Datadog not reporting verification endpoint failures #4541
Description
Please review the Community Note before submitting
TruffleHog Version
3.90.12
Trace Output
https://gist.github.com/chopkinsmade/4afd04a69d0b2ea10f264433b90382f5
Expected Behavior
When using the trufflehog argument --results=verified,unknown, Datadog keys that fail to verify due to an endpoint not being reachable should report there was a verification issue, in the same way AWS keys report these failures
Actual Behavior
When an AWS token is detected and the endpoint used for verification is unavailable, the trufflehog output reports the AWS token as unknown with the message Verification issue: lookup sts.us-east-1.amazonaws.com: no such host. When a Datadog token is detected and the endpoint used for verification is unavailable, there is no Datadog entry in the output
Steps to Reproduce
- Run the below command, these are not real AWS or Datadog keys:
cat << EOF > ./secrets.py
aws_access_key_id = "AKIAQYLPMN5GHHFPXAM1"
aws_secret_access_key = "1rUm636uS2yOEcfP5pvfqJ/ml36mF7AkyHsEU1IU"
DD_API_KEY = "20e3cd747481553d351607eb21397514"
DATADOG_API_KEY = "20e3cd747482553d341607eb21397516"
EOF
- Turn off network connections from your device, this is the easiest way to test the endpoints being unavailable
- Run
trufflehog filesystem --fail --no-update --log-level=5 --include-detectors=AWS,Datadogtoken --results=verified,unknown ./secrets.py - The output will have an unverified entry for AWS, but nothing for Datadog
Environment
- OS: MacOS
- Version: 26.0.1