docs(07): create phase 7 import & CI/CD plans
This commit is contained in:
salvacybersec
@@ -158,7 +158,15 @@ Plans:
|
||||
2. `keyhunter import --format=gitleaks results.json` and `--format=csv` both import and deduplicate against existing findings
|
||||
3. `keyhunter hook install` installs a git pre-commit hook; running `git commit` on a file with a known API key blocks the commit and prints findings
|
||||
4. `keyhunter scan --output=sarif` produces a valid SARIF 2.1.0 file that GitHub Code Scanning accepts without errors
|
||||
**Plans**: TBD
|
||||
**Plans**: 6 plans
|
||||
|
||||
Plans:
|
||||
- [ ] 07-01-PLAN.md — pkg/importer Importer interface + TruffleHog v3 JSON parser + fixtures (IMP-01)
|
||||
- [ ] 07-02-PLAN.md — Gitleaks JSON + CSV parsers (IMP-02)
|
||||
- [ ] 07-03-PLAN.md — Dedup helper + SARIF GitHub Code Scanning validation test (IMP-03, CICD-02)
|
||||
- [ ] 07-04-PLAN.md — cmd/import.go wiring format dispatch, dedup, DB persistence (IMP-01/02/03)
|
||||
- [ ] 07-05-PLAN.md — cmd/hook.go install/uninstall with embedded pre-commit script (CICD-01)
|
||||
- [ ] 07-06-PLAN.md — docs/CI-CD.md + README CI/CD section with GitHub Actions workflow (CICD-01, CICD-02)
|
||||
|
||||
### Phase 8: Dork Engine
|
||||
**Goal**: Users can run, manage, and extend a library of 150+ built-in YAML dorks across GitHub, Google, Shodan, Censys, ZoomEye, FOFA, GitLab, and Bing — using the same extensibility pattern as provider definitions
|
||||
|
||||
Reference in New Issue
Block a user