Merge branch 'main' into fix/oss-206

kashifkhan0771 · kashifkhan0771 · commit a71dac86c1e4 · 2025-05-29T19:51:20.000+05:00
diff --git a/pkg/analyzer/analyzers/github/github.go b/pkg/analyzer/analyzers/github/github.go
@@ -37,6 +37,7 @@ func secretInfoToAnalyzerResult(info *common.SecretInfo) *analyzers.AnalyzerResu
 		return nil
 	}
 	result := &analyzers.AnalyzerResult{
+		AnalyzerType: analyzers.AnalyzerTypeGitHub,
 		Metadata: map[string]any{
 			"owner":      info.Metadata.User.Login,
 			"type":       info.Metadata.Type,
diff --git a/pkg/analyzer/analyzers/github/github_test.go b/pkg/analyzer/analyzers/github/github_test.go
@@ -35,7 +35,7 @@ func TestAnalyzer_Analyze(t *testing.T) {
 			key:     analyzerSecrets.MustGetField("GITHUB_FINEGRAINED_ALLREPOS_ACTIONS_RW_CONTENTS_RW_ISSUES_RW"),
 			wantErr: false,
 			want: `{
-              "AnalyzerType": 0,
+              "AnalyzerType": 7,
               "Bindings": [
                 {
                   "Resource": {
@@ -240,7 +240,7 @@ func TestAnalyzer_Analyze(t *testing.T) {
 			name: "v2 ghp",
 			key:  testSecrets.MustGetField("GITHUB_VERIFIED_GHP"),
 			want: `{
-              "AnalyzerType": 0,
+              "AnalyzerType": 7,
               "Bindings": [
                 {
                   "Resource": {
diff --git a/pkg/detectors/auth0managementapitoken/auth0managementapitoken_test.go b/pkg/detectors/auth0managementapitoken/auth0managementapitoken_test.go
@@ -97,18 +97,23 @@ func makeFakeTokenString(token, domain string) string {
 // generateRandomString generates exactly 2001 char string for a fake token to by pass the check in detector for testing
 func generateRandomString() string {
 	const length = 2001
-	const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789._-"
+	const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_"
+	const charsetWithBoundaryChars = charset + ".-"
 
 	random := rand.New(rand.NewSource(time.Now().UnixNano()))
 
 	var builder strings.Builder
 	builder.Grow(length)
 
-	for i := 0; i < length; i++ {
-		randomChar := charset[random.Intn(len(charset))]
+	for i := 0; i < length-1; i++ {
+		randomChar := charsetWithBoundaryChars[random.Intn(len(charset))]
 		builder.WriteByte(randomChar)
 	}
 
+	// ensure last character is not boundary character
+	lastChar := charset[random.Intn(len(charset))]
+	builder.WriteByte(lastChar)
+
 	// append ey in start as the token must start with 'ey'
 	return fmt.Sprintf("ey%s", builder.String())
 }
diff --git a/pkg/gitparse/gitparse_test.go b/pkg/gitparse/gitparse_test.go
@@ -783,6 +783,10 @@ func assertDiffEqualToExpected(t *testing.T, expected *Diff, actual *Diff) {
 }
 
 func TestCommitParsing(t *testing.T) {
+	// Feels bad to skip tests forever and then just forget about them.  Skip for a while.
+	if time.Now().Before(time.Date(2025, time.July, 1, 0, 0, 0, 0, time.UTC)) {
+		t.Skip("This is failing intermittently.  Skipping for now")
+	}
 	expected := expectedDiffs()
 
 	beforeProcesses := process.GetGitProcessList()
@@ -1426,6 +1430,10 @@ index 0000000..5af88a8
 `
 
 func TestMaxDiffSize(t *testing.T) {
+	// Feels bad to skip tests forever and then just forget about them.  Skip for a while.
+	if time.Now().Before(time.Date(2025, time.July, 1, 0, 0, 0, 0, time.UTC)) {
+		t.Skip("This is failing intermittently.  Skipping for now")
+	}
 	parser := NewParser()
 	builder := strings.Builder{}
 	builder.WriteString(singleCommitSingleDiff)
diff --git a/pkg/sources/postman/postman.go b/pkg/sources/postman/postman.go
@@ -18,7 +18,6 @@ import (
 	"google.golang.org/protobuf/types/known/anypb"
 
 	"github.com/go-errors/errors"
-	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/sources"
@@ -121,7 +120,6 @@ func (s *Source) Init(ctx context.Context, name string, jobId sources.JobID, sou
 			return errors.New("Postman token is empty")
 		}
 		s.client = NewClient(conn.GetToken(), s.metrics)
-		s.client.HTTPClient = common.RetryableHTTPClientTimeout(10)
 		log.RedactGlobally(conn.GetToken())
 	case *sourcespb.Postman_Unauthenticated:
 		s.client = nil
diff --git a/pkg/sources/postman/postman_client.go b/pkg/sources/postman/postman_client.go
@@ -8,9 +8,10 @@ import (
 	"strconv"
 	"time"
 
-	"github.com/trufflesecurity/trufflehog/v3/pkg/context"
 	"golang.org/x/time/rate"
 
+	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
+	"github.com/trufflesecurity/trufflehog/v3/pkg/context"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb"
 )
 
@@ -214,7 +215,10 @@ func NewClient(postmanToken string, metrics *metrics) *Client {
 	}
 
 	c := &Client{
-		HTTPClient:                        http.DefaultClient,
+		// Requests for large objects (usually collections) take a long time.  While we don't think that _every_
+		// request will take this long, some might take 5 seconds or more.  This seems reasonable, but we should
+		// be very cautious about bumping it further
+		HTTPClient:                        common.RetryableHTTPClientTimeout(30),
 		Headers:                           bh,
 		WorkspaceAndCollectionRateLimiter: rate.NewLimiter(rate.Every(time.Second), 1),
 		GeneralRateLimiter:                rate.NewLimiter(rate.Every(time.Second/5), 1),

Original file line number	Diff line number	Diff line change
`@@ -37,6 +37,7 @@ func secretInfoToAnalyzerResult(info common.SecretInfo) analyzers.AnalyzerResu`
`37`	`37`	`return nil`
`38`	`38`	`}`
`39`	`39`	`result := &analyzers.AnalyzerResult{`
	`40`	`+ AnalyzerType: analyzers.AnalyzerTypeGitHub,`
`40`	`41`	`Metadata: map[string]any{`
`41`	`42`	`"owner": info.Metadata.User.Login,`
`42`	`43`	`"type": info.Metadata.Type,`