auth0 / repo-supervisor Goto Github PK

View Code? Open in Web Editor NEW

633.0 33.0 88.0 1.39 MB

Scan your code for security misconfiguration, search for passwords and secrets. :mag:

License: MIT License

JavaScript 91.05% Shell 0.78% Dockerfile 1.27% Handlebars 6.89%

security secret-management secrets serverless blueteam redteam secrets-detection

repo-supervisor's Introduction

Repo-supervisor

❗ Repo-supervisor is not being actively maintained

The Repo-supervisor is a tool that helps you to detect secrets and passwords in your code. It's as easy to install as adding a new webhook to your Github repository.

It works in two separate modes. The first one allows us to scan Github pull requests, and the second one works from the command line where it scans local directories.

Repo-supervisor

Usage

Pre-requisites

To start using a tool, download the latest release from the Github releases page. There are two bundles available for both AWS Lambda deployment as well as for the CLI mode. Using CLI mode doesn't require any additional configuration, whereas to use the PR mode, it's necessary to deploy the bundle to AWS Lambda first.

Command line mode

The CLI mode allows scanning local directories with source code to detect secrets and passwords in files. That is the simplest deployment option, and it could become a part of the CI pipeline.

Findings might be either returned in the plaintext or JSON format:

$ npm ci && npm run build
$ node ./dist/cli.js ./test/fixtures/integration/dir.with.secrets

[./test/fixtures/integration/dir.with.secrets/foo/bar.js]
>> zJd-55qmsY6LD53CRTqnCr_g-
>> gm5yb-hJWRoS7ZJTi_YUj_tbU
>> GxC56B6x67anequGYNPsW_-TL
>> MLTk-BuGS8s6Tx9iK5zaL8a_W
>> 2g877BA_TsE-WoPoWrjHah9ta

[./test/fixtures/integration/dir.with.secrets/foo/foo.json]
>> d7kyociU24P9hJ_sYVkqzo-kE
>> q28Wt3nAmLt_3NGpqi2qz-jQ7

$ JSON_OUTPUT=1 node ./dist/cli.js ./test/fixtures/integration/dir.with.secrets

{"result":[{"filepath":"./test/fixtures/integration/dir.with.secrets/foo/bar.js","secrets":["zJd-55qmsY6LD53CRTqnCr_g-","gm5yb-hJWRoS7ZJTi_YUj_tbU","GxC56B6x67anequGYNPsW_-TL","MLTk-BuGS8s6Tx9iK5zaL8a_W","2g877BA_TsE-WoPoWrjHah9ta"]},{"filepath":"./test/fixtures/integration/dir.with.secrets/foo/foo.json","secrets":["d7kyociU24P9hJ_sYVkqzo-kE","q28Wt3nAmLt_3NGpqi2qz-jQ7"]}]}

Github Pull Request mode

Running a tool in the pull request mode requires to add a new webhook to the Github repository. Webhook should be triggered on a pull request events whenever someone opens, updates, or closes a PR. Therefore, when a scan is triggered, it will update the PR status to either success or failure, depending on findings.

Webhook configuration details:

Setting	Value
Payload URL	AWS Lambda URL
Content type	`application/json`
Events type	`Pull requests`

Whenever a tool finds security issues, it sets the PR status to error, and it adds a link to view the report. Link to the report is a URL to AWS Lambda deployment with an additional query parameter ?id=<jwt> that allows to generate the HTML report.

Check out a sample report:

Depending on the success or failure of the scan, it will set a proper PR status.

Error - issues detected

Success - no issues were found

A false positive was reported

Supported files

Repo-supervisor aims to decrease the number of false positives as much as possible. It means that it doesn't scan all file types and extensions. Each file is parsed according to its format to extract strings, and this is a context-aware process that requires to use a language tokenizer. The currently supported file types are:

JSON (.json)
JavaScript (.js)
YAML (.yaml)

We plan to add new file types in the future. Read a documentation on how to add a new file type to learn more.

Security checks

This is the list of currently implemented checks in a tool:

Module	Details
Entropy Meter	Finds strings with a high entropy to detect secrets and passwords in supported file types.

Frequently asked questions

How does it work?

CLI mode:

Scan a directory provided as argument
Get a list of all files and return only those matching supported extensions like *.json or *.js
Process every supported file with a tokenizer (different one for each file type)
Iterate over all extracted strings and run security checks on them
- Entropy Meter - calculate the entropy value to see if it goes above defined threshold (maxAllowedEntropy)
Print out detected issues either in a plain-text or JSON format

Pull Request mode:

Receive a webhook payload
Process payload and extract all modified files
Iterate over each file:
- Use the appropriate tokenizer based on file type
- Extract strings from a file
- Run security checks on those strings
If tool detects issues then it sets CI status to error with a link to the report
If no issues were found then it sets CI status to success

Why doesn't it find any secrets?

Verify that the secrets you want to find are inside supported file types. Read more in the Supported files section.

How to add support for new file types?

To support a new file type, you need to create a new parser. Some of the file types might require to use external tokenizers because of the complex structure like JavaScript files. On the other hand, for simple file types, it's pretty straightforward as it was with JSON files.

Read more on how to add a new file type.

What is Auth0?

Auth0 helps you to:

Add authentication with multiple authentication sources, either social like Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, amont others, or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider.
Add authentication through more traditional username/password databases.
Add support for linking different user accounts with the same user.
Support for generating signed Json Web Tokens to call your APIs and flow the user identity securely.
Analytics of how, when and where users are logging in.
Pull data from other sources and add it to the user profile, through JavaScript rules.

Create a free account in Auth0

Go to Auth0 and click Sign Up.
Use Google, GitHub or Microsoft Account to login.

Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

Author

Auth0

License

This project is licensed under the MIT license. See the LICENSE file for more info.

repo-supervisor's People

Contributors

Stargazers

Watchers

Forkers

radekk irivera007 adolfoeliazat anshumanbh techlord-rce securitywarrior ramusbucket christopherchestnut aipacino jasontarka arunics uswitch rainmekka mikeabreu minkione amaysim-au mdelano d4mn4t10n nanyte25 jmulcahytsc security-prince mmg1 simeonlamhk01 hk01-digital essobi sortigoza ankit3001 xiaolushuo optionalg mhanratta driver-217 r3dfruitrollup ik-security shahid1996 pombredanne bbhunter pavanvasist devendrasuthar mdedonno1337 modulexcite affilares a88xss acumenix digitalarche theexiled1 marciopocebon uasau eliottthomas1 w4fz5uck5 rakhithjk 4ndersonlin shaanz ashbarwick quantify polling-repo-continua danzee1 vindigch p0lychrome zforks bnygld przor3n ulfathali123 emarainho l86-n78 toadeolu p0intbl4nc kth ethan-1106 svc-global-secrets-scanner nitisha-mungel fixgroup21 ua-solsen hartl3y94 batelt lulukelu admin-079 isabella232 nocturnalglory excloudx6 cohernandez aleph-works bolek117 dxp666 guieco

repo-supervisor's Issues

Azure extension

Hi Team,

We would to use this tool in our Azure DevOps pipelines, can you let us know how to integrate this tool in azure since this tool not available as an extension to install and use from azure marketplace.

AWS Lambda deployment

I'm trying to deploy this onto AWS Lambda and having trouble. I'd be more than happy to author and contribute detailed docs on how to do this, but would benefit from at least a kick-start on how to accomplish it. The very beginning of the webtask.js file:

module.exports

...seems to be problematic.

Ideas?

NPM package is outdated

Please update this package on https://www.npmjs.com/package/repo-supervisor

JSON files not parsed properly when containing nested properties

Description

It occurred that some of the JSON values were merged into a single string instead of multiple values. As a result it wasn't properly calculating the entropy level as well as reporting findings back to the user.

Reproduction

SHOULD NOT return all emails and selectors in a single line. Therefore, it should not be detected as secrets, but it is.

node src/cli.js test/fixtures/

[test/fixtures//unit/src/filters/entropy.meter/pre.filters/css.selectors.json]
>> #foo-bar,#foo.bar,#foo_bar,.foo-bar,.foo_bar,.foo.bar,#foo[value='bar'],#foo[value="bar"],#foo[value^='bar'],#foo[value^="bar"],.foo[value='bar'],.foo[value="bar"],.foo[value^='bar'],.foo[value^="bar"],input[value='bar'],input[value="bar"],button[value^='bar'],button[value^="bar"],[value='bar'],[value="bar"],[value^='bar'],[value^="bar"],foo>bar,#foo>bar,#foo>.bar,#foo>#bar,.foo>bar,.foo>#bar,.foo>.bar

[test/fixtures//unit/src/filters/entropy.meter/pre.filters/email.addresses.json]
>> [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected]

Expected output

Nested JSON objects should be parsed properly, and not concatenated Object values should be returned. Each object key and value should be a separate string.

References

https://gitter.im/repo-supervisor/Lobby

Environment

Version of this library used: master - c16e4f6
Version of the platform or framework used, if applicable: docker container
Other modules/plugins/libraries that might be involved: node (v10.18.1), npm (6.13.4)

Push Webhook

I like the project that you have started. This is almost exactly what I was looking for in order to scan GitHub repos for exposed secrets before they lead into an incident. Although, it's not complete in it's coverage. My understanding is that this will only monitor for pull requests into a currently existing repo. This is great if development is slow or is finished and you are only accepting pull requests into the repo. Although, if the repo is actively being developed by multiple people they are most likely going to push to the repo instead of making a pull requests. This tool falls short because it isn't setup to listen for push webhooks and then scan those new commits.

Are there any plans to expand this project to include push webhooks?

Make docker image publicly available

Hi, the docker image for this repository does not exist on the docker hub.
The command from README.md to run a docker image requires you to clone the repository and build the image locally first.

Adding an automated build on docker hub can be done in two minutes and does not require any maintanance.

Please consider :)
Andy

Does not work without webtask

Webtask is not accepting new accounts, therefore, without running wt init (impossible if you don't have an account) you cannot deploy this app? am I missing something obvious?

Publish the cli as installable via npm?

Is there any reason this isn't a tool I can install via npm install -g?

If this is an explicit choice, it might be worth grabbing the name repo-supervisor on the npm registry to ensure someone doesn't put something malicious there?

Tests done in "repo-supervisor" are not detecting the Secrets

After completing the Deployment and setting up the Webhook in my forked repo-supervisor repository. Test pull requests are not detecting and complete the check.
Wonder if there is an issue with my setup / webtask deployment.

My PR link : arunics#1

Secrets detected in PR which removes the code

Repo Supervisor is detecting secrets being removed from the code. At the end it flags pull request with a failed status 🔴 which blocks users without admin rights from merging the code.

Running CLI exits with status 1 if a directory doesn't have any .js or .json files

Hello again,

I was able to get the Docker image built but when I ran the cli inside the docker container and tried scanning a repository that did not have any .js or .json files, it threw an error and exited with 1 status. Can we modify the code to just output "no secrets identified" or something when it doesn't find anything or if there are no .js/.json files?

The error looked like this:

root@abb850e00b87:/data/repo-supervisor# npm run cli /tmp/repos/users/secretuser2/

> [email protected] cli /data/repo-supervisor
> node dist/cli.js "/tmp/repos/users/secretuser2/"

Not detected any secrets in files.

npm ERR! Linux 4.7.2
npm ERR! argv "/root/.nvm/versions/node/v7.10.0/bin/node" "/root/.nvm/versions/node/v7.10.0/bin/npm" "run" "cli" "/tmp/repos/users/secretuser2/"
npm ERR! node v7.10.0
npm ERR! npm  v4.2.0
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] cli: `node dist/cli.js "/tmp/repos/users/secretuser2/"`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the [email protected] cli script 'node dist/cli.js "/tmp/repos/users/secretuser2/"'.
npm ERR! Make sure you have the latest version of node.js and npm installed.
npm ERR! If you do, this is most likely a problem with the repo-supervisor package,
npm ERR! not with npm itself.
npm ERR! Tell the author that this fails on your system:
npm ERR!     node dist/cli.js "/tmp/repos/users/secretuser2/"
npm ERR! You can get information on how to open an issue for this project with:
npm ERR!     npm bugs repo-supervisor
npm ERR! Or if that isn't available, you can get their info via:
npm ERR!     npm owner ls repo-supervisor
npm ERR! There is likely additional logging output above.

npm ERR! Please include the following file with any support request:
npm ERR!     /root/.npm/_logs/2017-06-15T02_10_05_839Z-debug.log

To support local service deployment of the module

Currently repo-supervisor supports two modes - Docker(cli to scan local repo) and Lambda is supported(for github pull request).
Feature : If there is a third mode , to deploy the repo-supervisor on local instances as a service and to have git pull request will be a nice feature, so that there is no dependency on AWS lambda for this mode.
Thanks!

Feature: To scan other public repos for vulnerablities.

Please do not report security vulnerabilities here. The Responsible Disclosure Program details the procedure for disclosing security issues.

Thank you in advance for helping us to improve this library! Your attention to detail here is greatly appreciated and will help us respond as quickly as possible. For general support or usage questions, use the Auth0 Community or Auth0 Support. Finally, to avoid duplicates, please search existing Issues before submitting one here.

By submitting an Issue to this repository, you agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

I can't search other public repo for vulnerablilities.

Describe the ideal solution

It would be nice if I can provide a public git repo and it can return the possible vulnerabilities, this way I can write a script to automate it.

Crashes on the presence of a symlink

When attempting to run this on a directory which contains symlinks, the process crashes.

This appears to be a result of using statSync over lstatSync. It's not entirely clear where this happens as the stack trace points to the webpack bundle.

> node dist/cli.js ~/my/files
fs.js:953
  binding.stat(pathModule._makeLong(path));
          ^

Error: ENOENT: no such file or directory, stat '/Users/glen/my/files/something/which/is/a/symlink'
    at Object.fs.statSync (fs.js:953:11)
    at /Users/glen/Development/GitHub/repo-supervisor/dist/cli.js:1:7461
    at Array.forEach (native)
    at e (/Users/glen/Development/GitHub/repo-supervisor/dist/cli.js:1:7415)
    at /Users/glen/Development/GitHub/repo-supervisor/dist/cli.js:1:7503
    at Array.forEach (native)
    at e (/Users/glen/Development/GitHub/repo-supervisor/dist/cli.js:1:7415)
    at Object.<anonymous> (/Users/glen/Development/GitHub/repo-supervisor/dist/cli.js:1:7523)
    at t (/Users/glen/Development/GitHub/repo-supervisor/dist/cli.js:1:177)
    at /Users/glen/Development/GitHub/repo-supervisor/dist/cli.js:1:560

Crashes with "Cannot convert object to primitive value"

To try this out I downloaded the repo and installed it, then tried to run it on this project's root directory. I got a crash with the following:

> npm version
{ 'repo-supervisor': '1.1.2',
  npm: '5.0.4',
  ares: '1.10.1-DEV',
  cldr: '31.0.1',
  http_parser: '2.7.0',
  icu: '59.1',
  modules: '57',
  node: '8.1.3',
  openssl: '1.0.2l',
  tz: '2017b',
  unicode: '9.0',
  uv: '1.12.0',
  v8: '5.8.283.41',
  zlib: '1.2.11' }

> node dist/cli.js .
/Users/glen/Development/GitHub/repo-supervisor/node_modules/lodash/lodash.js:13199
      result[value] = key;
                    ^

TypeError: Cannot convert object to primitive value
    at /Users/glen/Development/GitHub/repo-supervisor/node_modules/lodash/lodash.js:13199:21
    at /Users/glen/Development/GitHub/repo-supervisor/node_modules/lodash/lodash.js:3209:9
    at /Users/glen/Development/GitHub/repo-supervisor/node_modules/lodash/lodash.js:4944:15
    at baseForOwn (/Users/glen/Development/GitHub/repo-supervisor/node_modules/lodash/lodash.js:3001:24)
    at baseInverter (/Users/glen/Development/GitHub/repo-supervisor/node_modules/lodash/lodash.js:3208:7)
    at /Users/glen/Development/GitHub/repo-supervisor/node_modules/lodash/lodash.js:5247:16
    at e.exports (/Users/glen/Development/GitHub/repo-supervisor/dist/cli.js:1:3646)
    at /Users/glen/Development/GitHub/repo-supervisor/dist/cli.js:1:2281
    at Array.forEach (native)
    at Object.processFile (/Users/glen/Development/GitHub/repo-supervisor/dist/cli.js:1:2148)

Lambada Webhook POST failing on validation

vI have configured the AWS lambda and gateway but Github web hook during PULL Request event POST call returning the below error:

POST Response code : 422
POST Response Body :

HttpError: Validation Failed: {"resource":"Status","code":"custom","field":"target_url","message":"target_url must use http(s) scheme"}
    at response.text.then.message (/var/task/awslambda.js:52517:23)
    at process._tickCallback (internal/process/next_tick.js:68:7)

Request Header :

Request URL: https://7pmsthjir6.execute-api.us-west-1.amazonaws.com:
Request method: POST
Accept: */*
content-type: application/json
User-Agent: GitHub-Hookshot/d696b2a
X-GitHub-Delivery: f8837900-dde0-11ea-8ddc-5b781669f07b
X-GitHub-Event: pull_request
X-Hub-Signature: sha1=2fa747c6dde1e4c67ca32dea54e9804189e69a38

Request Body :

{
  "action": "opened",
  "number": 4,
  "pull_request": {
    "url": "https://api.github.com/repos/baraths84/filebuilder/pulls/4",
    "id": 467750349,
    "node_id": "MDExOlB1bGxSZXF1ZXN0NDY3NzUwMzQ5",
    "html_url": "https://github.com/baraths84/filebuilder/pull/4",
    "diff_url": "https://github.com/baraths84/filebuilder/pull/4.diff",
    "patch_url": "https://github.com/baraths84/filebuilder/pull/4.patch",
    "issue_url": "https://api.github.com/repos/baraths84/filebuilder/issues/4",
    "number": 4,
    "state": "open",
    "locked": false,
    "title": "kHkhd barath",
    "user": {
      "login": "baraths84",
      "id": 2089311,
      "node_id": "MDQ6VXNlcjIwODkzMTE=",
      "avatar_url": "https://avatars1.githubusercontent.com/u/2089311?v=4",
      "gravatar_id": "",
      "url": "https://api.github.com/users/baraths84",
      "html_url": "https://github.com/baraths84",
      "followers_url": "https://api.github.com/users/baraths84/followers",
      "following_url": "https://api.github.com/users/baraths84/following{/other_user}",
      "gists_url": "https://api.github.com/users/baraths84/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/baraths84/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/baraths84/subscriptions",
      "organizations_url": "https://api.github.com/users/baraths84/orgs",
      "repos_url": "https://api.github.com/users/baraths84/repos",
      "events_url": "https://api.github.com/users/baraths84/events{/privacy}",
      "received_events_url": "https://api.github.com/users/baraths84/received_events",
      "type": "User",
      "site_admin": false
    },
    "body": "new",
    "created_at": "2020-08-14T03:48:09Z",
    "updated_at": "2020-08-14T03:48:09Z",
    "closed_at": null,
    "merged_at": null,
    "merge_commit_sha": null,
    "assignee": null,
    "assignees": [

    ],
    "requested_reviewers": [

    ],
    "requested_teams": [

    ],
    "labels": [

    ],
    "milestone": null,
    "draft": false,
    "commits_url": "https://api.github.com/repos/baraths84/filebuilder/pulls/4/commits",
    "review_comments_url": "https://api.github.com/repos/baraths84/filebuilder/pulls/4/comments",
    "review_comment_url": "https://api.github.com/repos/baraths84/filebuilder/pulls/comments{/number}",
    "comments_url": "https://api.github.com/repos/baraths84/filebuilder/issues/4/comments",
    "statuses_url": "https://api.github.com/repos/baraths84/filebuilder/statuses/238b18bcdab34e0193021fac54a88e92916dca76",
    "head": {
      "label": "baraths84:FEATURE/TESLA-200",
      "ref": "FEATURE/TESLA-200",
      "sha": "238b18bcdab34e0193021fac54a88e92916dca76",
      "user": {
        "login": "baraths84",
        "id": 2089311,
        "node_id": "MDQ6VXNlcjIwODkzMTE=",
        "avatar_url": "https://avatars1.githubusercontent.com/u/2089311?v=4",
        "gravatar_id": "",
        "url": "https://api.github.com/users/baraths84",
        "html_url": "https://github.com/baraths84",
        "followers_url": "https://api.github.com/users/baraths84/followers",
        "following_url": "https://api.github.com/users/baraths84/following{/other_user}",
        "gists_url": "https://api.github.com/users/baraths84/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/baraths84/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/baraths84/subscriptions",
        "organizations_url": "https://api.github.com/users/baraths84/orgs",
        "repos_url": "https://api.github.com/users/baraths84/repos",
        "events_url": "https://api.github.com/users/baraths84/events{/privacy}",
        "received_events_url": "https://api.github.com/users/baraths84/received_events",
        "type": "User",
        "site_admin": false
      },
      "repo": {
        "id": 148515704,
        "node_id": "MDEwOlJlcG9zaXRvcnkxNDg1MTU3MDQ=",
        "name": "filebuilder",
        "full_name": "baraths84/filebuilder",
        "private": false,
        "owner": {
          "login": "baraths84",
          "id": 2089311,
          "node_id": "MDQ6VXNlcjIwODkzMTE=",
          "avatar_url": "https://avatars1.githubusercontent.com/u/2089311?v=4",
          "gravatar_id": "",
          "url": "https://api.github.com/users/baraths84",
          "html_url": "https://github.com/baraths84",
          "followers_url": "https://api.github.com/users/baraths84/followers",
          "following_url": "https://api.github.com/users/baraths84/following{/other_user}",
          "gists_url": "https://api.github.com/users/baraths84/gists{/gist_id}",
          "starred_url": "https://api.github.com/users/baraths84/starred{/owner}{/repo}",
          "subscriptions_url": "https://api.github.com/users/baraths84/subscriptions",
          "organizations_url": "https://api.github.com/users/baraths84/orgs",
          "repos_url": "https://api.github.com/users/baraths84/repos",
          "events_url": "https://api.github.com/users/baraths84/events{/privacy}",
          "received_events_url": "https://api.github.com/users/baraths84/received_events",
          "type": "User",
          "site_admin": false
        },
        "html_url": "https://github.com/baraths84/filebuilder",
        "description": null,
        "fork": false,
        "url": "https://api.github.com/repos/baraths84/filebuilder",
        "forks_url": "https://api.github.com/repos/baraths84/filebuilder/forks",
        "keys_url": "https://api.github.com/repos/baraths84/filebuilder/keys{/key_id}",
        "collaborators_url": "https://api.github.com/repos/baraths84/filebuilder/collaborators{/collaborator}",
        "teams_url": "https://api.github.com/repos/baraths84/filebuilder/teams",
        "hooks_url": "https://api.github.com/repos/baraths84/filebuilder/hooks",
        "issue_events_url": "https://api.github.com/repos/baraths84/filebuilder/issues/events{/number}",
        "events_url": "https://api.github.com/repos/baraths84/filebuilder/events",
        "assignees_url": "https://api.github.com/repos/baraths84/filebuilder/assignees{/user}",
        "branches_url": "https://api.github.com/repos/baraths84/filebuilder/branches{/branch}",
        "tags_url": "https://api.github.com/repos/baraths84/filebuilder/tags",
        "blobs_url": "https://api.github.com/repos/baraths84/filebuilder/git/blobs{/sha}",
        "git_tags_url": "https://api.github.com/repos/baraths84/filebuilder/git/tags{/sha}",
        "git_refs_url": "https://api.github.com/repos/baraths84/filebuilder/git/refs{/sha}",
        "trees_url": "https://api.github.com/repos/baraths84/filebuilder/git/trees{/sha}",
        "statuses_url": "https://api.github.com/repos/baraths84/filebuilder/statuses/{sha}",
        "languages_url": "https://api.github.com/repos/baraths84/filebuilder/languages",
        "stargazers_url": "https://api.github.com/repos/baraths84/filebuilder/stargazers",
        "contributors_url": "https://api.github.com/repos/baraths84/filebuilder/contributors",
        "subscribers_url": "https://api.github.com/repos/baraths84/filebuilder/subscribers",
        "subscription_url": "https://api.github.com/repos/baraths84/filebuilder/subscription",
        "commits_url": "https://api.github.com/repos/baraths84/filebuilder/commits{/sha}",
        "git_commits_url": "https://api.github.com/repos/baraths84/filebuilder/git/commits{/sha}",
        "comments_url": "https://api.github.com/repos/baraths84/filebuilder/comments{/number}",
        "issue_comment_url": "https://api.github.com/repos/baraths84/filebuilder/issues/comments{/number}",
        "contents_url": "https://api.github.com/repos/baraths84/filebuilder/contents/{+path}",
        "compare_url": "https://api.github.com/repos/baraths84/filebuilder/compare/{base}...{head}",
        "merges_url": "https://api.github.com/repos/baraths84/filebuilder/merges",
        "archive_url": "https://api.github.com/repos/baraths84/filebuilder/{archive_format}{/ref}",
        "downloads_url": "https://api.github.com/repos/baraths84/filebuilder/downloads",
        "issues_url": "https://api.github.com/repos/baraths84/filebuilder/issues{/number}",
        "pulls_url": "https://api.github.com/repos/baraths84/filebuilder/pulls{/number}",
        "milestones_url": "https://api.github.com/repos/baraths84/filebuilder/milestones{/number}",
        "notifications_url": "https://api.github.com/repos/baraths84/filebuilder/notifications{?since,all,participating}",
        "labels_url": "https://api.github.com/repos/baraths84/filebuilder/labels{/name}",
        "releases_url": "https://api.github.com/repos/baraths84/filebuilder/releases{/id}",
        "deployments_url": "https://api.github.com/repos/baraths84/filebuilder/deployments",
        "created_at": "2018-09-12T17:19:49Z",
        "updated_at": "2020-08-13T22:54:30Z",
        "pushed_at": "2020-08-14T03:46:31Z",
        "git_url": "git://github.com/baraths84/filebuilder.git",
        "ssh_url": "[email protected]:baraths84/filebuilder.git",
        "clone_url": "https://github.com/baraths84/filebuilder.git",
        "svn_url": "https://github.com/baraths84/filebuilder",
        "homepage": null,
        "size": 917,
        "stargazers_count": 0,
        "watchers_count": 0,
        "language": "JavaScript",
        "has_issues": true,
        "has_projects": true,
        "has_downloads": true,
        "has_wiki": true,
        "has_pages": false,
        "forks_count": 0,
        "mirror_url": null,
        "archived": false,
        "disabled": false,
        "open_issues_count": 1,
        "license": null,
        "forks": 0,
        "open_issues": 1,
        "watchers": 0,
        "default_branch": "master",
        "allow_squash_merge": true,
        "allow_merge_commit": true,
        "allow_rebase_merge": true,
        "delete_branch_on_merge": false
      }
    },
    "base": {
      "label": "baraths84:master",
      "ref": "master",
      "sha": "096bcfb614ac0d829382e2afb52f8c22ba5bd91e",
      "user": {
        "login": "baraths84",
        "id": 2089311,
        "node_id": "MDQ6VXNlcjIwODkzMTE=",
        "avatar_url": "https://avatars1.githubusercontent.com/u/2089311?v=4",
        "gravatar_id": "",
        "url": "https://api.github.com/users/baraths84",
        "html_url": "https://github.com/baraths84",
        "followers_url": "https://api.github.com/users/baraths84/followers",
        "following_url": "https://api.github.com/users/baraths84/following{/other_user}",
        "gists_url": "https://api.github.com/users/baraths84/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/baraths84/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/baraths84/subscriptions",
        "organizations_url": "https://api.github.com/users/baraths84/orgs",
        "repos_url": "https://api.github.com/users/baraths84/repos",
        "events_url": "https://api.github.com/users/baraths84/events{/privacy}",
        "received_events_url": "https://api.github.com/users/baraths84/received_events",
        "type": "User",
        "site_admin": false
      },
      "repo": {
        "id": 148515704,
        "node_id": "MDEwOlJlcG9zaXRvcnkxNDg1MTU3MDQ=",
        "name": "filebuilder",
        "full_name": "baraths84/filebuilder",
        "private": false,
        "owner": {
          "login": "baraths84",
          "id": 2089311,
          "node_id": "MDQ6VXNlcjIwODkzMTE=",
          "avatar_url": "https://avatars1.githubusercontent.com/u/2089311?v=4",
          "gravatar_id": "",
          "url": "https://api.github.com/users/baraths84",
          "html_url": "https://github.com/baraths84",
          "followers_url": "https://api.github.com/users/baraths84/followers",
          "following_url": "https://api.github.com/users/baraths84/following{/other_user}",
          "gists_url": "https://api.github.com/users/baraths84/gists{/gist_id}",
          "starred_url": "https://api.github.com/users/baraths84/starred{/owner}{/repo}",
          "subscriptions_url": "https://api.github.com/users/baraths84/subscriptions",
          "organizations_url": "https://api.github.com/users/baraths84/orgs",
          "repos_url": "https://api.github.com/users/baraths84/repos",
          "events_url": "https://api.github.com/users/baraths84/events{/privacy}",
          "received_events_url": "https://api.github.com/users/baraths84/received_events",
          "type": "User",
          "site_admin": false
        },
        "html_url": "https://github.com/baraths84/filebuilder",
        "description": null,
        "fork": false,
        "url": "https://api.github.com/repos/baraths84/filebuilder",
        "forks_url": "https://api.github.com/repos/baraths84/filebuilder/forks",
        "keys_url": "https://api.github.com/repos/baraths84/filebuilder/keys{/key_id}",
        "collaborators_url": "https://api.github.com/repos/baraths84/filebuilder/collaborators{/collaborator}",
        "teams_url": "https://api.github.com/repos/baraths84/filebuilder/teams",
        "hooks_url": "https://api.github.com/repos/baraths84/filebuilder/hooks",
        "issue_events_url": "https://api.github.com/repos/baraths84/filebuilder/issues/events{/number}",
        "events_url": "https://api.github.com/repos/baraths84/filebuilder/events",
        "assignees_url": "https://api.github.com/repos/baraths84/filebuilder/assignees{/user}",
        "branches_url": "https://api.github.com/repos/baraths84/filebuilder/branches{/branch}",
        "tags_url": "https://api.github.com/repos/baraths84/filebuilder/tags",
        "blobs_url": "https://api.github.com/repos/baraths84/filebuilder/git/blobs{/sha}",
        "git_tags_url": "https://api.github.com/repos/baraths84/filebuilder/git/tags{/sha}",
        "git_refs_url": "https://api.github.com/repos/baraths84/filebuilder/git/refs{/sha}",
        "trees_url": "https://api.github.com/repos/baraths84/filebuilder/git/trees{/sha}",
        "statuses_url": "https://api.github.com/repos/baraths84/filebuilder/statuses/{sha}",
        "languages_url": "https://api.github.com/repos/baraths84/filebuilder/languages",
        "stargazers_url": "https://api.github.com/repos/baraths84/filebuilder/stargazers",
        "contributors_url": "https://api.github.com/repos/baraths84/filebuilder/contributors",
        "subscribers_url": "https://api.github.com/repos/baraths84/filebuilder/subscribers",
        "subscription_url": "https://api.github.com/repos/baraths84/filebuilder/subscription",
        "commits_url": "https://api.github.com/repos/baraths84/filebuilder/commits{/sha}",
        "git_commits_url": "https://api.github.com/repos/baraths84/filebuilder/git/commits{/sha}",
        "comments_url": "https://api.github.com/repos/baraths84/filebuilder/comments{/number}",
        "issue_comment_url": "https://api.github.com/repos/baraths84/filebuilder/issues/comments{/number}",
        "contents_url": "https://api.github.com/repos/baraths84/filebuilder/contents/{+path}",
        "compare_url": "https://api.github.com/repos/baraths84/filebuilder/compare/{base}...{head}",
        "merges_url": "https://api.github.com/repos/baraths84/filebuilder/merges",
        "archive_url": "https://api.github.com/repos/baraths84/filebuilder/{archive_format}{/ref}",
        "downloads_url": "https://api.github.com/repos/baraths84/filebuilder/downloads",
        "issues_url": "https://api.github.com/repos/baraths84/filebuilder/issues{/number}",
        "pulls_url": "https://api.github.com/repos/baraths84/filebuilder/pulls{/number}",
        "milestones_url": "https://api.github.com/repos/baraths84/filebuilder/milestones{/number}",
        "notifications_url": "https://api.github.com/repos/baraths84/filebuilder/notifications{?since,all,participating}",
        "labels_url": "https://api.github.com/repos/baraths84/filebuilder/labels{/name}",
        "releases_url": "https://api.github.com/repos/baraths84/filebuilder/releases{/id}",
        "deployments_url": "https://api.github.com/repos/baraths84/filebuilder/deployments",
        "created_at": "2018-09-12T17:19:49Z",
        "updated_at": "2020-08-13T22:54:30Z",
        "pushed_at": "2020-08-14T03:46:31Z",
        "git_url": "git://github.com/baraths84/filebuilder.git",
        "ssh_url": "[email protected]:baraths84/filebuilder.git",
        "clone_url": "https://github.com/baraths84/filebuilder.git",
        "svn_url": "https://github.com/baraths84/filebuilder",
        "homepage": null,
        "size": 917,
        "stargazers_count": 0,
        "watchers_count": 0,
        "language": "JavaScript",
        "has_issues": true,
        "has_projects": true,
        "has_downloads": true,
        "has_wiki": true,
        "has_pages": false,
        "forks_count": 0,
        "mirror_url": null,
        "archived": false,
        "disabled": false,
        "open_issues_count": 1,
        "license": null,
        "forks": 0,
        "open_issues": 1,
        "watchers": 0,
        "default_branch": "master",
        "allow_squash_merge": true,
        "allow_merge_commit": true,
        "allow_rebase_merge": true,
        "delete_branch_on_merge": false
      }
    },
    "_links": {
      "self": {
        "href": "https://api.github.com/repos/baraths84/filebuilder/pulls/4"
      },
      "html": {
        "href": "https://github.com/baraths84/filebuilder/pull/4"
      },
      "issue": {
        "href": "https://api.github.com/repos/baraths84/filebuilder/issues/4"
      },
      "comments": {
        "href": "https://api.github.com/repos/baraths84/filebuilder/issues/4/comments"
      },
      "review_comments": {
        "href": "https://api.github.com/repos/baraths84/filebuilder/pulls/4/comments"
      },
      "review_comment": {
        "href": "https://api.github.com/repos/baraths84/filebuilder/pulls/comments{/number}"
      },
      "commits": {
        "href": "https://api.github.com/repos/baraths84/filebuilder/pulls/4/commits"
      },
      "statuses": {
        "href": "https://api.github.com/repos/baraths84/filebuilder/statuses/238b18bcdab34e0193021fac54a88e92916dca76"
      }
    },
    "author_association": "OWNER",
    "active_lock_reason": null,
    "merged": false,
    "mergeable": null,
    "rebaseable": null,
    "mergeable_state": "unknown",
    "merged_by": null,
    "comments": 0,
    "review_comments": 0,
    "maintainer_can_modify": false,
    "commits": 1,
    "additions": 17,
    "deletions": 3,
    "changed_files": 1
  },
  "repository": {
    "id": 148515704,
    "node_id": "MDEwOlJlcG9zaXRvcnkxNDg1MTU3MDQ=",
    "name": "filebuilder",
    "full_name": "baraths84/filebuilder",
    "private": false,
    "owner": {
      "login": "baraths84",
      "id": 2089311,
      "node_id": "MDQ6VXNlcjIwODkzMTE=",
      "avatar_url": "https://avatars1.githubusercontent.com/u/2089311?v=4",
      "gravatar_id": "",
      "url": "https://api.github.com/users/baraths84",
      "html_url": "https://github.com/baraths84",
      "followers_url": "https://api.github.com/users/baraths84/followers",
      "following_url": "https://api.github.com/users/baraths84/following{/other_user}",
      "gists_url": "https://api.github.com/users/baraths84/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/baraths84/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/baraths84/subscriptions",
      "organizations_url": "https://api.github.com/users/baraths84/orgs",
      "repos_url": "https://api.github.com/users/baraths84/repos",
      "events_url": "https://api.github.com/users/baraths84/events{/privacy}",
      "received_events_url": "https://api.github.com/users/baraths84/received_events",
      "type": "User",
      "site_admin": false
    },
    "html_url": "https://github.com/baraths84/filebuilder",
    "description": null,
    "fork": false,
    "url": "https://api.github.com/repos/baraths84/filebuilder",
    "forks_url": "https://api.github.com/repos/baraths84/filebuilder/forks",
    "keys_url": "https://api.github.com/repos/baraths84/filebuilder/keys{/key_id}",
    "collaborators_url": "https://api.github.com/repos/baraths84/filebuilder/collaborators{/collaborator}",
    "teams_url": "https://api.github.com/repos/baraths84/filebuilder/teams",
    "hooks_url": "https://api.github.com/repos/baraths84/filebuilder/hooks",
    "issue_events_url": "https://api.github.com/repos/baraths84/filebuilder/issues/events{/number}",
    "events_url": "https://api.github.com/repos/baraths84/filebuilder/events",
    "assignees_url": "https://api.github.com/repos/baraths84/filebuilder/assignees{/user}",
    "branches_url": "https://api.github.com/repos/baraths84/filebuilder/branches{/branch}",
    "tags_url": "https://api.github.com/repos/baraths84/filebuilder/tags",
    "blobs_url": "https://api.github.com/repos/baraths84/filebuilder/git/blobs{/sha}",
    "git_tags_url": "https://api.github.com/repos/baraths84/filebuilder/git/tags{/sha}",
    "git_refs_url": "https://api.github.com/repos/baraths84/filebuilder/git/refs{/sha}",
    "trees_url": "https://api.github.com/repos/baraths84/filebuilder/git/trees{/sha}",
    "statuses_url": "https://api.github.com/repos/baraths84/filebuilder/statuses/{sha}",
    "languages_url": "https://api.github.com/repos/baraths84/filebuilder/languages",
    "stargazers_url": "https://api.github.com/repos/baraths84/filebuilder/stargazers",
    "contributors_url": "https://api.github.com/repos/baraths84/filebuilder/contributors",
    "subscribers_url": "https://api.github.com/repos/baraths84/filebuilder/subscribers",
    "subscription_url": "https://api.github.com/repos/baraths84/filebuilder/subscription",
    "commits_url": "https://api.github.com/repos/baraths84/filebuilder/commits{/sha}",
    "git_commits_url": "https://api.github.com/repos/baraths84/filebuilder/git/commits{/sha}",
    "comments_url": "https://api.github.com/repos/baraths84/filebuilder/comments{/number}",
    "issue_comment_url": "https://api.github.com/repos/baraths84/filebuilder/issues/comments{/number}",
    "contents_url": "https://api.github.com/repos/baraths84/filebuilder/contents/{+path}",
    "compare_url": "https://api.github.com/repos/baraths84/filebuilder/compare/{base}...{head}",
    "merges_url": "https://api.github.com/repos/baraths84/filebuilder/merges",
    "archive_url": "https://api.github.com/repos/baraths84/filebuilder/{archive_format}{/ref}",
    "downloads_url": "https://api.github.com/repos/baraths84/filebuilder/downloads",
    "issues_url": "https://api.github.com/repos/baraths84/filebuilder/issues{/number}",
    "pulls_url": "https://api.github.com/repos/baraths84/filebuilder/pulls{/number}",
    "milestones_url": "https://api.github.com/repos/baraths84/filebuilder/milestones{/number}",
    "notifications_url": "https://api.github.com/repos/baraths84/filebuilder/notifications{?since,all,participating}",
    "labels_url": "https://api.github.com/repos/baraths84/filebuilder/labels{/name}",
    "releases_url": "https://api.github.com/repos/baraths84/filebuilder/releases{/id}",
    "deployments_url": "https://api.github.com/repos/baraths84/filebuilder/deployments",
    "created_at": "2018-09-12T17:19:49Z",
    "updated_at": "2020-08-13T22:54:30Z",
    "pushed_at": "2020-08-14T03:46:31Z",
    "git_url": "git://github.com/baraths84/filebuilder.git",
    "ssh_url": "[email protected]:baraths84/filebuilder.git",
    "clone_url": "https://github.com/baraths84/filebuilder.git",
    "svn_url": "https://github.com/baraths84/filebuilder",
    "homepage": null,
    "size": 917,
    "stargazers_count": 0,
    "watchers_count": 0,
    "language": "JavaScript",
    "has_issues": true,
    "has_projects": true,
    "has_downloads": true,
    "has_wiki": true,
    "has_pages": false,
    "forks_count": 0,
    "mirror_url": null,
    "archived": false,
    "disabled": false,
    "open_issues_count": 1,
    "license": null,
    "forks": 0,
    "open_issues": 1,
    "watchers": 0,
    "default_branch": "master"
  },
  "sender": {
    "login": "baraths84",
    "id": 2089311,
    "node_id": "MDQ6VXNlcjIwODkzMTE=",
    "avatar_url": "https://avatars1.githubusercontent.com/u/2089311?v=4",
    "gravatar_id": "",
    "url": "https://api.github.com/users/baraths84",
    "html_url": "https://github.com/baraths84",
    "followers_url": "https://api.github.com/users/baraths84/followers",
    "following_url": "https://api.github.com/users/baraths84/following{/other_user}",
    "gists_url": "https://api.github.com/users/baraths84/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/baraths84/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/baraths84/subscriptions",
    "organizations_url": "https://api.github.com/users/baraths84/orgs",
    "repos_url": "https://api.github.com/users/baraths84/repos",
    "events_url": "https://api.github.com/users/baraths84/events{/privacy}",
    "received_events_url": "https://api.github.com/users/baraths84/received_events",
    "type": "User",
    "site_admin": false
  }
}

Any pointers please @radekk . Thanks

Persist key/objects that are incorrectly marked as sensitive

There are cases where non-sensitive keys with high entropy (such as the client_id) are marked as sensitive and cause supervisor to mark the PR as finding sensitive information.
Each time supervisor runs on this same repo, it will continue to mark the same false-positive so it would be great to work on a solution where we can persist exceptions for each repo.

An idea I have is:

For each repository
-- For each file
--- For each specific object name / key name / variable name
---- Store an exception so that when it is scanned in the future any finding in the same file can be searched against this.

CSS selector detected as password

There is a case with CSS selector like [name="foobar"] being detected as the password because of its high entropy. It should be ignore by the CSS pre-filter but it's not.

repo-supervisor responds "Payload not processed, invalid type."

when i created pull request on my github repo (contains only README and .json file as of now). Repo-supervisor responds back with "Payload not processed, invalid type."

Pull request payload from github:

Headers:

Request URL: https://xxxxx.ngrok.io/
Request method: POST
content-type: application/x-www-form-urlencoded
Expect: 
User-Agent: GitHub-Hookshot/1b97cfb
X-GitHub-Delivery: d5ddd670-6047-11e8-874a-cc7b7756e160
X-GitHub-Event: pull_request

Payload:

{
  "action": "opened",
  "number": 5,
  "pull_request": {
    "url": "https://api.github.com/repos/<org>/<repo>/pulls/5",
    "id": 190661264,
    "html_url": "https://github.com/<org>/<repo>/pull/5",
    "diff_url": "https://github.com/<org>/<repo>/pull/5.diff",
    "patch_url": "https://github.com/<org>/<repo>/pull/5.patch",
    "issue_url": "https://api.github.com/repos/<org>/<repo>/issues/5",
    "number": 5,
    "state": "open",
    "locked": false,
    "title": "added json file",
    "user": {
      "login": "ramya-ravula-ctr",
      "id": 3xxxxxx,
      "avatar_url": "https://avatars1.githubusercontent.com/u/38xxxxxx?v=4",
      "gravatar_id": "",
      "url": "https://api.github.com/users/<username>",
      "html_url": "https://github.com/<username>",
      "followers_url": "https://api.github.com/users/<username>/followers",
      "following_url": "https://api.github.com/users/<username>/following{/other_user}",
      "gists_url": "https://api.github.com/users/<username>/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/<username>/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/<username>/subscriptions",
      "organizations_url": "https://api.github.com/users/<username>/orgs",
      "repos_url": "https://api.github.com/users/<username>/repos",
      "events_url": "https://api.github.com/users/<username>/events{/privacy}",
      "received_events_url": "https://api.github.com/users/<username>/received_events",
      "type": "User",
      "site_admin": false
    },
    "body": "",
    "created_at": "2018-05-25T18:17:08Z",
    "updated_at": "2018-05-25T18:17:08Z",
    "closed_at": null,
    "merged_at": null,
    "merge_commit_sha": null,
    "assignee": null,
    "assignees": [

    ],
    "requested_reviewers": [

    ],
    "requested_teams": [

    ],
    "labels": [

    ],
    "milestone": null,
    "commits_url": "https://api.github.com/repos/<org>/<repo>/pulls/5/commits",
    "review_comments_url": "https://api.github.com/repos/<org>/<repo>/pulls/5/comments",
    "review_comment_url": "https://api.github.com/repos/T<org>/<repo>/pulls/comments{/number}",
    "comments_url": "https://api.github.com/repos/ToyotaResearchInstitute/test-repo-supervisor/issues/5/comments",
    "statuses_url": "https://api.github.com/repos/<org>/<repo>/statuses/4043ad474ae17c89cc5283e291481d05ae6724aa",
    "head": {
      "label": "org:branch",
      "ref": "branch",
      "sha": "sha id",
      "user": {
        "login": "org",
        "id": 1xxxxxxx,
        "avatar_url": "https://avatars1.githubusercontent.com/u/xxxxxxxx?v=4",
        "gravatar_id": "",
        "url": "https://api.github.com/users/<org>",
        "html_url": "https://github.com/<org>",
        "followers_url": "https://api.github.com/users/<org>/followers",
        "following_url": "https://api.github.com/users/<org>/following{/other_user}",
        "gists_url": "https://api.github.com/users/<org>/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/<org>/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/<org>/subscriptions",
        "organizations_url": "https://api.github.com/users/<org>/orgs",
        "repos_url": "https://api.github.com/users/<org>/repos",
        "events_url": "https://api.github.com/users/<org>/events{/privacy}",
        "received_events_url": "https://api.github.com/users/<org>/received_events",
        "type": "Organization",
        "site_admin": false
      },
      "repo": {
        "id": 1xxxxxx07,
        "name": "<repo>",
        "full_name": "<org>/<repo>",
        "owner": {
          "login": "<org>",
          "id": 16724551,
          "avatar_url": "https://avatars1.githubusercontent.com/u/xxxxxxxx?v=4",
          "gravatar_id": "",
          "url": "https://api.github.com/users/<org>",
          "html_url": "https://github.com/<org>",
          "followers_url": "https://api.github.com/users/<org>/followers",
          "following_url": "https://api.github.com/users/<org>/following{/other_user}",
          "gists_url": "https://api.github.com/users/<org>/gists{/gist_id}",
          "starred_url": "https://api.github.com/users/<org>/starred{/owner}{/repo}",
          "subscriptions_url": "https://api.github.com/users/<org>/subscriptions",
          "organizations_url": "https://api.github.com/users/<org>/orgs",
          "repos_url": "https://api.github.com/users/<org>/repos",
          "events_url": "https://api.github.com/users/<org>/events{/privacy}",
          "received_events_url": "https://api.github.com/users/<org>/received_events",
          "type": "Organization",
          "site_admin": false
        },
        "private": true,
        "html_url": "https://github.com/<org>/<repo>",
        "description": null,
        "fork": false,
        "url": "https://api.github.com/repos/<org>/<repo>",
        "forks_url": "https://api.github.com/repos/<org>/<repo>/forks",
        "keys_url": "https://api.github.com/repos/<org>/<repo>/keys{/key_id}",
        "collaborators_url": "https://api.github.com/repos/<org>/<repo>/collaborators{/collaborator}",
        "teams_url": "https://api.github.com/repos/<org>/<repo>/teams",
        "hooks_url": "https://api.github.com/repos/<org>/<repo>/hooks",
        "issue_events_url": "https://api.github.com/repos/<org>/<repo>/issues/events{/number}",
        "events_url": "https://api.github.com/repos/<org>/<repo>/events",
        "assignees_url": "https://api.github.com/repos/T<org>/<repo>/assignees{/user}",
        "branches_url": "https://api.github.com/repos/<org>/<repo>/branches{/branch}",
        "tags_url": "https://api.github.com/repos/<org>/<repo>/tags",
        "blobs_url": "https://api.github.com/repos/<org>/<repo>/git/blobs{/sha}",
        "git_tags_url": "https://api.github.com/repos/<org>/<repo>/git/tags{/sha}",
        "git_refs_url": "https://api.github.com/repos/<org>/<repo>/git/refs{/sha}",
        "trees_url": "https://api.github.com/repos/<org>/<repo>/git/trees{/sha}",
        "statuses_url": "https://api.github.com/repos/<org>/<repo>/statuses/{sha}",
        "languages_url": "https://api.github.com/repos/<org>/<repo>/languages",
        "stargazers_url": "https://api.github.com/repos/<org>/<repo>/stargazers",
        "contributors_url": "https://api.github.com/repos/<org>/<repo>/contributors",
        "subscribers_url": "https://api.github.com/repos/<org>/<repo>/subscribers",
        "subscription_url": "https://api.github.com/repos/<org>/<repo>/subscription",
        "commits_url": "https://api.github.com/repos/<org>/<repo>/commits{/sha}",
        "git_commits_url": "https://api.github.com/repos/<org>/<repo>/git/commits{/sha}",
        "comments_url": "https://api.github.com/repos/<org>/<repo>/comments{/number}",
        "issue_comment_url": "https://api.github.com/repos/<org>/<repo>/issues/comments{/number}",
        "contents_url": "https://api.github.com/repos/<org>/<repo>/contents/{+path}",
        "compare_url": "https://api.github.com/repos/<org>/<repo>/compare/{base}...{head}",
        "merges_url": "https://api.github.com/repos/<org>/<repo>/merges",
        "archive_url": "https://api.github.com/repos/<org>/<repo>/{archive_format}{/ref}",
        "downloads_url": "https://api.github.com/repos/<org>/<repo>/downloads",
        "issues_url": "https://api.github.com/repos/<org>/<repo>/issues{/number}",
        "pulls_url": "https://api.github.com/repos/<org>/<repo>/pulls{/number}",
        "milestones_url": "https://api.github.com/repos/<org>/<repo>/milestones{/number}",
        "notifications_url": "https://api.github.com/repos/<org>/<repo>/notifications{?since,all,participating}",
        "labels_url": "https://api.github.com/repos/<org>/<repo>/labels{/name}",
        "releases_url": "https://api.github.com/repos/<org>/<repo>/releases{/id}",
        "deployments_url": "https://api.github.com/repos/<org>/<repo>/deployments",
        "created_at": "2018-05-24T18:28:33Z",
        "updated_at": "2018-05-24T18:28:35Z",
        "pushed_at": "2018-05-25T18:06:29Z",
        "git_url": "git://github.com/<org>/<repo>.git",
        "ssh_url": "[email protected]:<org>/<repo>.git",
        "clone_url": "https://github.com/<org>/<repo>.git",
        "svn_url": "https://github.com/<org>/<repo>",
        "homepage": null,
        "size": 2,
        "stargazers_count": 0,
        "watchers_count": 0,
        "language": null,
        "has_issues": true,
        "has_projects": true,
        "has_downloads": true,
        "has_wiki": true,
        "has_pages": false,
        "forks_count": 0,
        "mirror_url": null,
        "archived": false,
        "open_issues_count": 3,
        "license": null,
        "forks": 0,
        "open_issues": 3,
        "watchers": 0,
        "default_branch": "master"
      }
    },
    "base": {
      "label": "<org>:master",
      "ref": "master",
      "sha": "<sha id>",
      "user": {
        "login": "<org>",
        "id": xxxxxxxx,
        "avatar_url": "https://avatars1.githubusercontent.com/u/xxxxxxxxx?v=4",
          "gravatar_id": "",
          "url": "https://api.github.com/users/<org>",
          "html_url": "https://github.com/<org>",
          "followers_url": "https://api.github.com/users/<org>/followers",
          "following_url": "https://api.github.com/users/<org>/following{/other_user}",
          "gists_url": "https://api.github.com/users/<org>/gists{/gist_id}",
          "starred_url": "https://api.github.com/users/<org>/starred{/owner}{/repo}",
          "subscriptions_url": "https://api.github.com/users/<org>/subscriptions",
          "organizations_url": "https://api.github.com/users/<org>/orgs",
          "repos_url": "https://api.github.com/users/<org>/repos",
          "events_url": "https://api.github.com/users/<org>/events{/privacy}",
          "received_events_url": "https://api.github.com/users/<org>/received_events",
          "type": "Organization",
          "site_admin": false
      },
      "repo": {
        "id": xxxxxxxxx,
        "name": "test-repo-supervisor",
        "full_name": "ToyotaResearchInstitute/test-repo-supervisor",
        "owner": {
          "login": "<org>",
          "id": 16724551,
          "avatar_url": "https://avatars1.githubusercontent.com/u/xxxxxxxx?v=4",
          "gravatar_id": "",
          "url": "https://api.github.com/users/<org>",
          "html_url": "https://github.com/<org>",
          "followers_url": "https://api.github.com/users/<org>/followers",
          "following_url": "https://api.github.com/users/<org>/following{/other_user}",
          "gists_url": "https://api.github.com/users/<org>/gists{/gist_id}",
          "starred_url": "https://api.github.com/users/<org>/starred{/owner}{/repo}",
          "subscriptions_url": "https://api.github.com/users/<org>/subscriptions",
          "organizations_url": "https://api.github.com/users/<org>/orgs",
          "repos_url": "https://api.github.com/users/<org>/repos",
          "events_url": "https://api.github.com/users/<org>/events{/privacy}",
          "received_events_url": "https://api.github.com/users/<org>/received_events",
          "type": "Organization",
          "site_admin": false
        },
        "private": true,
        "html_url": "https://github.com/<org>/<repo>",
        "description": null,
        "fork": false,
        "url": "https://api.github.com/repos/<org>/<repo>",
        "forks_url": "https://api.github.com/repos/<org>/<repo>/forks",
        "keys_url": "https://api.github.com/repos/<org>/<repo>/keys{/key_id}",
        "collaborators_url": "https://api.github.com/repos/<org>/<repo>/collaborators{/collaborator}",
        "teams_url": "https://api.github.com/repos/<org>/<repo>/teams",
        "hooks_url": "https://api.github.com/repos/<org>/<repo>/hooks",
        "issue_events_url": "https://api.github.com/repos/<org>/<repo>/issues/events{/number}",
        "events_url": "https://api.github.com/repos/<org>/<repo>/events",
        "assignees_url": "https://api.github.com/repos/T<org>/<repo>/assignees{/user}",
        "branches_url": "https://api.github.com/repos/<org>/<repo>/branches{/branch}",
        "tags_url": "https://api.github.com/repos/<org>/<repo>/tags",
        "blobs_url": "https://api.github.com/repos/<org>/<repo>/git/blobs{/sha}",
        "git_tags_url": "https://api.github.com/repos/<org>/<repo>/git/tags{/sha}",
        "git_refs_url": "https://api.github.com/repos/<org>/<repo>/git/refs{/sha}",
        "trees_url": "https://api.github.com/repos/<org>/<repo>/git/trees{/sha}",
        "statuses_url": "https://api.github.com/repos/<org>/<repo>/statuses/{sha}",
        "languages_url": "https://api.github.com/repos/<org>/<repo>/languages",
        "stargazers_url": "https://api.github.com/repos/<org>/<repo>/stargazers",
        "contributors_url": "https://api.github.com/repos/<org>/<repo>/contributors",
        "subscribers_url": "https://api.github.com/repos/<org>/<repo>/subscribers",
        "subscription_url": "https://api.github.com/repos/<org>/<repo>/subscription",
        "commits_url": "https://api.github.com/repos/<org>/<repo>/commits{/sha}",
        "git_commits_url": "https://api.github.com/repos/<org>/<repo>/git/commits{/sha}",
        "comments_url": "https://api.github.com/repos/<org>/<repo>/comments{/number}",
        "issue_comment_url": "https://api.github.com/repos/<org>/<repo>/issues/comments{/number}",
        "contents_url": "https://api.github.com/repos/<org>/<repo>/contents/{+path}",
        "compare_url": "https://api.github.com/repos/<org>/<repo>/compare/{base}...{head}",
        "merges_url": "https://api.github.com/repos/<org>/<repo>/merges",
        "archive_url": "https://api.github.com/repos/<org>/<repo>/{archive_format}{/ref}",
        "downloads_url": "https://api.github.com/repos/<org>/<repo>/downloads",
        "issues_url": "https://api.github.com/repos/<org>/<repo>/issues{/number}",
        "pulls_url": "https://api.github.com/repos/<org>/<repo>/pulls{/number}",
        "milestones_url": "https://api.github.com/repos/<org>/<repo>/milestones{/number}",
        "notifications_url": "https://api.github.com/repos/<org>/<repo>/notifications{?since,all,participating}",
        "labels_url": "https://api.github.com/repos/<org>/<repo>/labels{/name}",
        "releases_url": "https://api.github.com/repos/<org>/<repo>/releases{/id}",
        "deployments_url": "https://api.github.com/repos/<org>/<repo>/deployments",
        "created_at": "2018-05-24T18:28:33Z",
        "updated_at": "2018-05-24T18:28:35Z",
        "pushed_at": "2018-05-25T18:06:29Z",
        "git_url": "git://github.com/<org>/<repo>.git",
        "ssh_url": "[email protected]:<org>/<repo>.git",
        "clone_url": "https://github.com/<org>/<repo>.git",
        "svn_url": "https://github.com/<org>/<repo>",
        "homepage": null,
        "size": 2,
        "stargazers_count": 0,
        "watchers_count": 0,
        "language": null,
        "has_issues": true,
        "has_projects": true,
        "has_downloads": true,
        "has_wiki": true,
        "has_pages": false,
        "forks_count": 0,
        "mirror_url": null,
        "archived": false,
        "open_issues_count": 3,
        "license": null,
        "forks": 0,
        "open_issues": 3,
        "watchers": 0,
        "default_branch": "master"
      }
    },
    "_links": {
      "self": {
        "href": "https://api.github.com/repos/<org>/<repo>/pulls/5"
      },
      "html": {
        "href": "https://github.com/<org>/<repo>/pull/5"
      },
      "issue": {
        "href": "https://api.github.com/repos/<org>/<repo>/issues/5"
      },
      "comments": {
        "href": "https://api.github.com/repos/<org>/<repo>/issues/5/comments"
      },
      "review_comments": {
        "href": "https://api.github.com/repos/<org>/<repo>/pulls/5/comments"
      },
      "review_comment": {
        "href": "https://api.github.com/repos/<org>/<repo>/pulls/comments{/number}"
      },
      "commits": {
        "href": "https://api.github.com/repos/<org>/<repo>/pulls/5/commits"
      },
      "statuses": {
        "href": "https://api.github.com/repos/<org>/<repo>/statuses/4043ad474ae17c89cc5283e291481d05ae6724aa"
      }
    },
    "author_association": "COLLABORATOR",
    "merged": false,
    "mergeable": null,
    "rebaseable": null,
    "mergeable_state": "unknown",
    "merged_by": null,
    "comments": 0,
    "review_comments": 0,
    "maintainer_can_modify": false,
    "commits": 1,
    "additions": 11,
    "deletions": 0,
    "changed_files": 1
  },
  "repository": {
    "id": 1347xxxx7,
    "name": "<repo>",
    "full_name": "<org>/<repo>",
        "owner": {
          "login": "<org>",
          "id": xxxxxxxx,
          "avatar_url": "https://avatars1.githubusercontent.com/u/xxxxxxxx?v=4",
          "gravatar_id": "",
          "url": "https://api.github.com/users/<org>",
          "html_url": "https://github.com/<org>",
          "followers_url": "https://api.github.com/users/<org>/followers",
          "following_url": "https://api.github.com/users/<org>/following{/other_user}",
          "gists_url": "https://api.github.com/users/<org>/gists{/gist_id}",
          "starred_url": "https://api.github.com/users/<org>/starred{/owner}{/repo}",
          "subscriptions_url": "https://api.github.com/users/<org>/subscriptions",
          "organizations_url": "https://api.github.com/users/<org>/orgs",
          "repos_url": "https://api.github.com/users/<org>/repos",
          "events_url": "https://api.github.com/users/<org>/events{/privacy}",
          "received_events_url": "https://api.github.com/users/<org>/received_events",
          "type": "Organization",
          "site_admin": false
        },
        "private": true,
        "html_url": "https://github.com/<org>/<repo>",
        "description": null,
        "fork": false,
        "url": "https://api.github.com/repos/<org>/<repo>",
        "forks_url": "https://api.github.com/repos/<org>/<repo>/forks",
        "keys_url": "https://api.github.com/repos/<org>/<repo>/keys{/key_id}",
        "collaborators_url": "https://api.github.com/repos/<org>/<repo>/collaborators{/collaborator}",
        "teams_url": "https://api.github.com/repos/<org>/<repo>/teams",
        "hooks_url": "https://api.github.com/repos/<org>/<repo>/hooks",
        "issue_events_url": "https://api.github.com/repos/<org>/<repo>/issues/events{/number}",
        "events_url": "https://api.github.com/repos/<org>/<repo>/events",
        "assignees_url": "https://api.github.com/repos/T<org>/<repo>/assignees{/user}",
        "branches_url": "https://api.github.com/repos/<org>/<repo>/branches{/branch}",
        "tags_url": "https://api.github.com/repos/<org>/<repo>/tags",
        "blobs_url": "https://api.github.com/repos/<org>/<repo>/git/blobs{/sha}",
        "git_tags_url": "https://api.github.com/repos/<org>/<repo>/git/tags{/sha}",
        "git_refs_url": "https://api.github.com/repos/<org>/<repo>/git/refs{/sha}",
        "trees_url": "https://api.github.com/repos/<org>/<repo>/git/trees{/sha}",
        "statuses_url": "https://api.github.com/repos/<org>/<repo>/statuses/{sha}",
        "languages_url": "https://api.github.com/repos/<org>/<repo>/languages",
        "stargazers_url": "https://api.github.com/repos/<org>/<repo>/stargazers",
        "contributors_url": "https://api.github.com/repos/<org>/<repo>/contributors",
        "subscribers_url": "https://api.github.com/repos/<org>/<repo>/subscribers",
        "subscription_url": "https://api.github.com/repos/<org>/<repo>/subscription",
        "commits_url": "https://api.github.com/repos/<org>/<repo>/commits{/sha}",
        "git_commits_url": "https://api.github.com/repos/<org>/<repo>/git/commits{/sha}",
        "comments_url": "https://api.github.com/repos/<org>/<repo>/comments{/number}",
        "issue_comment_url": "https://api.github.com/repos/<org>/<repo>/issues/comments{/number}",
        "contents_url": "https://api.github.com/repos/<org>/<repo>/contents/{+path}",
        "compare_url": "https://api.github.com/repos/<org>/<repo>/compare/{base}...{head}",
        "merges_url": "https://api.github.com/repos/<org>/<repo>/merges",
        "archive_url": "https://api.github.com/repos/<org>/<repo>/{archive_format}{/ref}",
        "downloads_url": "https://api.github.com/repos/<org>/<repo>/downloads",
        "issues_url": "https://api.github.com/repos/<org>/<repo>/issues{/number}",
        "pulls_url": "https://api.github.com/repos/<org>/<repo>/pulls{/number}",
        "milestones_url": "https://api.github.com/repos/<org>/<repo>/milestones{/number}",
        "notifications_url": "https://api.github.com/repos/<org>/<repo>/notifications{?since,all,participating}",
        "labels_url": "https://api.github.com/repos/<org>/<repo>/labels{/name}",
        "releases_url": "https://api.github.com/repos/<org>/<repo>/releases{/id}",
        "deployments_url": "https://api.github.com/repos/<org>/<repo>/deployments",
        "created_at": "2018-05-24T18:28:33Z",
        "updated_at": "2018-05-24T18:28:35Z",
        "pushed_at": "2018-05-25T18:06:29Z",
        "git_url": "git://github.com/<org>/<repo>.git",
        "ssh_url": "[email protected]:<org>/<repo>.git",
        "clone_url": "https://github.com/<org>/<repo>.git",
        "svn_url": "https://github.com/<org>/<repo>",
    "homepage": null,
    "size": 2,
    "stargazers_count": 0,
    "watchers_count": 0,
    "language": null,
    "has_issues": true,
    "has_projects": true,
    "has_downloads": true,
    "has_wiki": true,
    "has_pages": false,
    "forks_count": 0,
    "mirror_url": null,
    "archived": false,
    "open_issues_count": 3,
    "license": null,
    "forks": 0,
    "open_issues": 3,
    "watchers": 0,
    "default_branch": "master"
  },
  "organization": {
    "login": "<org>",
    "id": 167xxxx1,
    "url": "https://api.github.com/orgs/<org>",
    "repos_url": "https://api.github.com/orgs/<org>/repos",
    "events_url": "https://api.github.com/orgs/<org>/events",
    "hooks_url": "https://api.github.com/orgs/<org>/hooks",
    "issues_url": "https://api.github.com/orgs/<org>/issues",
    "members_url": "https://api.github.com/orgs/<org>/members{/member}",
    "public_members_url": "https://api.github.com/orgs/<org>/public_members{/member}",
    "avatar_url": "https://avatars1.githubusercontent.com/u/1xxxxx51?v=4",
    "description": null
  },
  "sender": {
    "login": "<user>",
    "id": 38xxxxxx,
    "avatar_url": "https://avatars1.githubusercontent.com/u/38xxxxxx?v=4",
    "gravatar_id": "",
    "url": "https://api.github.com/users/<user>",
    "html_url": "https://github.com/<user>",
    "followers_url": "https://api.github.com/users/<user>/followers",
    "following_url": "https://api.github.com/users/<user>/following{/other_user}",
    "gists_url": "https://api.github.com/users/<user>/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/<user>/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/<user>/subscriptions",
    "organizations_url": "https://api.github.com/users/<user>/orgs",
    "repos_url": "https://api.github.com/users/<user>/repos",
    "events_url": "https://api.github.com/users/<user>/events{/privacy}",
    "received_events_url": "https://api.github.com/users/<user>/received_events",
    "type": "User",
    "site_admin": false
  }
}

Failing at CLI Script

Hi! Thank you for releasing this! Seems very useful!

I've been trying to run it locally but have been getting this error:

> [email protected] cli <DIR>
> node dist/cli.js <DIR>

Not detected any secrets in files.
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] cli: `node dist/cli.js <DIR>`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the [email protected] cli script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/<USER>/.npm/_logs/2017-09-12T22_57_40_986Z-debug.log

Prior to running the CLI I did the install and build successfully. Here is the log that it mentioned:

0 info it worked if it ends with ok
1 verbose cli [ '/usr/local/bin/node',
1 verbose cli   '/usr/local/bin/npm',
1 verbose cli   'run',
1 verbose cli   'cli',
1 verbose cli   '<DIR>' ]
2 info using [email protected]
3 info using [email protected]
4 verbose run-script [ 'precli', 'cli', 'postcli' ]
5 info lifecycle [email protected]~precli: [email protected]
6 info lifecycle [email protected]~cli: [email protected]
7 verbose lifecycle [email protected]~cli: unsafe-perm in lifecycle true
8 verbose lifecycle [email protected]~cli: PATH: <DIR>
9 verbose lifecycle [email protected]~cli: CWD: <DIR>/repo-supervisor
10 silly lifecycle [email protected]~cli: Args: [ '-c',
10 silly lifecycle   'node dist/cli.js "<DIR>"' ]
11 silly lifecycle [email protected]~cli: Returned: code: 1  signal: null
12 info lifecycle [email protected]~cli: Failed to exec cli script
13 verbose stack Error: [email protected] cli: `node dist/cli.js "<DIR>"`
13 verbose stack Exit status 1
13 verbose stack     at EventEmitter.<anonymous> (/usr/local/lib/node_modules/npm/lib/utils/lifecycle.js:289:16)
13 verbose stack     at emitTwo (events.js:106:13)
13 verbose stack     at EventEmitter.emit (events.js:191:7)
13 verbose stack     at ChildProcess.<anonymous> (/usr/local/lib/node_modules/npm/lib/utils/spawn.js:40:14)
13 verbose stack     at emitTwo (events.js:106:13)
13 verbose stack     at ChildProcess.emit (events.js:191:7)
13 verbose stack     at maybeClose (internal/child_process.js:877:16)
13 verbose stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:226:5)
14 verbose pkgid [email protected]
15 verbose cwd <DIR>/repo-supervisor
16 verbose Darwin 16.7.0
17 verbose argv "/usr/local/bin/node" "/usr/local/bin/npm" "run" "cli" "<DIR>"

Issues building as a Docker container

Hi, I'm not super familiar with Docker, but following your instructions, I'm getting the following errors, I'm not sure if it's a transient error or if it's actually something related to repo-supervisor — A quick google search didn't really help.

repo-supervisor $ docker build -t repo-supervisor .
Sending build context to Docker daemon  1.166MB
Step 1/11 : FROM golang:latest
 ---> 3858fd70eed2
Step 2/11 : ENV DEBIAN_FRONTEND noninteractive
 ---> Using cache
 ---> 40458838ad07
Step 3/11 : RUN apt-get update -qq && apt-get install -y     locales     -qq
 ---> Running in 6136052d862e
W: Failed to fetch http://deb.debian.org/debian/dists/stretch/InRelease  Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://deb.debian.org/debian/dists/stretch-updates/InRelease  Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://security.debian.org/dists/stretch/updates/InRelease  Temporary failure resolving 'security.debian.org'
W: Some index files failed to download. They have been ignored, or old ones used instead.
E: Package 'locales' has no installation candidate
The command '/bin/sh -c apt-get update -qq && apt-get install -y     locales     -qq' returned a non-zero code: 100

repo-supervisor not running

When building from scratch on ubuntu 16

`> [email protected] cli /home/ubuntu/repo-supervisor

node dist/cli.js "./src/"

internal/modules/cjs/loader.js:1068
throw err;
^

Error: Cannot find module '/home/ubuntu/repo-supervisor/dist/cli.js'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:1065:15)
at Function.Module._load (internal/modules/cjs/loader.js:911:27)
at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:60:12)
at internal/main/run_main_module.js:17:47 {
code: 'MODULE_NOT_FOUND',
requireStack: []
}
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] cli: node dist/cli.js "./src/"
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] cli script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR! /home/ubuntu/.npm/_logs/2020-07-25T04_23_31_921Z-debug.log
`

Not working.

While building the Docker and running the command
docker run -it --rm -v $(pwd):/opt/scan_me repo-supervisor /bin/bash -c "source ~/.bashrc && JSON_OUTPUT=1 node /opt/repo-supervisor/dist/cli.js /opt/scan_me"

getting /bin/bash: //.bashrc: No such file or directory

Also, Docker is not great in handling "." path hence explicit env was mentioned and still not working

--env BASH_ENV="/root/.bashrc"

Blank links

Description

In https://github.com/auth0/repo-supervisor/blob/master/docs/add.new.file.type.md u have 2 bad links:
Examples of tokenizers: JavaScript JSON

Reproduction

click
JavaScript
JSON

Dockerfile missing zip package in version 3.0.0

Please do not report security vulnerabilities here. The Responsible Disclosure Program details the procedure for disclosing security issues.

Thank you in advance for helping us to improve this library! Please read through the template below and answer all relevant questions. Your additional work here is greatly appreciated and will help us respond as quickly as possible. For general support or usage questions, use the Auth0 Community or Auth0 Support. Finally, to avoid duplicates, please search existing Issues before submitting one here.

By submitting an Issue to this repository, you agree to the terms within the Auth0 Code of Conduct.

Description

the docker image is missing the Zip package so fails to build at the npm package script. Expect the build to succeed.

Reproduction

Pull the latest changes from master and build the docker image.
It will fail at zip -j ./dist/awslambda.zip ./dist/awslambda.js
with the error:
"sh: 1: zip: not found
npm ERR! code ELIFECYCLE
npm ERR! syscall spawn
npm ERR! file sh
npm ERR! errno ENOENT
npm ERR! [email protected] package: zip -j ./dist/awslambda.zip ./dist/awslambda.js
npm ERR! spawn ENOENT
npm ERR!
npm ERR! Failed at the [email protected] package script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above."

Environment

Version 3.0.0

Getting errors while installing the cli

I did npm install webpack and npm install webpack-node-externals. I then did a npm run build and I get this error:

~/personal/repo-supervisor[master !] > npm run build

> [email protected] build /Users/abhartiya/personal/repo-supervisor
> webpack --config config/webpack.js

Hash: a1bdf202b31eea0a7be2
Version: webpack 2.6.1
Time: 306ms
     Asset     Size  Chunks             Chunk Names
webtask.js  2.08 kB       0  [emitted]  webtask
    cli.js  2.08 kB       1  [emitted]  cli
   [0] ./src/cli.js 1.56 kB {1} [built] [failed] [1 error]
   [1] ./src/index.js 1.56 kB {0} [built] [failed] [1 error]

ERROR in ./src/cli.js
Module build failed: Error: Couldn't find preset "es2015" relative to directory "/Users/abhartiya/personal/repo-supervisor"
    at /Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/options/option-manager.js:293:19
    at Array.map (native)
    at OptionManager.resolvePresets (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/options/option-manager.js:275:20)
    at OptionManager.mergePresets (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/options/option-manager.js:264:10)
    at OptionManager.mergeOptions (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/options/option-manager.js:249:14)
    at OptionManager.init (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/options/option-manager.js:368:12)
    at File.initOptions (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/index.js:212:65)
    at new File (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/index.js:135:24)
    at Pipeline.transform (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/pipeline.js:46:16)
    at transpile (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-loader/lib/index.js:48:20)
    at Object.module.exports (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-loader/lib/index.js:163:20)

ERROR in ./src/index.js
Module build failed: Error: Couldn't find preset "es2015" relative to directory "/Users/abhartiya/personal/repo-supervisor"
    at /Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/options/option-manager.js:293:19
    at Array.map (native)
    at OptionManager.resolvePresets (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/options/option-manager.js:275:20)
    at OptionManager.mergePresets (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/options/option-manager.js:264:10)
    at OptionManager.mergeOptions (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/options/option-manager.js:249:14)
    at OptionManager.init (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/options/option-manager.js:368:12)
    at File.initOptions (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/index.js:212:65)
    at new File (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/file/index.js:135:24)
    at Pipeline.transform (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-core/lib/transformation/pipeline.js:46:16)
    at transpile (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-loader/lib/index.js:48:20)
    at Object.module.exports (/Users/abhartiya/personal/repo-supervisor/node_modules/babel-loader/lib/index.js:163:20)
npm ERR! code ELIFECYCLE
npm ERR! errno 2
npm ERR! [email protected] build: `webpack --config config/webpack.js`
npm ERR! Exit status 2
npm ERR! 
npm ERR! Failed at the [email protected] build script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/abhartiya/.npm/_logs/2017-06-13T03_41_45_797Z-debug.log

Any idea what's going on here?

Allow Typescript (TS/TSX)

I've got support enabled for typescript files for our use case - just wanted some guidance on the best way of submitting a pull request to have this in the main repo :)

I use https://github.com/typescript-eslint/typescript-eslint/tree/master/packages/typescript-estree for finding string tokens, and more or less use the existing JS/JSON filters and it seems to work pretty well.

Fails with "Error: ENOENT: no such file or directory"

Cloned repo
Ran docker build -t repo-supervisor .
Ran docker run -it --rm -v /Users/tinglev/Repos/cellus/env:/opt/scan_me repo-supervisor /bin/bash -c "source ~/.bashrc && JSON_OUTPUT=1 node /opt/repo-supervisor/dist/cli.js /opt/scan_me"
Get error:

fs.js:968
  binding.stat(pathModule._makeLong(path), statValues);
          ^

Error: ENOENT: no such file or directory, stat '/opt/scan_me/.Python'
    at Object.fs.statSync (fs.js:968:11)
    at /opt/repo-supervisor/dist/cli.js:1:7631
    at Array.forEach (native)
    at e (/opt/repo-supervisor/dist/cli.js:1:7585)
    at Object.<anonymous> (/opt/repo-supervisor/dist/cli.js:1:7693)
    at t (/opt/repo-supervisor/dist/cli.js:1:177)
    at /opt/repo-supervisor/dist/cli.js:1:560
    at Object.<anonymous> (/opt/repo-supervisor/dist/cli.js:1:570)
    at Module._compile (module.js:571:32)
    at Object.Module._extensions..js (module.js:580:10)

Output of ls -al for the failing file directory (which is the env-directory of a python 2.X application) is:

total 16
drwxr-xr-x   7 tinglev  staff   238 Sep  8 10:48 .
drwxr-xr-x  30 tinglev  staff  1020 Sep 12 08:26 ..
lrwxr-xr-x   1 tinglev  staff    56 Sep  8 10:48 .Python -> /Library/Frameworks/Python.framework/Versions/2.7/Python
drwxr-xr-x  39 tinglev  staff  1326 Sep  8 10:48 bin
drwxr-xr-x   3 tinglev  staff   102 Sep  8 09:07 include
drwxr-xr-x   3 tinglev  staff   102 Sep  8 09:07 lib
-rw-r--r--   1 tinglev  staff    60 Sep  8 09:07 pip-selfcheck.json

Let me know if you need more info!

Added file extensions not scanning

Hi, first of all thanks for developing this tool. I added new extensions to "allowedExtensions" in /config/main.json per this blog post., and they aren't being scanned. I even removed the default .js/.json entries and re-ran the tool, and it was still only returning results from those filetypes.

Details about the JWT_SECRET and GITHUB_TOKEN

Probably I am missing something in the Document.
Is GITHUB_TOKEN - Personal Access Token?
How and where the JWT_SECRET set?

AWS Lambda deployment && "SyntaxError: Unexpected token '<'"

Description

The deployment guide about AWS Lambda is incomplete and it's hard to realize how to run the code.
After eventually ran it, got the error saying:

{
"errorType": "Runtime.UserCodeSyntaxError",
"errorMessage": "SyntaxError: Unexpected token '<'",
"stack": [
"Runtime.UserCodeSyntaxError: SyntaxError: Unexpected token '<'",
" at _loadUserApp (/var/runtime/UserFunction.js:98:13)",
" at Object.module.exports.load (/var/runtime/UserFunction.js:140:17)",
" at Object. (/var/runtime/index.js:43:30)",
" at Module._compile (internal/modules/cjs/loader.js:1072:14)",
" at Object.Module._extensions..js (internal/modules/cjs/loader.js:1101:10)",
" at Module.load (internal/modules/cjs/loader.js:937:32)",
" at Function.Module._load (internal/modules/cjs/loader.js:778:12)",
" at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:76:12)",
" at internal/main/run_main_module.js:17:47"
]
}

Provide a clear and concise description of the issue, including what you expected to happen.

Reproduction

As there is no defined Handler in the docs, I did the following:

cloned the repository to my local machine from the Releases page (3.10, latest)
ran the npm install to install packages (as previously got the "Runtime.ImportModuleError: Error: Cannot find module '@octokit/rest'" error)
created a zip-archive with the node_modules included and uploaded it to an AWS Lambda function
added an API Gateway

Now, when creating a PR in a Github repository, it fails with the 500 error and the function's CloudWatch logs days about the "SyntaxError" error.

Environment

Runtime: Node.js 14.x (the same issue when using 10.x which is mentioned in the docs)
Handler: src.index.lambda

auth0 / repo-supervisor Goto Github PK

repo-supervisor's Introduction

Repo-supervisor

Usage

Pre-requisites

Command line mode

Github Pull Request mode

Supported files

Security checks

Frequently asked questions

How does it work?

Why doesn't it find any secrets?

How to add support for new file types?

What is Auth0?

Create a free account in Auth0

Issue Reporting

Author

License

repo-supervisor's People

Contributors

Stargazers

Watchers

Forkers

repo-supervisor's Issues

Description

Reproduction

Expected output

References

Environment

Describe the problem you'd like to have solved

Describe the ideal solution

Description

Reproduction

Description

Reproduction

Environment

Description

Reproduction

Environment

Recommend Projects

Recommend Topics

Recommend Org