From d248885b9d0d23696c29d45d64fb825c62dce3e4 Mon Sep 17 00:00:00 2001 From: Adnan Khan Date: Wed, 31 May 2023 11:50:57 -0400 Subject: [PATCH 1/2] Add regex for HuggingFace user access tokens. --- crates/noseyparker/data/default/rules/huggingface.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 crates/noseyparker/data/default/rules/huggingface.yml diff --git a/crates/noseyparker/data/default/rules/huggingface.yml b/crates/noseyparker/data/default/rules/huggingface.yml new file mode 100644 index 000000000..4d36d51dd --- /dev/null +++ b/crates/noseyparker/data/default/rules/huggingface.yml @@ -0,0 +1,10 @@ +rules: + +- name: HuggingFace User Access Token + pattern: '\b(hf_[a-zA-Z]{34})\b' + + references: + - https://huggingface.co/docs/hub/security-tokens + + examples: + - 'HF_TOKEN:"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"' From f40033e6ebffa0b11c1785e5900702b15ce4179e Mon Sep 17 00:00:00 2001 From: Brad Larsen Date: Fri, 2 Jun 2023 12:49:07 -0400 Subject: [PATCH 2/2] Update README and CHANGELOG --- CHANGELOG.md | 7 +++++-- README.md | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index dbd8f488e..2124ba17f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,8 +10,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### Additions - Running `noseyparker --version` now emits many compile-time details about the build, which can be useful for troubleshooting ([#48](https://github.com/praetorian-inc/noseyparker/issues/48)). -- The `github` and `scan` commands now support accessing GitHub Enterprise Server instances using the new `--github-api-url URL` parameter ([#53](https://github.com/praetorian-inc/noseyparker/pull/53)). - Thank you @AdnaneKhan! +- The `github` and `scan` commands now support accessing GitHub Enterprise Server instances using the new `--github-api-url URL` parameter ([#53](https://github.com/praetorian-inc/noseyparker/pull/53)—thank you @AdnaneKhan!). + +- New rules have been added: + + - HuggingFace User Access Token ([#54](https://github.com/praetorian-inc/noseyparker/pull/54)—thank you @AdnaneKhan!) ### Changes - Existing rules were modified to reduce both false positives and false negatives: diff --git a/README.md b/README.md index 7c8a43a55..6501e930d 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ Nosey Parker is a command-line tool that finds secrets and sensitive information **Key features:** - It supports scanning files, directories, and the entire history of Git repositories -- It uses regular expression matching with a set of 98 patterns chosen for high signal-to-noise based on experience and feedback from offensive security engagements +- It uses regular expression matching with a set of 99 patterns chosen for high signal-to-noise based on experience and feedback from offensive security engagements - It groups matches together that share the same secret, further emphasizing signal over noise - It is fast: it can scan at hundreds of megabytes per second on a single core, and is able to scan 100GB of Linux kernel source history in less than 2 minutes on an older MacBook Pro