Giter VIP home page Giter VIP logo

ggcanary's People

Contributors

ericfourrier avatar gg-hh avatar gg-mmill avatar mcdwayne avatar zhangmatthieu avatar ziadghalleb avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

ggcanary's Issues

How gitgaurdian/ggcanary make sure the ggcanary users created using this setup are only targetted by hackers?

In an AWS account where we are creating ggcanary users following the steps mentioned https://github.com/GitGuardian/ggcanary#setup, there might be other IAM users as well and we want the hackers to only access these canary tokens and not the other users' access key, and secret. How can this be ensured using ggcanary? What value this project will add if a real IAM user from the same account gets compromised?

DynamoDB table is not prefixed by global prefix

When creating the backend, the DynamoDB does not contain the global prefix. This makes it hard to identify and prevent deploying two instances of canaries in one account (only usefull for testing).

Handle notifier errors; explicit failure for webhook notifiers

Context

Right now, if one notifier raises, the program will stop (i.e. further notifiers will not be triggered).
Also webhook notifiers fail silently

DoD

  • if one notifier fails:
    • handle and log the exception/error
    • return non-null error code at the end of the program (so that when looking at cloudwatch monitoring, we can see there are issues)
  • Raise when webhook notifier did not perform a successful call.

Inspect and remove useless dependencies

It seems we have useless dev dependencies from the project origin.

In this issue, we expect you to inspect those dependencies and remove those that are not necessary anymore.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.