diff --git a/pkg/common/http.go b/pkg/common/http.go index 83c36be4ef30..56e587fde354 100644 --- a/pkg/common/http.go +++ b/pkg/common/http.go @@ -176,9 +176,9 @@ func SaneHttpClient() *http.Client { } // SaneHttpClientTimeOut adds a custom timeout for some scanners -func SaneHttpClientTimeOut(timeoutMs int64) *http.Client { +func SaneHttpClientTimeOut(timeout time.Duration) *http.Client { httpClient := &http.Client{} - httpClient.Timeout = time.Millisecond * time.Duration(timeoutMs) + httpClient.Timeout = timeout httpClient.Transport = NewCustomTransport(nil) return httpClient } diff --git a/pkg/detectors/alchemy/alchemy_test.go b/pkg/detectors/alchemy/alchemy_test.go index cd7e083cd0da..ed2ae7b8dbef 100644 --- a/pkg/detectors/alchemy/alchemy_test.go +++ b/pkg/detectors/alchemy/alchemy_test.go @@ -87,7 +87,7 @@ func TestAlchemy_FromChunk(t *testing.T) { }, { name: "found, would be verified if not for timeout", - s: Scanner{client: common.SaneHttpClientTimeOut(1)}, + s: Scanner{client: common.SaneHttpClientTimeOut(1 * time.Microsecond)}, args: args{ ctx: context.Background(), data: []byte(fmt.Sprintf("You can find a alchemy secret %s within", secret)), diff --git a/pkg/detectors/getemail/getemail.go b/pkg/detectors/getemail/getemail.go index 608f354bb896..4bf56ee19c40 100644 --- a/pkg/detectors/getemail/getemail.go +++ b/pkg/detectors/getemail/getemail.go @@ -7,6 +7,7 @@ import ( "net/http" "regexp" "strings" + "time" "github.com/trufflesecurity/trufflehog/v3/pkg/common" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" @@ -19,7 +20,7 @@ type Scanner struct{} var _ detectors.Detector = (*Scanner)(nil) var ( - client = common.SaneHttpClientTimeOut(5000) + client = common.SaneHttpClientTimeOut(5 * time.Second) // Make sure that your group is surrounded in boundary characters such as below to reduce false positives. keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"getemail"}) + `\b([a-zA-Z0-9-]{20})\b`) diff --git a/pkg/detectors/microsoftteamswebhook/microsoftteamswebhook.go b/pkg/detectors/microsoftteamswebhook/microsoftteamswebhook.go index 79ba518606d4..0b3e9fa9754f 100644 --- a/pkg/detectors/microsoftteamswebhook/microsoftteamswebhook.go +++ b/pkg/detectors/microsoftteamswebhook/microsoftteamswebhook.go @@ -6,6 +6,7 @@ import ( "net/http" "regexp" "strings" + "time" "github.com/trufflesecurity/trufflehog/v3/pkg/common" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" @@ -18,7 +19,7 @@ type Scanner struct{} var _ detectors.Detector = (*Scanner)(nil) var ( - client = common.SaneHttpClientTimeOut(5000) + client = common.SaneHttpClientTimeOut(5 * time.Second) // Make sure that your group is surrounded in boundary characters such as below to reduce false positives. keyPat = regexp.MustCompile(`(https:\/\/[a-zA-Z-0-9]+\.webhook\.office\.com\/webhookb2\/[a-zA-Z-0-9]{8}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{12}\@[a-zA-Z-0-9]{8}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{12}\/IncomingWebhook\/[a-zA-Z-0-9]{32}\/[a-zA-Z-0-9]{8}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{12})`) diff --git a/pkg/detectors/scrapersite/scrapersite.go b/pkg/detectors/scrapersite/scrapersite.go index db3baec0f908..1295c831a6be 100644 --- a/pkg/detectors/scrapersite/scrapersite.go +++ b/pkg/detectors/scrapersite/scrapersite.go @@ -7,6 +7,7 @@ import ( "net/http" "regexp" "strings" + "time" "github.com/trufflesecurity/trufflehog/v3/pkg/common" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" @@ -19,7 +20,7 @@ type Scanner struct{} var _ detectors.Detector = (*Scanner)(nil) var ( - client = common.SaneHttpClientTimeOut(10000) + client = common.SaneHttpClientTimeOut(10 * time.Second) // Make sure that your group is surrounded in boundary characters such as below to reduce false positives. keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"scrapersite"}) + `\b([a-zA-Z0-9]{45})\b`) diff --git a/pkg/detectors/screenshotlayer/screenshotlayer.go b/pkg/detectors/screenshotlayer/screenshotlayer.go index c2c537de5ac7..e06f7291fd28 100644 --- a/pkg/detectors/screenshotlayer/screenshotlayer.go +++ b/pkg/detectors/screenshotlayer/screenshotlayer.go @@ -7,6 +7,7 @@ import ( "net/http" "regexp" "strings" + "time" "github.com/trufflesecurity/trufflehog/v3/pkg/common" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" @@ -19,7 +20,7 @@ type Scanner struct{} var _ detectors.Detector = (*Scanner)(nil) var ( - client = common.SaneHttpClientTimeOut(10000) + client = common.SaneHttpClientTimeOut(10 * time.Second) // Make sure that your group is surrounded in boundary characters such as below to reduce false positives. keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"screenshotlayer"}) + `\b([a-zA-Z0-9_]{32})\b`) diff --git a/pkg/detectors/zenserp/zenserp.go b/pkg/detectors/zenserp/zenserp.go index bf07a111238e..5ae78e9458b1 100644 --- a/pkg/detectors/zenserp/zenserp.go +++ b/pkg/detectors/zenserp/zenserp.go @@ -6,6 +6,7 @@ import ( "net/http" "regexp" "strings" + "time" "github.com/trufflesecurity/trufflehog/v3/pkg/common" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" @@ -18,7 +19,7 @@ type Scanner struct{} var _ detectors.Detector = (*Scanner)(nil) var ( - client = common.SaneHttpClientTimeOut(5000) + client = common.SaneHttpClientTimeOut(5 * time.Second) // Make sure that your group is surrounded in boundary characters such as below to reduce false positives. keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"zenserp"}) + `\b([0-9a-z-]{36})\b`)