c94fd9eef","rule_name":"Generic Password","rule_text_id":"np.generic.5","rule_structural_id":"4742a7e5266ce68dd5633ca6c2c634a4fa706673","groups":["WWpOQ2JHSnBRbnBhV0U1b1lsZFZQUW89"],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"file","path":"./src/main/java/org/owasp/wrongsecrets/challenges/docker/authchallenge/Challenge37.java"}],"blob_metadata":{"id":"a8870a79c7187eee396159eb1d1b29c1a9f0cb7a","num_bytes":1439,"mime_essence":"application/octet-stream","charset":null},"blob_id":"a8870a79c7187eee396159eb1d1b29c1a9f0cb7a","location":{"offset_span":{"start":781,"end":818},"source_span":{"start":{"line":23,"column":31},"end":{"line":23,"column":67}}},"groups":["WWpOQ2JHSnBRbnBhV0U1b1lsZFZQUW89"],"snippet":{"before":"s is a challenge based on the idea of leaking a secret for an authenticated endpoint through a\n * ZAP configuration file.\n */\n@Slf4j\n@Component\npublic class Challenge37 extends FixedAnswerChallenge {\n\n private String secret;\n private static final String ","matching":"password = \"YjNCbGJpQnpaWE5oYldVPQo=\"","after":";\n\n public Challenge37(@Value(\"${DEFAULT37}\") String secret) {\n if (\"DEFAULT37\".equals(secret) || Strings.isNullOrEmpty(secret)) {\n this.secret = UUID.randomUUID().toString();\n } else {\n this.secret = secret;\n }\n }\n\n @Bean\n public Ba"},"structural_id":"f881cdead81e499145ee74abaeb4d2ddfa217a04","rule_structural_id":"4742a7e5266ce68dd5633ca6c2c634a4fa706673","rule_text_id":"np.generic.5","rule_name":"Generic Password","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"bc3208fe4063d948df9a64801e685f850ab88bf2","rule_name":"Generic Password","rule_text_id":"np.generic.5","rule_structural_id":"4742a7e5266ce68dd5633ca6c2c634a4fa706673","groups":["YW4zVXpSZz0="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"file","path":"./js/index.js"}],"blob_metadata":{"id":"d5a482b649e932ce49749c347ffed9a282e4855f","num_bytes":114,"mime_essence":"text/javascript","charset":null},"blob_id":"d5a482b649e932ce49749c347ffed9a282e4855f","location":{"offset_span":{"start":27,"end":48},"source_span":{"start":{"line":3,"column":6},"end":{"line":3,"column":26}}},"groups":["YW4zVXpSZz0="],"snippet":{"before":"\n function secret() {\n var ","matching":"password = \"an3UzRg=\"","after":" + 9 + \"vrR9\" + 6 + \"KSs=\" + 2 + \"ARBN\" + 7;\n return password;\n }\n"},"structural_id":"03f2c296a1469f1f6ea19ba04870ff258ed3f953","rule_structural_id":"4742a7e5266ce68dd5633ca6c2c634a4fa706673","rule_text_id":"np.generic.5","rule_name":"Generic Password","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"e7d9519d23104e0652bf3b718fd34b413e0ebb86","rule_name":"Generic Password","rule_text_id":"np.generic.5","rule_structural_id":"4742a7e5266ce68dd5633ca6c2c634a4fa706673","groups":["ZGVmYXVsdA=="],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"file","path":"./Dockerfile"}],"blob_metadata":{"id":"af07fe7fdac96700fa5059405cf1f5a184194452","num_bytes":1223,"mime_essence":null,"charset":null},"blob_id":"af07fe7fdac96700fa5059405cf1f5a184194452","location":{"offset_span":{"start":55,"end":73},"source_span":{"start":{"line":3,"column":13},"end":{"line":3,"column":30}}},"groups":["ZGVmYXVsdA=="],"snippet":{"before":"FROM eclipse-temurin:23.0.1_11-jre-alpine\n\nARG argBased","matching":"Password=\"default\"","after":"\nARG argBasedVersion=\"1.10.0\"\nARG spring_profile=\"\"\nENV SPRING_PROFILES_ACTIVE=$spring_profile\nENV ARG_BASED_PASSWORD=$argBasedPassword\nENV APP_VERSION=$argBasedVersion\nENV DOCKER_ENV_PASSWORD=\"This is it\"\nENV AZURE_KEY_VAULT_ENABLED=false\nENV SPRINGDOC_UI"},"structural_id":"eb9fcb748e976f8dc139d4e2bf0dfe13f37f768e","rule_structural_id":"4742a7e5266ce68dd5633ca6c2c634a4fa706673","rule_text_id":"np.generic.5","rule_name":"Generic Password","score":null,"comment":null,"status":null,"redundant_to":[]}]} +{"finding_id":"1d56ba5ba541032ca531a3b07fbefd3d3a58df32","rule_name":"Generic Secret","rule_text_id":"np.generic.1","rule_structural_id":"3a961eccebcf7356ad803ec8e1a711d01801b9d7","groups":["MHg4YjcyZjdjYkFENTA2MjBjNDYyMTlhZDY3NkFkOWQzYTVBMjczNTg3"],"num_matches":1,"num_redundant_matches":0,"statuses":[],"comment":null,"mean_score":null,"matches":[{"provenance":[{"kind":"file","path":"./src/main/resources/explanations/challenge25.adoc"}],"blob_metadata":{"id":"12c6ab9a78813e5cf5aa45b505ad858217861a92","num_bytes":270,"mime_essence":null,"charset":null},"blob_id":"12c6ab9a78813e5cf5aa45b505ad858217861a92","location":{"offset_span":{"start":173,"end":241},"source_span":{"start":{"line":5,"column":56},"end":{"line":5,"column":123}}},"groups":["MHg4YjcyZjdjYkFENTA2MjBjNDYyMTlhZDY3NkFkOWQzYTVBMjczNTg3"],"snippet":{"before":"=== Secrets in smart contracts part 1\n\nOn public blockchains, everything that is written on-chain is world-readable.\n\nIn this challenge, you need to read the variable named ","matching":"secret from the contract `0x8b72f7cbAD50620c46219ad676Ad9d3a5A273587","after":"` on the Goerli EVM Testnet.\n"},"structural_id":"c290822f8c5e37199afe269b4367bb37d5aeed04","rule_structural_id":"3a961eccebcf7356ad803ec8e1a711d01801b9d7","rule_text_id":"np.generic.1","rule_name":"Generic Secret","score":null,"comment":null,"status":null,"redundant_to":[]}]} \ No newline at end of file diff --git a/unittests/tools/test_noseyparker_parser.py b/unittests/tools/test_noseyparker_parser.py index af89a8ae2c..1456f94d8f 100644 --- a/unittests/tools/test_noseyparker_parser.py +++ b/unittests/tools/test_noseyparker_parser.py @@ -54,3 +54,12 @@ def test_noseyparker_version_0_22_0(self): self.assertEqual(33, len(findings)) finding = findings[10] self.assertEqual("High", finding.severity) + + def test_noseyparker_version_0_22_0_without_githistory(self): + with open("unittests/scans/noseyparker/noseyparker_0_22_0_without_githistory.jsonl", encoding="utf-8") as testfile: + parser = NoseyParkerParser() + findings = parser.get_findings(testfile, Test()) + finding = findings[0] + self.assertEqual("High", finding.severity) + self.assertEqual(798, finding.cwe) + self.assertEqual(6, len(findings)) From 6eab7601ac9e2c6dc6a33cf8b8adeccddfbe3bfc Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Thu, 23 Jan 2025 08:27:45 +0100 Subject: [PATCH 9/9] added comment --- dojo/tools/noseyparker/parser.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/dojo/tools/noseyparker/parser.py b/dojo/tools/noseyparker/parser.py index 1c3308875a..05fcdab49d 100644 --- a/dojo/tools/noseyparker/parser.py +++ b/dojo/tools/noseyparker/parser.py @@ -108,6 +108,7 @@ def version_0_22_0(self, line, test): num_elements = len(match["provenance"]) - 1 json_path = match["provenance"][num_elements] line_num = match["location"]["source_span"]["start"]["line"] + # scanned with git history if json_path.get("first_commit"): title = f"Secret(s) Found in Repository with Commit ID {json_path['first_commit']['commit_metadata']['commit_id']}" filepath = json_path["first_commit"]["blob_path"] @@ -118,6 +119,7 @@ def version_0_22_0(self, line, test): f"Commit ID: {json_path['first_commit']['commit_metadata']['commit_id']} \n" \ f"Location: {filepath} line #{line_num} \n" \ f"Line #{line_num} \n" + # scanned wihout git history else: title = "Secret(s) Found in Repository" filepath = json_path["path"]