Skip to main content

Scanning End Points for Code Copies Using the BluBracket Scanner

Maurice Evans

The BluBracket Scanner enables you to scan an endpoint for code copies. Code copies are files that have been copied from one repository to another.

How does BluBracket find code copies?

During BluBracket’s initial scan of a repository, it creates a hash of each file. This hash is then compared against any other file that is scanned in the future, which could be files in other private repositories or repositories in the public realm. If the hash is matched up with another file found outside of the original repository, BluBracket recognizes and reports this file as a code copy.

How do I scan endpoints for code copies?

BluBracket initially only knows about repositories that you have configured in its database (that is, known repositories). By deploying the BluBracket Scanner to a user’s endpoint, you can scan that device for both known repositories and cloned repositories from private or public sources.

See the Deploying the BluBracket Scanner document for installation instructions.

Once the BluBracket Scanner is installed on the endpoint, include the “--scan-sources” parameter in the bluscanner command line to scan for code copies.

OSX example: ./bluscanner --scan-path ~ --scan-sources  --server-url https://maurice.blubracket.com --api-key-file CCTestAPPI_apikey.json

Adding the “--scan-sources” parameter to the command line causes the BluBracket Scanner to scan the designated path and subfolders for any code files that have been copied out of their original repositories.

  • Note that the BluBracket Scanner will only identify copies of files that have originally been cloned as part of a repository onto the end point.

Where can I see the results of my scans?

Selecting the Events tab in the BluBracket admin portal will give a complete list of the events returned by the Scanner. The screenshot below shows the events that correspond to code copies and code files found outside of a Git repository.

What types of code files does the BluBracket Scanner search for?

The following code excerpt shows all of the file types currently included in the code-copy scan. BluBracket will continue to add to this list as necessary.

map<string, string> exts = {
    {".c", "c++"},          {".cpp", "c++"},        {".cc", "c++"},      {".cxx", "c++"},
    {".h", "c++"},          {".hh", "c++"},         {".hxx", "c++"},     {".hpp", "c++"},
    {".java", "java"},      {".py", "python"},      {".go", "go"},       {".js", "javascript"},
    {".jsx", "javascript"}, {".ts", "javascript"},  {".yml", "yaml"},
    {".yaml", "yaml"},          {".tf", "hcl"},    // terraform, HCL as defined by GitHub
    {".cs", "c#"},          {".vb", "vb.net"},      {".fs", "f#"},       {".rs", "rust"},
    {".m", "objective-c"},  {".mm", "objective-c"}, {".swift", "swift"}, {".kt", "kotlin"},
};

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk