Accepting request 1144948 from devel:languages:go

- Update to version 3.67.4:
  * [feat] - use diff chan (#2387)
  * [not-fixup] - Reduce memory consumption for Buffered File Writer (#2377)
  * fix: case-insensitive ext check (#2383)
  * tightening opsgenie detection and verification (#2389)
  * Fix binary file hanging bug in git sources (#2388)
  * Disable GitHub wiki scanning by default (#2386)
  * [fixup] - correctly use the buffered file writer (#2373)
  * custom detector dogs (#2376)
  * use only the DetectorKey as a map field (#2374)
  * [feat] - concurently scan the filesystem source (#2364)
  * [chore] Cleanup GitLab source errors (#2345)
  * [bug] - use DetectorKey as the key in the detectorKeysWithResults map (#2366)
  * Add s3 credential validation (#2362)
  * Polite Verification (#2356)
  * Make AzureDevopsPersonalAccessToken verification more robust (#2359)
  * fix (#2360)
  * update azure test files to check rawV2 (#2353)
  * [chore] Add filesystem integration test (#2358)
  * Scan GitHub wikis #2233
  * added flyio protos (#2357)
  * Allow for configuring the buffered file writer (#2319)
  * [feat] - tmp file diffs (#2306)
  * Fix filesystem enumeration ignore paths bug (#2355)
  * Detectors Updates 1 for Tristate Verification (#2187)
  * feat(detectors): update template (#2342)
  * Azure function key is throwing FPs (#2352)
  * Improve fp ignore logic (#2351)
  * added azuresearchquerykey detector (#2349)
  * added azuresearchadminkey detector (#2348) (forwarded request 1144854 from ph03nix)

OBS-URL: https://build.opensuse.org/request/show/1144948
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trufflehog?expand=0&rev=14

_service

@@ -3,7 +3,7 @@
     <param name="url">https://github.com/trufflesecurity/trufflehog.git</param>
     <param name="scm">git</param>
     <param name="revision">main</param>
-    <param name="version">v3.67.2</param>
+    <param name="version">v3.67.4</param>
   	<param name="versionrewrite-pattern">v(.*)</param>
 	<param name="changesgenerate">enable</param>
   </service>

trufflehog-3.67.2.obscpio

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b585e10a864f0d02e8bd2b1b0bb9ac874013ec88c86d8ca70b904490d394b5e9
-size 9628173

trufflehog-3.67.4.obscpio

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ca6052d9ae8f0b49d87a5f7f5819907561b09dbb5d1123842c195459eb6f2708
+size 9621005

trufflehog.changes

@@ -1,3 +1,119 @@
+-------------------------------------------------------------------
+Wed Feb 07 09:23:59 UTC 2024 - felix.niederwanger@suse.de
+
+- Update to version 3.67.4:
+  * [feat] - use diff chan (#2387)
+  * [not-fixup] - Reduce memory consumption for Buffered File Writer (#2377)
+  * fix: case-insensitive ext check (#2383)
+  * tightening opsgenie detection and verification (#2389)
+  * Fix binary file hanging bug in git sources (#2388)
+  * Disable GitHub wiki scanning by default (#2386)
+  * [fixup] - correctly use the buffered file writer (#2373)
+  * custom detector dogs (#2376)
+  * use only the DetectorKey as a map field (#2374)
+  * [feat] - concurently scan the filesystem source (#2364)
+  * [chore] Cleanup GitLab source errors (#2345)
+  * [bug] - use DetectorKey as the key in the detectorKeysWithResults map (#2366)
+  * Add s3 credential validation (#2362)
+  * Polite Verification (#2356)
+  * Make AzureDevopsPersonalAccessToken verification more robust (#2359)
+  * fix (#2360)
+  * update azure test files to check rawV2 (#2353)
+  * [chore] Add filesystem integration test (#2358)
+  * Scan GitHub wikis #2233
+  * added flyio protos (#2357)
+  * Allow for configuring the buffered file writer (#2319)
+  * [feat] - tmp file diffs (#2306)
+  * Fix filesystem enumeration ignore paths bug (#2355)
+  * Detectors Updates 1 for Tristate Verification (#2187)
+  * feat(detectors): update template (#2342)
+  * Azure function key is throwing FPs (#2352)
+  * Improve fp ignore logic (#2351)
+  * added azuresearchquerykey detector (#2349)
+  * added azuresearchadminkey detector (#2348)
+  * added azurefunctionkey detector (#2337)
+  * updates to plain and json printing to include verification error (#2335)
+  * Add the new MaxMind license key format (#2181)
+  * Prevent print or logging in detectors (#2341)
+  * make sure to close connections after testing (#2343)
+  * Fix test (#2339)
+  * add tri-state verification to yelp (#1736)
+  * Improve GitHub scan logging (#2220)
+  * Update DockerHub detector logic (#2266)
+  * Add Google oauth2 token detector (#2274)
+  * add priority semaphore (#2336)
+  * updating doppler logic (#2329)
+  * added azuredevopspersonalaccesstoken detector (#2315)
+  * Walk directories in filesystem source enumeration (#2313)
+  * [feat] - Replace regexp pkg w/ go-re2 in detectors (#2324)
+  * Update Gitlab repo count in tests #2333
+  * Narrow Postgres detector to only look for URIs (#2314)
+  * fixing incorrect acct num id for some aws keys (#2332)
+  * updating detector logic for zenscrape (#2316)
+  * Add prometheus metrics to measure hook execution time (#2312)
+  * [chore] - reduce test time (#2321)
+  * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.0 (#2325)
+  * fix(deps): update module github.com/envoyproxy/protoc-gen-validate to v1.0.4 (#2322)
+  * fix(deps): update module github.com/couchbase/gocb/v2 to v2.7.1 (#2320)
+  * fix(deps): update golang.org/x/exp digest to 1b97071 (#2318)
+  * [chore] - Update Chunk struct comment (#2317)
+  * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2054)
+  * save 8 bytes per chunk (#2310)
+  * [chore] - Add regex and keyword for api_org tokens (#2240)
+  * Assume unauthenticated github scans have public visibility (#2308)
+  * [fixup ] - Allow ssh cloning with AWS Code Commit (#2307)
+  * added azure protos (#2304)
+  * Disable recently added postgres detector because it it too sensitive (#2303)
+  * [feat] - Provide CLI flag to only use custom verifiers (#2299)
+  * Individuate archive tests #2293
+  * [feat] - Allow for the use of include/exclude path files for filesystem scans (#2297)
+  * [chore] - small updates (#2288)
+  * fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.9.0 (#2295)
+  * fix(deps): update module github.com/aws/aws-sdk-go to v1.49.19 (#2294)
+  * feat(installation): Implement checksum signature verification (#2157)
+  * fix(deps): update module github.com/aws/aws-sdk-go to v1.49.18 (#2292)
+  * fix(deps): update module cloud.google.com/go/storage to v1.36.0 (#2291)
+  * chore(deps): update sigstore/cosign-installer action to v3.3.0 (#2290)
+  * chore(deps): update alpine docker tag to v3.19 (#2287)
+  * fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.19 (#2286)
+  * Extend memory cache (#2275)
+  * fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.3 (#2285)
+  * fix(deps): update golang.org/x/exp digest to 0dcbfd6 (#2284)
+  * fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.1 (#2282)
+  * adding postgres detector (#2108)
+  * update test (#2283)
+  * fix(deps): update golang.org/x/exp digest to be819d1 (#2281)
+  * fix(signable): ignore common false positives (#2230)
+  * fix(parseur): ignore false positives (#2229)
+  * [chore] - update docs for pre-commit (#2280)
+  * 1833 Fix syslog udp (#1835)
+  * Wrap temp deletion err #2277
+  * Bump github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.6.0 (#2279)
+  * Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 (#2278)
+  * Updated trufflehog sourcegraph secret format (#2254)
+  * Update stripe detector regex (#2261)
+  * [chore] Add test to check all versioned detectors are non-zero (#2272)
+  * fix(gitparse): handle fromFileLine edge case (#2206)
+  * Fix non-ASCII whitespace on GitHub Action (#2270)
+  * fix(deps): update module github.com/go-git/go-git/v5 to v5.11.0 [security] (#2263)
+  * Fix commit message single quote escaping on GitHub Action (#2259)
+  * Use directory iterator instead of walkdir (#2260)
+  * Add handlerOpts back (#2258)
+  * Skip all binaries (#2256)
+  * Add skip archive support (#2257)
+  * use walk dir for tmp cleanup (#2255)
+  * [fixup] -  Refactor to Pass Reader for Binary Diffs and Archived Data; Optimize /tmp Directory Cleanup (#2253)
+  * Dedupe some source log keys (#2250)
+  * Fix goroutine leak (#2251)
+  * [chore] - lower logging level (#2249)
+  * [chore] - add additional binary extensions to skip (#2235)
+  * use snake_case for naming (#2238)
+  * [bug] - Bug archive handler memory leak (#2247)
+  * Add missing import (#2246)
+  * fix(snowflake): avoid extraneous attempts (#2057)
+  * feat(github): update extradata (#2219)
+  * shallow cloning + GitHub Action (#2138)
+
 -------------------------------------------------------------------
 Mon Feb 05 20:02:07 UTC 2024 - felix.niederwanger@suse.com
 

trufflehog.obsinfo

@@ -1,4 +1,4 @@
 name: trufflehog
-version: 3.67.2
-mtime: 1707158635
-commit: 135cc3eb6945d4ca56c432328490b4860462a08a
+version: 3.67.4
+mtime: 1707242770
+commit: 7b492a690a89d2b8c59de75cb9acf6f06ab45458

trufflehog.spec

@@ -17,7 +17,7 @@
 
 
 Name:           trufflehog
-Version:        3.67.2
+Version:        3.67.4
 Release:        0
 Summary:        CLI tool to find exposed secrets in source and archives
 License:        AGPL-3.0-or-later

vendor.tar.gz

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:603e813f8fbfb556d09630b88bb618b672c2d245ce31f52f90315476e400b913
-size 21281356
+oid sha256:b6b2ec919fd419b5acf772ddec02ccdd217a1c6a6fa1941ab84a4bec53cbd9f7
+size 21280094