dinvlad

// ... other dependencies ...

import com.google.api.core.ApiService;
import com.google.common.util.concurrent.MoreExecutors;
import com.google.cloud.pubsub.v1.MessageReceiver;
import com.google.cloud.pubsub.v1.Subscriber;
import com.google.pubsub.v1.Subscription;

import org.springframework.stereotype.Service;

dinvlad

// http://www.olark.com/spw/2011/08/you-can-list-a-directory-with-8-million-files-but-not-with-ls/
#define _GNU_SOURCE
#include <dirent.h>     /* Defines DT_* constants */
#include <fcntl.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <sys/syscall.h>

dinvlad

#!/usr/bin/env bash

set -euo pipefail

# define GCP project and GCS bucket backend for Terraform state
GCP_PROJECT="$1"
BACKEND_BUCKET="${2:-${GCP_PROJECT}-terraform}"

# create versioned bucket if it doesn't exist, skip otherwise
if gsutil mb -p "${GCP_PROJECT}" "gs://${BACKEND_BUCKET}" ; then

dinvlad

import hashlib
import hmac
import os

from time import time
from flask import Request, abort


SLACK_SIGNING_SECRET = os.environ['SLACK_SIGNING_SECRET']

dinvlad

{% set PROJECT = env['project'] %}
{% set REGION = properties['region'] | default('us-east1') %}

{% set PARENT = 'projects/' + PROJECT + '/locations/' + REGION %}

{% set PREFIX = env['deployment'] %}

{% set CLOUDRUN_TYPE_PROVIDER = PREFIX + '-provider' %}
{% set CLOUDRUN_SERVICE_TYPE = PROJECT + '/' + CLOUDRUN_TYPE_PROVIDER + ':projects.locations.services' %}

dinvlad

$ trufflehog filesystem --directory . --trace
DEBU[0000] running version dev                          
DEBU[0000] running version dev                          
DEBU[0000] running with up to 32 workers                
DEBU[0000] loaded 2 decoders                            
DEBU[0000] loaded 694 detectors total, 694 with verification enabled. 0 with verification disabled 
🐷🔑🐷  TruffleHog. Unearth your secrets. 🐷🔑🐷

Found unverified result 🐷🔑❓
Detector Type: AWS

dinvlad

$ trufflehog git https://github.com/dinvlad/pyro-cov.git \
    --branch bkotzen-CEPI --max-depth 2 \
    --since-commit 9cd031577750f88648a0cee5f8d6ed781f717c6b --trace

DEBU[0000] running version dev                          
DEBU[0000] running version dev                          
DEBU[0000] running with up to 1 workers                 
DEBU[0000] loaded 2 decoders                            
DEBU[0000] loaded 694 detectors total, 694 with verification enabled. 0 with verification disabled 
DEBU[0000] Cloning remote Git repo without authentication 

dinvlad

#!/bin/bash

# Thanks to MattJ at:
# http://www.brassmill.net/2015/10/using-the-aws-cli-with-roles-security-token-service-and-mfa/
#
# User must have 'iam:GetUser' permission on themselves that doesn't require MFA

[ -z $1 ] && echo "Please enter your MFA code" && exit 1

user=$(aws iam get-user \

dinvlad

$ trufflehog filesystem . --debug --trace
2023/06/28 15:53:38 [updater parent] run
2023/06/28 15:53:38 [updater parent] checking for updates...
2023/06/28 15:53:39 [updater parent] failed to get latest version: Post "https://oss.trufflehog.org/updates": stopped after 10 redirects
2023/06/28 15:53:39 [updater parent] starting /usr/local/bin/trufflehog
2023/06/28 15:53:40 [updater child#1] run
2023/06/28 15:53:40 [updater child#1] start program
2023-06-28T15:53:40-04:00       info-2  trufflehog      trufflehog 3.40.0
2023-06-28T15:53:40-04:00       info-2  trufflehog      engine started  {"workers": 16}
2023-06-28T15:53:40-04:00       info-0  trufflehog      loaded decoders {"count": 3}

dinvlad

// one can also use Google Cloud Firestore library,
// with a slight change in semantics
import { firestore } from 'firebase-admin';
import { EventContext, runWith } from 'firebase-functions';
import { promisify } from 'util';

const eventCollection = 'function-events';

enum EventStatus {
  RUNNING = 'running',