Skip to content

UUID rule fix various case style #793

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
babenek merged 3 commits into from
Dec 6, 2025
Merged

UUID rule fix various case style #793

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b0db95b
README.md issues fix
babenek Dec 5, 2025
8ed636f
Fix UUID rule to skip various letter case
babenek Dec 6, 2025
3c5aa5b
Merge remote-tracking branch 'upstream/main'
babenek Dec 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 9 additions & 9 deletions .ci/benchmark.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
META MD5 c52151e10061e62f48fdf63052dbcca0
DATA MD5 631c9b0790579bf83bd64ad17b85c5ef
META MD5 42c5ff4d2b5da69b0673d881c1aca006
DATA MD5 dbb70121fce1fa8a5496ba03528cff95
DATA: 16995334 interested lines. MARKUP: 63711 items
FileType FileNumber ValidLines Positives Negatives
--------------- ------------ ------------ ----------- -----------
Expand Down Expand Up @@ -222,11 +222,11 @@ FileType FileNumber ValidLines Positives Negatives
.xib 11 503 164
.xsl 1 311 1
.yaml 169 31946 207 393
.yml 560 56585 1908 1375
.yml 560 56585 1900 1383
.zsh 6 872 11
.zsh-theme 1 97 1
TOTAL: 11361 16995334 17160 53608
credsweeper result_cnt : 16990, lost_cnt : 0, true_cnt : 16790, false_cnt : 200
TOTAL: 11361 16995334 17152 53616
credsweeper result_cnt : 16989, lost_cnt : 0, true_cnt : 16782, false_cnt : 207
Rules Positives Negatives Reported TP FP TN FN FPR FNR ACC PRC RCL F1
------------------------------ ----------- ----------- ---------- ----- ---- ----- ---- -------- -------- -------- -------- -------- --------
API 243 4001 239 238 1 4000 5 0.000250 0.020576 0.998586 0.995816 0.979424 0.987552
Expand All @@ -246,7 +246,7 @@ CMD Password 33 137 33 33
CMD Secret 1 17 1 1 0 17 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
CMD Token 6 2 6 6 0 2 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
CURL User Password 7 2 7 7 0 2 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
Credential 98 595 99 98 1 594 0 0.001681 0.000000 0.998557 0.989899 1.000000 0.994924
Credential 96 597 99 96 3 594 0 0.005025 0.000000 0.995671 0.969697 1.000000 0.984615
Docker Swarm Token 2 0 2 2 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000
Dropbox App secret 74 145 65 52 12 133 22 0.082759 0.297297 0.844749 0.812500 0.702703 0.753623
Facebook Access Token 0 1 0 0 1 0 0.000000 1.000000
Expand Down Expand Up @@ -275,12 +275,12 @@ Postman Credentials 2 0 2 2
SQL Password 44 14 42 42 0 14 2 0.000000 0.045455 0.965517 1.000000 0.954545 0.976744
Salesforce Credentials 6 0 6 6 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000
Salt 88 132 86 86 0 132 2 0.000000 0.022727 0.990909 1.000000 0.977273 0.988506
Secret 1527 2474 1519 1517 2 2472 10 0.000808 0.006549 0.997001 0.998683 0.993451 0.996060
Secret 1523 2478 1519 1513 6 2472 10 0.002421 0.006566 0.996001 0.996050 0.993434 0.994740
Slack Token 15 1 15 15 0 1 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
Stripe Credentials 2 0 2 2 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000
Tencent WeChat API App ID 47 0 47 47 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000
Token 1141 5267 1067 1062 5 5262 79 0.000949 0.069238 0.986891 0.995314 0.930762 0.961957
Twilio Credentials 30 39 30 30 0 39 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
URL Credentials 225 401 221 221 0 401 4 0.000000 0.017778 0.993610 1.000000 0.982222 0.991031
UUID 2520 3713 2559 2501 58 3655 19 0.015621 0.007540 0.987646 0.977335 0.992460 0.984840
17160 53608 16993 16790 200 53408 370 0.003731 0.021562 0.991946 0.988228 0.978438 0.983309
UUID 2518 3715 2558 2499 59 3656 19 0.015882 0.007546 0.987486 0.976935 0.992454 0.984634
17152 53616 16992 16782 207 53409 370 0.003861 0.021572 0.991847 0.987816 0.978428 0.983099
8 changes: 4 additions & 4 deletions .github/workflows/benchmark.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
with:
repository: Samsung/CredData
ref: 3e9df797101e57082740e15d133f4f94aea23a85
ref: ca01a095a31a6a7ff03ac368cb2cf9f767b47df2

- name: Markup hashing
run: |
Expand Down Expand Up @@ -87,7 +87,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
with:
repository: Samsung/CredData
ref: 3e9df797101e57082740e15d133f4f94aea23a85
ref: ca01a095a31a6a7ff03ac368cb2cf9f767b47df2

- name: Markup hashing
run: |
Expand Down Expand Up @@ -190,7 +190,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
with:
repository: Samsung/CredData
ref: 3e9df797101e57082740e15d133f4f94aea23a85
ref: ca01a095a31a6a7ff03ac368cb2cf9f767b47df2

- name: Markup hashing
run: |
Expand Down Expand Up @@ -378,7 +378,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
with:
repository: Samsung/CredData
ref: 3e9df797101e57082740e15d133f4f94aea23a85
ref: ca01a095a31a6a7ff03ac368cb2cf9f767b47df2

- name: Markup hashing
run: |
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/check.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ jobs:
run: |
banner="$(python -m credsweeper --banner | head -1)"
echo "banner = '${banner}'"
if [ "CredSweeper 1.13.4 crc32:404811d6" != "${banner}" ]; then
if [ "CredSweeper 1.13.4 crc32:76b8f863" != "${banner}" ]; then
echo "Update the check for '${banner}'"
exit 1
fi
Expand Down
3 changes: 1 addition & 2 deletions credsweeper/rules/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -179,11 +179,10 @@
confidence: strong
type: pattern
values:
- (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Fa-f]{8}(-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12})(?![0-9A-Za-z_+-])
- (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-F]{8}(-[0-9A-F]{4}){3}-[0-9A-F]{12}|[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12})(?![0-9A-Za-z_+-])
min_line_len: 36
required_substrings:
- "-"
required_regex: "[0-9A-Za-z_/+-]{15}"
filter_type:
- ValuePatternCheck(4)
use_ml: false
Expand Down
2 changes: 1 addition & 1 deletion tests/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
SAMPLES_IN_DOC = 879

# credentials count after scan without filters and ML validations
SAMPLES_REGEX_COUNT = 650
SAMPLES_REGEX_COUNT = 649

# credentials count after scan with filters and without ML validation
SAMPLES_FILTERED_COUNT = 537
Expand Down
21 changes: 0 additions & 21 deletions tests/data/no_filters_no_ml.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13906,27 +13906,6 @@
}
]
},
{
"rule": "UUID",
"severity": "info",
"confidence": "strong",
"ml_probability": null,
"line_data_list": [
{
"line": "12345678-1234-1234-1234-1234567890ab # fp",
"line_num": 2,
"path": "./tests/samples/uuid",
"info": "",
"variable": null,
"variable_start": -2,
"variable_end": -2,
"value": "12345678-1234-1234-1234-1234567890ab",
"value_start": 0,
"value_end": 36,
"entropy": 3.43552
}
]
},
{
"rule": "Tencent WeChat API App ID",
"severity": "medium",
Expand Down
2 changes: 1 addition & 1 deletion tests/samples/uuid
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
bace4d19-fa7e-beef-cafe-9129474bcd81 # tp
12345678-1234-1234-1234-1234567890ab # fp
bace4d19-DEAD-beef-cafe-9129474bcd81 # fp
4 changes: 2 additions & 2 deletions tests/test_app.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -492,7 +492,7 @@ def test_depth_p(self) -> None:
cvs_checksum = hashlib.md5(f.read()).digest()
checksum = bytes(a ^ b for a, b in zip(checksum, cvs_checksum))
# update the checksum manually and keep line endings in the samples as is (git config core.autocrlf false)
self.assertEqual("a07f7e91982bdc368967119b2d3112af", binascii.hexlify(checksum).decode())
self.assertEqual("d8c4aa7bcc94c02caf0410c6170db3e9", binascii.hexlify(checksum).decode())
normal_report = []
sorted_report = []
with tempfile.TemporaryDirectory() as tmp_dir:
Expand Down Expand Up @@ -603,7 +603,7 @@ def test_rules_ml_p(self) -> None:
rules_text = yaml.dump_all(rules, sort_keys=True)
checksum = hashlib.md5(rules_text.encode()).hexdigest()
# update the expected value manually if some changes
self.assertEqual("b6cd20d642fffbdbee0a5255d3484146", checksum)
self.assertEqual("1d5e4ae0b03ca0232c2f1b4f54c6ccec", checksum)
rules_set = set([i["name"] for i in rules if "code" in i["target"]])
self.assertSetEqual(rules_set, report_set)
self.assertEqual(SAMPLES_POST_CRED_COUNT, len(report))
Expand Down
Loading