fix: improve detector quality, config resolution, code quality, and binary detection#57
Merged
Merged
Conversation
pixincreate
force-pushed
the
fix/config-detector-quality-v2
branch
from
3506efb to
abd7872
Compare
- Priority 1: KEYWATCH_CONFIG_PATH env var (override) - Priority 2: ~/.config/keywatch/detectors.toml - Priority 3: executable directory (development) - Priority 4: CWD (last resort) Fixes config not found when installed via cargo install.
- Remove duplicate Google/Firebase/YouTube API key detectors (same pattern) - Fix IPAddressDetector to only match valid first octet (1-223) - Raise HighEntropyDetector threshold from 32+ to 48+ to avoid SHA1 - Remove LinkedInSecretDetector (too broad, no specific pattern) - Add CWD fallback in config resolution for test compatibility Fixes false positives and removes redundant detectors.
- scanner.rs: use HashMap for deduplication instead of manual Vec loop - report.rs: add Severity and ScanStatus enums with serde(uppercase) - report.rs: single-pass severity counting instead of triple iteration - lib.rs: update to use Severity enum in tests and exit code logic Reduces code complexity and removes hardcoded string values
pixincreate
force-pushed
the
fix/config-detector-quality-v2
branch
from
2fc9639 to
220f1d2
Compare
pixincreate
force-pushed
the
fix/config-detector-quality-v2
branch
from
220f1d2 to
cba40a0
Compare
- scanner.rs: add is_binary() function to check for null bytes - skip first 8KB of file to detect binary content - binary files are skipped during scanning to avoid false positives - update tests to use Severity enum
pixincreate
force-pushed
the
fix/config-detector-quality-v2
branch
from
cba40a0 to
84e2e1e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Address code review findings from PR #56 with the following fixes:
High Priority
Config path resolution (
src/detector.rs)Detector quality (
detectors.toml)Medium Priority
Scanner deduplication (
src/scanner.rs)Report improvements (
src/report.rs,src/lib.rs)Binary file detection (
src/scanner.rs)Testing
Notes