From 89f5922b34c288bf2d4e0f4c8a4c1c59fd396156 Mon Sep 17 00:00:00 2001 From: James Golovich Date: Wed, 28 Jan 2026 08:06:57 -0800 Subject: [PATCH 1/4] Include Trufflehog verified secret info in report --- dojo/tools/trufflehog/parser.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/dojo/tools/trufflehog/parser.py b/dojo/tools/trufflehog/parser.py index e173f491b3a..d89b5932f53 100644 --- a/dojo/tools/trufflehog/parser.py +++ b/dojo/tools/trufflehog/parser.py @@ -130,7 +130,8 @@ def get_findings_v3(self, data, test): raw = json_data.get("Raw", "") rawV2 = json_data.get("RawV2", "") - titleText = f"Hard Coded {detector_name} secret in: {file}" + title_prefix = "Verified " if verified else "" + titleText = f"{title_prefix} Hard Coded {detector_name} secret in: {file}" mitigation = "Secrets and passwords should be stored in a secure vault and/or secure storage." if link: @@ -144,6 +145,8 @@ def get_findings_v3(self, data, test): description += f"**Reason:** {detector_name}\n" description += f"**Path:** {file}\n" description += f"**Contents:** {redacted_info}\n" + if verified: + description += f"**Verified:** {verified}\n" if structured_data: description += f"**Structured Data:**\n{self.walk_dict(structured_data)}\n" From 32562d537610874cf113fedf1bc0ceb4cd11333f Mon Sep 17 00:00:00 2001 From: James Golovich Date: Wed, 28 Jan 2026 13:38:49 -0800 Subject: [PATCH 2/4] Revert title change --- dojo/tools/trufflehog/parser.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/dojo/tools/trufflehog/parser.py b/dojo/tools/trufflehog/parser.py index d89b5932f53..49f63f407ce 100644 --- a/dojo/tools/trufflehog/parser.py +++ b/dojo/tools/trufflehog/parser.py @@ -130,8 +130,7 @@ def get_findings_v3(self, data, test): raw = json_data.get("Raw", "") rawV2 = json_data.get("RawV2", "") - title_prefix = "Verified " if verified else "" - titleText = f"{title_prefix} Hard Coded {detector_name} secret in: {file}" + titleText = f"Hard Coded {detector_name} secret in: {file}" mitigation = "Secrets and passwords should be stored in a secure vault and/or secure storage." if link: From 4678dbb7eb7fe15c15720e2b8279ee1c08b8bafa Mon Sep 17 00:00:00 2001 From: James Golovich Date: Wed, 28 Jan 2026 13:44:09 -0800 Subject: [PATCH 3/4] Pass verified flag to Finding object --- dojo/tools/trufflehog/parser.py | 1 + 1 file changed, 1 insertion(+) diff --git a/dojo/tools/trufflehog/parser.py b/dojo/tools/trufflehog/parser.py index 49f63f407ce..517f63a7f5a 100644 --- a/dojo/tools/trufflehog/parser.py +++ b/dojo/tools/trufflehog/parser.py @@ -194,6 +194,7 @@ def get_findings_v3(self, data, test): url="N/A", dynamic_finding=False, static_finding=True, + verified=verified, nb_occurences=1, ) dupes[dupe_key] = finding From 2609ed4962cfe29c416bae7ddbcc95c03fa4f4be Mon Sep 17 00:00:00 2001 From: James Golovich Date: Wed, 28 Jan 2026 15:02:16 -0800 Subject: [PATCH 4/4] Revert description change --- dojo/tools/trufflehog/parser.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/dojo/tools/trufflehog/parser.py b/dojo/tools/trufflehog/parser.py index 517f63a7f5a..0948c50cadc 100644 --- a/dojo/tools/trufflehog/parser.py +++ b/dojo/tools/trufflehog/parser.py @@ -144,8 +144,6 @@ def get_findings_v3(self, data, test): description += f"**Reason:** {detector_name}\n" description += f"**Path:** {file}\n" description += f"**Contents:** {redacted_info}\n" - if verified: - description += f"**Verified:** {verified}\n" if structured_data: description += f"**Structured Data:**\n{self.walk_dict(structured_data)}\n"