Diver - Extract data and look for secrets

# Description

As an open source referent or a GitHub admin,
I want a tool which will look for secrets, hotwords or sensitive data in both Git history and versioned project,
so that I will be able to warn users and improve detection and management of leaks an reduce risks of social engineering.

# Details

- Gitleaks can be used in the repository
- Emails can be extracted using regular expression
- First name and last name also
- Some warnings can be done if emailsd does not match a dedicated pattern
- Internal identifier can be searched using regular expression (abcd1234, stuff like that)
- Maybe also phone numbers
- In outputs, maybe, a CSV file pointing commits hashs, type of data and value of data

Maybe related to #148 (extract contributors and get emails and names)

Maybe following scripts can be used:
- [extract-emails-from-history](https://github.com/Orange-OpenSource/floss-toolbox/blob/dev/toolbox/diver/extract-emails-from-history.sh)
- [find-contributors-in-files.sh](https://github.com/Orange-OpenSource/floss-toolbox/blob/dev/toolbox/diver/find-contributors-in-files.sh)
- [find-contributors-in-git-logs](https://github.com/Orange-OpenSource/floss-toolbox/blob/dev/toolbox/diver/find-contributors-in-git-logs.sh)
- [find-credentials-in-files](https://github.com/Orange-OpenSource/floss-toolbox/blob/dev/toolbox/diver/find-credentials-in-files.sh)
- [list-contirbutors-in-history.sh](https://github.com/Orange-OpenSource/floss-toolbox/blob/dev/toolbox/diver/list-contributors-in-history.sh)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Diver - Extract data and look for secrets #162

Description

Details

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Diver - Extract data and look for secrets #162

Description

Description

Details

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions