todoist: replace deprecated verification endpoint (#4828)

rai1612 · web-flow · commit 03acc788f836 · 2026-04-01T10:41:21.000+05:00
diff --git a/pkg/detectors/todoist/todoist.go b/pkg/detectors/todoist/todoist.go
@@ -46,7 +46,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 		}
 
 		if verify {
-			req, err := http.NewRequestWithContext(ctx, "GET", "https://api.todoist.com/rest/v2/projects", nil)
+			req, err := http.NewRequestWithContext(ctx, "GET", "https://api.todoist.com/api/v1/projects", nil)
 			if err != nil {
 				continue
 			}
diff --git a/pkg/detectors/todoist/todoist_test.go b/pkg/detectors/todoist/todoist_test.go
@@ -3,6 +3,9 @@ package todoist
 import (
 	"context"
 	"fmt"
+	"io"
+	"net/http"
+	"strings"
 	"testing"
 
 	"github.com/google/go-cmp/cmp"
@@ -11,6 +14,12 @@ import (
 	"github.com/trufflesecurity/trufflehog/v3/pkg/engine/ahocorasick"
 )
 
+type roundTripFunc func(*http.Request) (*http.Response, error)
+
+func (f roundTripFunc) RoundTrip(req *http.Request) (*http.Response, error) {
+	return f(req)
+}
+
 var (
 	validPattern   = "qpgv7z8amkp4ln55znaacezm9jy35wcayy6bya2r"
 	invalidPattern = "qpgv7z8amkp4ln55znaa?ezm9jy35wcayy6bya2r"
@@ -89,3 +98,46 @@ func TestTodoist_Pattern(t *testing.T) {
 		})
 	}
 }
+
+func TestTodoist_VerificationEndpoint(t *testing.T) {
+	d := Scanner{}
+	input := fmt.Sprintf("%s token = '%s'", keyword, validPattern)
+
+	prevClient := client
+	t.Cleanup(func() {
+		client = prevClient
+	})
+
+	called := false
+	client = &http.Client{
+		Transport: roundTripFunc(func(req *http.Request) (*http.Response, error) {
+			called = true
+			if req.URL.String() != "https://api.todoist.com/api/v1/projects" {
+				t.Fatalf("unexpected verification URL: %s", req.URL.String())
+			}
+			if req.Header.Get("Authorization") == "" {
+				t.Fatal("missing Authorization header")
+			}
+
+			return &http.Response{
+				StatusCode: http.StatusOK,
+				Body:       io.NopCloser(strings.NewReader("{}")),
+				Header:     make(http.Header),
+			}, nil
+		}),
+	}
+
+	results, err := d.FromData(context.Background(), true, []byte(input))
+	if err != nil {
+		t.Fatalf("FromData returned error: %v", err)
+	}
+	if !called {
+		t.Fatal("verification HTTP request was not made")
+	}
+	if len(results) != 1 {
+		t.Fatalf("expected 1 result, got %d", len(results))
+	}
+	if !results[0].Verified {
+		t.Fatal("expected result to be verified")
+	}
+}

Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result`
`46`	`46`	`}`
`47`	`47`
`48`	`48`	`if verify {`
`49`		`- req, err := http.NewRequestWithContext(ctx, "GET", "https://api.todoist.com/rest/v2/projects", nil)`
	`49`	`+ req, err := http.NewRequestWithContext(ctx, "GET", "https://api.todoist.com/api/v1/projects", nil)`
`50`	`50`	`if err != nil {`
`51`	`51`	`continue`
`52`	`52`	`}`