Skip to content

Feature/intercom token detection#4

Merged
StephenJarso merged 11 commits into
mainfrom
feature/intercom-token-detection
Jun 16, 2026
Merged

Feature/intercom token detection#4
StephenJarso merged 11 commits into
mainfrom
feature/intercom-token-detection

Conversation

@StephenJarso

@StephenJarso StephenJarso commented Jun 16, 2026

Copy link
Copy Markdown
Owner

What does this PR do?

Describe the changes in this PR.

Which detectors does it affect?

  • Secrets
  • Environment
  • Auth
  • Config
  • New detector: _______

Testing done

  • Unit tests added
  • Manually tested with a real codebase
  • All existing tests pass

Checklist

  • Code follows the style guide
  • Self-review completed
  • Documentation updated (if applicable)
  • CHANGELOG.md updated under [Unreleased]

Screenshots (if applicable)

Add screenshots to help explain your changes.

@StephenJarso
test(scanner): cover severity filtering for auth findings
2bb8c11
@StephenJarso
test: fix failing auth0 token and GetRelativePath tests
b4f092d 
- Fix auth0 token test data to match regex pattern requirements
- Update TestGetRelativePathError to TestGetRelativePathUnrelatedDirs
  to reflect actual filepath.Rel behavior for unrelated directories
@StephenJarso
docs: update roadmap to reflect completed features
46137c8
@StephenJarso
feat(reporters): add GitHub Actions annotation reporter
95b9b03 
- Implement GitHubReporter that outputs findings as GitHub Actions
  workflow commands (::error, ::warning, ::notice)
- Map severity levels to appropriate annotation types
- Return error when findings exist to fail the workflow
@StephenJarso
docs: mark GitHub Actions reporter as completed
09befa0
@StephenJarso
feat(config): add exit_code configuration option
5b11e37 
- Add ExitCode field to Config struct with default value of 1
- Update reporters to return errors instead of calling os.Exit directly
- Use configured exit code in main.go when findings are found
@StephenJarso
feat(detectors): add AST-based analysis for Go files
a5f14cc 
- Implement ASTDetector that uses go/ast and go/parser
- Detect dangerous function calls and hardcoded credentials
- Only analyze .go files, skip unparseable files
@StephenJarso
feat(scanner): add incremental scanning and result caching
db0c21f 
- Implement ScanCache for storing and retrieving scan results
- Cache results based on file hash and modification time
- Integrate cache into Scanner for incremental scanning
- Skip unchanged files during subsequent scans
@StephenJarso
feat(detectors): add custom rule support via YAML
e3e10dc 
- Implement CustomRuleDetector for user-defined rules
- Add CustomRuleFiles config option for specifying rule files
- Support regex patterns, custom severity, and messages
- Load rules from YAML files at startup
@StephenJarso
test: add coverage for AST, custom rules, and summary reporter
b85e73f 
- Add ASTDetector tests for dangerous functions and credentials
- Add CustomRuleDetector tests for YAML rule loading
- Add SummaryReporter tests for statistics output
@StephenJarso
test: add ScanCache tests for incremental scanning
ded94d0 
- Test cache hit/miss behavior
- Test disabled cache
- Test cache clear
- Test modified file detection
- Test cache statistics
@StephenJarso StephenJarso merged commit 16a6dc7 into main Jun 16, 2026
4 of 7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@StephenJarso