Fixed bug where gitrob does not look at files in the very initial com…

README.md

@@ -22,12 +22,20 @@ Gitrob is a tool to help find potentially sensitive files pushed to public repos
     Number of repository commits to process (default 500)
 -debug
     Print debugging information
+-enterprise-upload-url string
+    Upload URL for Github Enterprise (defaults to the URL set in -enterprise-url if any)
+-enterprise-url string
+    URL for Github Enterprise
+-enterprise-user string
+    Username for Github Enterprise (defaults to first target)
 -github-access-token string
     GitHub access token to use for API requests
 -load string
     Load session file
 -no-expand-orgs
     Don't add members to targets when processing organizations
+-no-server
+    Disables web server
 -port int
     Port to run web server on (default 9393)
 -save string
@@ -54,6 +62,14 @@ A session stored in a file can be loaded with the `-load` option:
 
 Gitrob will start its web interface and serve the results for analysis.
 
+### Use with Github Enterprise
+
+To configure Gitrob for Github Enterprise, the following switches can be used:
+
+- `enterprise-url`: Must be specified; this is the URL where the path `/api/v3/` exists. This is usually the URL where the Github web interface can be found. Example: `-enterprise-url=https://github.yourcompany.com`
+- `enterprise-upload-url:` Optional, defaults to `enterprise-url`; full path to the upload URL if different from the main Github Enterprise URL. Example: `-enterprise-upload-url=https://github.yourcompany.com/api/v3/upload`
+- `enterprise-user`: Optional, defaults to the first target. Example: `-enterprise-user=your.username`
+
 ## Installation
 
 A [precompiled version is available](https://github.com/michenriksen/gitrob/releases) for each release, alternatively you can use the latest version of the source code from this repository in order to build your own binary.

core/git.go

@@ -1,120 +1,137 @@
 package core
 
 import (
-  "fmt"
-  "io/ioutil"
+	"fmt"
+	"io/ioutil"
 
-  "gopkg.in/src-d/go-git.v4"
-  "gopkg.in/src-d/go-git.v4/plumbing"
-  "gopkg.in/src-d/go-git.v4/plumbing/object"
-  "gopkg.in/src-d/go-git.v4/utils/merkletrie"
+	"gopkg.in/src-d/go-git.v4"
+	"gopkg.in/src-d/go-git.v4/plumbing"
+	"gopkg.in/src-d/go-git.v4/plumbing/object"
+	"gopkg.in/src-d/go-git.v4/plumbing/transport/http"
+	"gopkg.in/src-d/go-git.v4/utils/merkletrie"
 )
 
 const (
-  EmptyTreeCommitId = "4b825dc642cb6eb9a060e54bf8d69288fbee4904"
+	EmptyTreeCommitId = "4b825dc642cb6eb9a060e54bf8d69288fbee4904"
 )
 
-func CloneRepository(url *string, branch *string, depth int) (*git.Repository, string, error) {
-  urlVal := *url
-  branchVal := *branch
-  dir, err := ioutil.TempDir("", "gitrob")
-  if err != nil {
-    return nil, "", err
-  }
-  repository, err := git.PlainClone(dir, false, &git.CloneOptions{
-    URL:           urlVal,
-    Depth:         depth,
-    ReferenceName: plumbing.ReferenceName(fmt.Sprintf("refs/heads/%s", branchVal)),
-    SingleBranch:  true,
-    Tags:          git.NoTags,
-  })
-  if err != nil {
-    return nil, dir, err
-  }
-  return repository, dir, nil
+func CloneRepository(url *string, branch *string, sess *Session) (*git.Repository, string, error) {
+	urlVal := *url
+	branchVal := *branch
+	dir, err := ioutil.TempDir("", "gitrob")
+	if err != nil {
+		return nil, "", err
+	}
+
+	options := &git.CloneOptions{
+		URL:           urlVal,
+		Depth:         *sess.Options.CommitDepth,
+		ReferenceName: plumbing.ReferenceName(fmt.Sprintf("refs/heads/%s", branchVal)),
+		SingleBranch:  true,
+		Tags:          git.NoTags,
+	}
+
+	if sess.GithubAccessToken != "" && *sess.Options.EnterpriseUser != "" {
+		options.Auth = &http.BasicAuth{Username: *sess.Options.EnterpriseUser, Password: sess.GithubAccessToken}
+	}
+
+	repository, err := git.PlainClone(dir, false, options)
+	if err != nil {
+		return nil, dir, err
+	}
+	return repository, dir, nil
 }
 
 func GetRepositoryHistory(repository *git.Repository) ([]*object.Commit, error) {
-  var commits []*object.Commit
-  ref, err := repository.Head()
-  if err != nil {
-    return nil, err
-  }
-  cIter, err := repository.Log(&git.LogOptions{From: ref.Hash()})
-  if err != nil {
-    return nil, err
-  }
-  cIter.ForEach(func(c *object.Commit) error {
-    commits = append(commits, c)
-    return nil
-  })
-  return commits, nil
+	var commits []*object.Commit
+	ref, err := repository.Head()
+	if err != nil {
+		return nil, err
+	}
+	cIter, err := repository.Log(&git.LogOptions{From: ref.Hash()})
+	if err != nil {
+		return nil, err
+	}
+	cIter.ForEach(func(c *object.Commit) error {
+		commits = append(commits, c)
+		return nil
+	})
+	return commits, nil
 }
 
 func GetChanges(commit *object.Commit, repo *git.Repository) (object.Changes, error) {
-  parentCommit, err := GetParentCommit(commit, repo)
-  if err != nil {
-    return nil, err
-  }
-
-  commitTree, err := commit.Tree()
-  if err != nil {
-    return nil, err
-  }
-
-  parentCommitTree, err := parentCommit.Tree()
-  if err != nil {
-    return nil, err
-  }
-
-  changes, err := object.DiffTree(parentCommitTree, commitTree)
-  if err != nil {
-    return nil, err
-  }
-  return changes, nil
+	parentCommit, err := GetParentCommit(commit, repo)
+	if err != nil {
+		//this may be the parent commit
+		parentCommit = commit
+		//return nil, err
+	}
+
+	commitTree, err := commit.Tree()
+	if err != nil {
+		return nil, err
+	}
+
+	parentCommitTree, err := parentCommit.Tree()
+	if err != nil {
+		return nil, err
+	}
+
+	//changes, err := object.DiffTree(parentCommitTree, commitTree)
+	var changes object.Changes
+	if parentCommit == commit {
+		changes, err = object.DiffTree(nil, parentCommitTree)
+	} else {
+		changes, err = object.DiffTree(parentCommitTree, commitTree)
+	}
+
+	if err != nil {
+		return nil, err
+	}
+	return changes, nil
 }
 
 func GetParentCommit(commit *object.Commit, repo *git.Repository) (*object.Commit, error) {
-  if commit.NumParents() == 0 {
-    parentCommit, err := repo.CommitObject(plumbing.NewHash(EmptyTreeCommitId))
-    if err != nil {
-      return nil, err
-    }
-    return parentCommit, nil
-  }
-  parentCommit, err := commit.Parents().Next()
-  if err != nil {
-    return nil, err
-  }
-  return parentCommit, nil
+	if commit.NumParents() == 0 {
+		parentCommit, err := repo.CommitObject(plumbing.NewHash(EmptyTreeCommitId))
+		if err != nil {
+			return nil, err
+		}
+		return parentCommit, nil
+	}
+	parentCommit, err := commit.Parents().Next()
+	if err != nil {
+		return nil, err
+	}
+	return parentCommit, nil
 }
 
 func GetChangeAction(change *object.Change) string {
-  action, err := change.Action()
-  if err != nil {
-    return "Unknown"
-  }
-  switch action {
-  case merkletrie.Insert:
-    return "Insert"
-  case merkletrie.Modify:
-    return "Modify"
-  case merkletrie.Delete:
-    return "Delete"
-  default:
-    return "Unknown"
-  }
+	action, err := change.Action()
+	if err != nil {
+		return "Unknown"
+	}
+	switch action {
+	case merkletrie.Insert:
+		return "Insert"
+	case merkletrie.Modify:
+		return "Modify"
+	case merkletrie.Delete:
+		return "Delete"
+	default:
+		return "Unknown"
+	}
 }
 
 func GetChangePath(change *object.Change) string {
-  action, err := change.Action()
-  if err != nil {
-    return change.To.Name
-  }
-
-  if action == merkletrie.Delete {
-    return change.From.Name
-  } else {
-    return change.To.Name
-  }
+	action, err := change.Action()
+	if err != nil {
+		return change.To.Name
+	}
+
+	if action == merkletrie.Delete {
+		return change.From.Name
+	} else {
+		return change.To.Name
+	}
 }