Merge pull request #341 from Privado-Inc/dev

Dev

.gitignore

@@ -246,4 +246,6 @@ dist
 # files
 privado
 notes.md
+
+#Directory created by IDE
 workspace

config/systemConfig/go.yaml

@@ -0,0 +1,9 @@
+systemConfig:
+  - key: apiHttpLibraries
+    value: ^(?i)(net/http|github.com/parnurzeal/gorequest|gopkg.in/resty|github.com/gojektech/heimdall/v\\d/httpclient|github.com/levigross/grequests|github.com/PuerkitoBio/rehttp|github.com/machinebox/graphql).*
+
+  - key: apiSinks
+    value: (?i)(?:url|client|open|request|execute|newCall|load|host|access|list|set|put|post|proceed|trace|patch|Path|send|remove|delete|write|read|postForEntity|call|createCall|createEndpoint|dispatch|invoke|getInput|getOutput|getResponse|do)
+
+  - key: apiIdentifier
+    value: (?i).*((hook|base|auth|prov|endp|install|request|service|gateway|route|resource)(.){0,12}url|(slack|web)(.){0,4}hook|(rest|api|request|service)(.){0,4}(endpoint|gateway|route)).*

rules/sinks/internal_apis/api/go.yaml

@@ -0,0 +1,6 @@
+sinks:
+  - id: Sinks.API.InternalAPI
+    name: Internal APIs
+    patterns: 
+      - "((http|https|ftp|ssh):\\/\\/){0,1}(((25[0-5]|(2[0-4]|1\\d|[1-9]|)\\d)\\.?\\b){4}|(localhost))(:[0-9]{2,4}){0,1}(\\/([a-z]){0,1}){0,1}.*"
+    tags:

rules/sinks/leakages/logs/go.yaml

@@ -6,6 +6,7 @@ sinks:
       - "(?i)(github.com/rs/zerolog/log).*[.](Error).*(Msg)"
       - "(?i)(github.com/sirupsen/logrus).*[.](error)(f?)"
       - "(?i)(go.uber.org/zap).*[.](error)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](error)(f|ln|w)?"
       - "(?i)(github.com/golang/glog).*[.](error)(depth|depthf|f|ln)?"
       - "(?i)(gopkg.in/inconshreveable/log15).*[.](error)"
     tags:
@@ -16,6 +17,7 @@ sinks:
       - "(?i)(github.com/rs/zerolog/log).*[.](Warn).*(Msg)"
       - "(?i)(github.com/sirupsen/logrus).*[.](warn)(f?)"
       - "(?i)(go.uber.org/zap).*[.](warn)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](warn)(f|ln|w)?"
       - "(?i)(github.com/golang/glog).*[.](warn)(depth|depthf|f|ln)?"
       - "(?i)(gopkg.in/inconshreveable/log15).*[.](warn)"
     tags:
@@ -26,6 +28,7 @@ sinks:
       - "(?i)(github.com/rs/zerolog/log).*[.](Debug).*(Msg)"
       - "(?i)(github.com/sirupsen/logrus).*[.](debug)(f?)"
       - "(?i)(go.uber.org/zap).*[.](debug)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](debug)(f|ln|w)?"
       - "(?i)(github.com/golang/glog).*[.](debug)(depth|depthf|f|ln)?"
       - "(?i)(gopkg.in/inconshreveable/log15).*[.](debug)"
     tags:
@@ -36,6 +39,7 @@ sinks:
       - "(?i)(github.com/rs/zerolog/log).*[.](Info).*(Msg)"
       - "(?i)(github.com/sirupsen/logrus).*[.](info)(f?)"
       - "(?i)(go.uber.org/zap).*[.](info)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](info)(f|ln|w)?"
       - "(?i)(github.com/golang/glog).*[.](info)(depth|depthf|f|ln)?"
       - "(?i)(gopkg.in/inconshreveable/log15).*[.](info)"
     tags:
@@ -45,6 +49,7 @@ sinks:
     patterns:
       - "(?i)(github.com/sirupsen/logrus).*[.](fatal)(f?)"
       - "(?i)(go.uber.org/zap).*[.](fatal)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](fatal)(f|ln|w)?"
       - "(?i)(github.com/golang/glog).*[.](fatal)(depth|depthf|f|ln)?"
     tags:
 
@@ -53,6 +58,7 @@ sinks:
     patterns:
       - "(?i)(github.com/sirupsen/logrus).*[.](panic)(f?)"
       - "(?i)(go.uber.org/zap).*[.](panic)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](panic)(f|ln|w)?"
     tags:
 
   - id: Leakages.Log.Console

rules/sinks/storages/gorm/go.yaml

@@ -0,0 +1,17 @@
+sinks:
+
+  - id: Storages.GormFramework.Read
+    name: Gorm (Read)
+    domains:
+      - gorm.io
+    patterns:
+      - "(?i).*(github.com)(/)(go-gorm|jinzhu)(/)(gorm).*(Find).*"
+    tags:
+
+  - id: Storages.GormFramework.Write
+    name: Gorm (Write)
+    domains:
+      - gorm.io
+    patterns:
+      - "(?i).*(github.com)(/)(go-gorm|jinzhu)(/)(gorm).*(Create|Update|Delete|Save).*"
+    tags:

rules/sinks/storages/gorp/go.yaml

@@ -0,0 +1,17 @@
+sinks:
+
+  - id: Storages.GorpFramework.Read
+    name: Gorp (Read)
+    domains:
+      - pkg.go.dev/github.com/go-gorp/gorp
+    patterns:
+      - "(?i).*(github.com|gopkg.in)(/)(gorp|go-gorp/gorp).*(Select).*"
+    tags:
+
+  - id: Storages.GormFramework.Write
+    name: Gorm (Write)
+    domains:
+      - pkg.go.dev/github.com/go-gorp/gorp
+    patterns:
+      - "(?i).*(github.com|gopkg.in)(/)(gorp|go-gorp/gorp).*(Insert|Update|Delete).*"
+    tags:

rules/sinks/storages/orm/go.yaml

@@ -0,0 +1,17 @@
+sinks:
+
+  - id: Storages.ORM.GORM.Write
+    name: GORM (Write)
+    domains:
+      - gorm.io
+    patterns:
+      - "(?i)(gorm.io/gorm).*(Updates|Create|Save|SavePoint|Replace|CreateInBatches|Delete)"
+    tags:
+
+  - id: Storage.ORM.GORM.Read
+    name: GORM (Read)
+    domains:
+      - gorm.io
+    patterns:
+      - "(?i)(gorm.io/gorm).*(Find|FindInBatches|Where|Exec)"
+    tags:

rules/sinks/storages/pop/go.yaml

@@ -0,0 +1,25 @@
+sinks:
+
+  - id: Storages.PopFramework.Read
+    name: pop (Read)
+    domains:
+      - gobuffalo.io/documentation/database/pop/
+    patterns:
+      - "(?i).*(github.com)(/)(gobuffalo)(/)(pop).*(Find).*"
+    tags:
+
+  - id: Storages.PopFramework.Write
+    name: Xorm (Write)
+    domains:
+      - gobuffalo.io/documentation/database/pop/
+    patterns:
+      - "(?i).*(github.com)(/)(gobuffalo)(/)(pop).*(Create|Update|Destroy).*"
+    tags:
+
+  - id: Storages.PopFramework.ReadAndWrite
+    name: Xorm
+    domains:
+      - gobuffalo.io/documentation/database/pop/
+    patterns:
+      - "(?i).*(github.com)(/)(gobuffalo)(/)(pop).*(All).*"
+    tags:

rules/sinks/storages/qbs/go.yaml

@@ -0,0 +1,17 @@
+sinks:
+
+  - id: Storages.QBSFramework.Read
+    name: Qbs (Read)
+    domains:
+      - doc.qt.io/qbs
+    patterns:
+      - "(?i).*(github.com|gopkg.in)(/)(coocood)(/)(qbs).*(Find).*"
+    tags:
+
+  - id: Storages.QBSFramework.Write
+    name: Qbs (Write)
+    domains:
+      - doc.qt.io/qbs
+    patterns:
+      - "(?i).*(github.com|gopkg.in)(/)(coocood)(/)(qbs).*(Save|Update|Delete).*"
+    tags:

rules/sinks/storages/xorm/go.yaml

@@ -0,0 +1,25 @@
+sinks:
+
+  - id: Storages.XormFramework.Read
+    name: Xorm (Read)
+    domains:
+      - xorm.io
+    patterns:
+      - "(?i).*(github.com)(/)(go-xrom)(/)(xorm).*(Get|Find).*"
+    tags:
+
+  - id: Storages.XormFramework.Write
+    name: Xorm (Write)
+    domains:
+      - xorm.io
+    patterns:
+      - "(?i).*(github.com)(/)(go-xrom)(/)(xorm).*(Insert|Update|Delete).*"
+    tags:
+
+  - id: Storages.XormFramework.ReadAndWrite
+    name: Xorm
+    domains:
+      - xorm.io
+    patterns:
+      - "(?i).*(github.com)(/)(go-xrom)(/)(xorm).*(Exec).*"
+    tags:

rules/sinks/third_parties/api/go.yaml

@@ -0,0 +1,8 @@
+sinks:
+
+  - id: Sinks.ThirdParties.API
+    name: Third Party API
+    patterns:   
+      - "(?i)((?:http|https):\\/\\/[a-zA-Z0-9_-][^)\\/(#|,!>\\s]{1,50}\\.(?:com|net|org|de|in|uk|us|io|gov|cn|ml|ai|ly|dev|cloud|me|icu|ru|info|top|tk|tr|cn|ga|cf|nl)).*(?<!png|jpeg|jpg|txt|blob|css|html|js|svg)"
+      - "(?i).*((hook|base|auth|prov|endp|install|request|service|gateway|route|resource)(.){0,12}url|(slack|web)(.){0,4}hook|(rest|api|request|service)(.){0,4}(endpoint|gateway|route)).*"
+    tags:

rules/sinks/third_parties/sdk/adyen/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Adyen
+    name: Adyen
+    domains:
+      - "adyen.com"
+    patterns:
+      - "(?i)(github.com)(/)(adyen)(/)(adyen-go-api-library).*"
+    tags:

rules/sinks/third_parties/sdk/africastalking/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Africastalking
+    name: Africastalking
+    domains:
+      - "africastalking.com"
+    patterns:
+      - "(?i)(github.com)(/)(kingzbauer)(/)(africastalking-go).*"
+    tags:

rules/sinks/third_parties/sdk/aftership/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Aftership
+    name: Aftership
+    domains:
+      - "aftership.com"
+    patterns:
+      - "(?i)(github.com)(/)(jackharley7|aftership)(/)(aftership-sdk-go).*"
+    tags:

rules/sinks/third_parties/sdk/alibabacloud/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Alibabacloud
+    name: Alibabacloud
+    domains:
+      - "alibabacloud.com"
+    patterns:
+      - "(?i)(github.com)(/)(hashicorp|aliyun|nacos-group|alibabacloud-go|cxr29|aliyunmq|tencentyun|huaweicloud|RandolphCYG|likexian)(/)(vault-plugin-auth-alicloud|vault-plugin-secrets-alicloud|alibaba-cloud-sdk-go\\/sdk\\/requests|nacos-sdk-go\\/clients|tea-oss-sdk\\/client|aliyun-oss-go-sdk|aliyun-log-go-sdk|aliyun-openapi-go-sdk|aliyun-datahub-sdk-go\\/datahub|fc-go-sdk|aliyun-mns-go-sdk|mq-http-go-sdk|vod-go-sdk|huaweicloud-sdk-go|hwc-sdk\\/services|tencentcloud-sdk-go).*"
+    tags:

rules/sinks/third_parties/sdk/amazon/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Amazon.Aws
+    name: Amazon Aws
+    domains:
+      - "aws.amazon.com"
+    patterns:
+      - "(?i)(github.com|go.temporal.io|gitlab.bingosoft.net)(/)(aws|aws-sdk|hashicorp|minio|qor|conku|qorpress|touyu|kisrobot|m-hosoi|aavshr|unicloud-uos|pendo-io|journeymidnight|SaiVishwas|shashank-sachan|jviney|pulumi|skmcgrail|jftuga|IBM|orozery|getlantern|alice02|golang|opentracing-contrib|dtannen|gametimesf|phacops|mattaitchison|peterdeka|euank|uber|rhnvrm)(/)(aws-sdk-go|aws-lambda-go|minio-go|aws-cdk-go|smithy-go|amazon-pay-sdk-go|uos-sdk-go|pulumi-aws|sns_publish|ibm-cos-sdk-go|nifcloud-sdk-go|amazon-ecs-agent|go-firehose|go-kinesis|athenadriver|simples3).*"
+    tags:

rules/sinks/third_parties/sdk/amplitude/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Amplitude
+    name: Amplitude
+    domains:
+      - "amplitude.com"
+    patterns:
+      - "(?i)(github.com)(/)(renatoaf|gotokatsuya)(/)(amplitude-go|amplitude-sdk-go).*"
+    tags:

rules/sinks/third_parties/sdk/atlassian/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Atlassian
+    name: Atlassian
+    domains:
+      - "atlassian.com"
+    patterns:
+      - "(?i)(github.com/andygrunwald/go-jira).*"
+    tags:

rules/sinks/third_parties/sdk/auth0/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Auth0
+    name: Auth0
+    domains:
+      - "auth0.com"
+    patterns:
+      - "(?i)(github.com)(/)(auth0-community|pulumi|auth0-lab)(/)(go-auth0|pulumi-auth0/sdk/v2/go/auth0|fga-go-sdk).*"
+    tags:

rules/sinks/third_parties/sdk/bing/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Bing
+    name: Bing
+    domains:
+      - "bing.com"
+    patterns:
+      - "(?i)(github.com)(/)(kritzware|chigley|godofdream)(/)(bing-ads-go-sdk).*"
+    tags:

rules/sinks/third_parties/sdk/braintreepayments/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Braintreepayments
+    name: Braintreepayments
+    domains:
+      - "braintreepayments.com"
+    patterns:
+      - "(?i)(github.com)(/)(BoltApp)(/)(braintree-go).*"
+    tags:

rules/sinks/third_parties/sdk/callr/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Callr
+    name: Callr
+    domains:
+      - "callr.com"
+    patterns:
+      - "(?i)(github.com)(/)(THECALLR)(/)(sdk-go).*"
+    tags:

rules/sinks/third_parties/sdk/checkout/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Checkout
+    name: Checkout
+    domains:
+      - "checkout.com"
+    patterns:
+      - "(?i)(github.com)(/)(checkout)(/)(checkout-sdk-go/payments).*"
+    tags:

rules/sinks/third_parties/sdk/cloudevents/go.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Cloudevents
+    name: Cloudevents
+    domains:
+      - "cloudevents.io"
+    patterns:
+      - "(?i)(github.com)(/)(cloudevents)(/)(sdk-go).*"
+    tags: