From 0fc626db4d276bf7da1ccd467092818e69538e27cbbfe97709077ee26fb30eb3 Mon Sep 17 00:00:00 2001 From: Jeff Kowalczyk Date: Thu, 22 Feb 2024 03:25:59 +0000 Subject: [PATCH 1/2] Accepting request 1148854 from home:ph03nix - Update to version 3.67.7: * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.22 (#2492) * fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v7 (#2490) * Add Display method to SourceUnit and Kind member to the CommonSourceUnit (#2450) * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.21 (#2489) * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2486) * concurrency uint8 to int (#2488) * use read full (#2474) * [chore] - upgrade lru cache version (#2487) * fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.2 (#2484) * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2483) * fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 (#2482) * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2481) * fix(deps): update module google.golang.org/api to v0.165.0 (#2480) * fix(deps): update module go.mongodb.org/mongo-driver to v1.14.0 (#2479) * fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 (#2478) * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.20 (#2477) * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2462) * move clenaup outside the engine (#2475) * tighten keyword match (#2473) * [chore] Increase TestMaxDiffSize timeout (#2472) * add lazy quantifier to prefixregex (#2466) * [cleanup] - Extract buffer logic (#2409) * update gitlab proto (#2469) * add missing prefixregex (#2468) * Remove some noisy / less useful detectors (#2467) * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.18 (#2463) * fix(deps): update module github.com/google/go-github/v57 to v59 (#2449) * fix(deps): update module github.com/aymanbagabas/go-osc52 to v1.2.2 (#2460) * fix(deps): update module github.com/aymanbagabas/go-osc52 to v2 (#2459) OBS-URL: https://build.opensuse.org/request/show/1148854 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=62 --- _service | 2 +- trufflehog-3.67.6.obscpio | 3 --- trufflehog-3.67.7.obscpio | 3 +++ trufflehog.changes | 41 +++++++++++++++++++++++++++++++++++++++ trufflehog.obsinfo | 6 +++--- trufflehog.spec | 2 +- vendor.tar.gz | 4 ++-- 7 files changed, 51 insertions(+), 10 deletions(-) delete mode 100644 trufflehog-3.67.6.obscpio create mode 100644 trufflehog-3.67.7.obscpio diff --git a/_service b/_service index 24d7ac0..771a2c7 100644 --- a/_service +++ b/_service @@ -3,7 +3,7 @@ https://github.com/trufflesecurity/trufflehog.git git main - v3.67.6 + v3.67.7 v(.*) enable diff --git a/trufflehog-3.67.6.obscpio b/trufflehog-3.67.6.obscpio deleted file mode 100644 index d02ef65..0000000 --- a/trufflehog-3.67.6.obscpio +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:4e2ce121b6ae7e5a33dee732d98d2deb555d30a2795c74b86629945618e433e4 -size 9662477 diff --git a/trufflehog-3.67.7.obscpio b/trufflehog-3.67.7.obscpio new file mode 100644 index 0000000..a264dd1 --- /dev/null +++ b/trufflehog-3.67.7.obscpio @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7c7d5f1ade254f907a56077b4dc5b70bc1bd823f0a5316c22338b2c8d3b7d244 +size 9657869 diff --git a/trufflehog.changes b/trufflehog.changes index 8b7ed6c..a621a19 100644 --- a/trufflehog.changes +++ b/trufflehog.changes @@ -1,3 +1,44 @@ +------------------------------------------------------------------- +Wed Feb 21 06:27:30 UTC 2024 - felix.niederwanger@suse.com + +- Update to version 3.67.7: + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.22 (#2492) + * fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v7 (#2490) + * Add Display method to SourceUnit and Kind member to the CommonSourceUnit (#2450) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.21 (#2489) + * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2486) + * concurrency uint8 to int (#2488) + * use read full (#2474) + * [chore] - upgrade lru cache version (#2487) + * fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.2 (#2484) + * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2483) + * fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 (#2482) + * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2481) + * fix(deps): update module google.golang.org/api to v0.165.0 (#2480) + * fix(deps): update module go.mongodb.org/mongo-driver to v1.14.0 (#2479) + * fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 (#2478) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.20 (#2477) + * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2462) + * move clenaup outside the engine (#2475) + * tighten keyword match (#2473) + * [chore] Increase TestMaxDiffSize timeout (#2472) + * add lazy quantifier to prefixregex (#2466) + * [cleanup] - Extract buffer logic (#2409) + * update gitlab proto (#2469) + * add missing prefixregex (#2468) + * Remove some noisy / less useful detectors (#2467) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.18 (#2463) + * fix(deps): update module github.com/google/go-github/v57 to v59 (#2449) + * fix(deps): update module github.com/aymanbagabas/go-osc52 to v1.2.2 (#2460) + * fix(deps): update module github.com/aymanbagabas/go-osc52 to v2 (#2459) + * fix(deps): update module go.mongodb.org/mongo-driver to v1.13.2 (#2458) + * fix(deps): update module github.com/aymanbagabas/go-osc52 to v1.2.2 (#2457) + * fix(deps): update module github.com/aymanbagabas/go-osc52 to v2 (#2447) + * fix(deps): update module github.com/googleapis/gax-go/v2 to v2.12.1 (#2454) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.17 (#2453) + * fix(deps): update golang.org/x/exp digest to ec58324 (#2452) + * fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 (#2448) + ------------------------------------------------------------------- Tue Feb 13 20:23:07 UTC 2024 - felix.niederwanger@suse.com diff --git a/trufflehog.obsinfo b/trufflehog.obsinfo index 6673c80..9f17564 100644 --- a/trufflehog.obsinfo +++ b/trufflehog.obsinfo @@ -1,4 +1,4 @@ name: trufflehog -version: 3.67.6 -mtime: 1707839688 -commit: 216a29d7cf0f38a8371a0e77e88d28f53b1ba592 +version: 3.67.7 +mtime: 1708472330 +commit: 05c2f550f0aed07b15827f9c3cedbd7c56a3a533 diff --git a/trufflehog.spec b/trufflehog.spec index 14b3549..144f237 100644 --- a/trufflehog.spec +++ b/trufflehog.spec @@ -17,7 +17,7 @@ Name: trufflehog -Version: 3.67.6 +Version: 3.67.7 Release: 0 Summary: CLI tool to find exposed secrets in source and archives License: AGPL-3.0-or-later diff --git a/vendor.tar.gz b/vendor.tar.gz index 843b281..5fc6a22 100644 --- a/vendor.tar.gz +++ b/vendor.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:5dfcd3434cacd62f3ffea4ec3da70a92146331d0cc61f4e65f6596902075cbe3 -size 21107440 +oid sha256:81ae2313868ad516cadfda23ffbdb0acf1c8a05c8a931b27d8dd7f27a0adec8d +size 21116948 From 60d43a15b2372675da35d2284fe12240f2a3f1b8aa1510392a9558a0e5a84a41 Mon Sep 17 00:00:00 2001 From: Jeff Kowalczyk Date: Thu, 22 Feb 2024 16:12:27 +0000 Subject: [PATCH 2/2] Accepting request 1149088 from home:ph03nix - Update to version 3.68.0: * Identify some canary tokens without detonation (#2500) * fix(deps): update module go.uber.org/zap to v1.27.0 (#2498) * fix(deps): update module github.com/snowflakedb/gosnowflake to v1.8.0 (#2497) * fix(deps): update module github.com/couchbase/gocb/v2 to v2.7.2 (#2493) * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.22 (#2492) * fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v7 (#2490) * Add Display method to SourceUnit and Kind member to the CommonSourceUnit (#2450) * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.21 (#2489) * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2486) * concurrency uint8 to int (#2488) * use read full (#2474) * [chore] - upgrade lru cache version (#2487) * fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.2 (#2484) * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2483) * fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 (#2482) * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2481) * fix(deps): update module google.golang.org/api to v0.165.0 (#2480) * fix(deps): update module go.mongodb.org/mongo-driver to v1.14.0 (#2479) * fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 (#2478) * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.20 (#2477) * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2462) * move clenaup outside the engine (#2475) * tighten keyword match (#2473) * [chore] Increase TestMaxDiffSize timeout (#2472) * add lazy quantifier to prefixregex (#2466) * [cleanup] - Extract buffer logic (#2409) * update gitlab proto (#2469) * add missing prefixregex (#2468) * Remove some noisy / less useful detectors (#2467) OBS-URL: https://build.opensuse.org/request/show/1149088 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=63 --- _service | 2 +- trufflehog-3.67.7.obscpio | 3 -- trufflehog-3.68.0.obscpio | 3 ++ trufflehog.changes | 95 +++++++++++++++++++++++++++++++++++++++ trufflehog.obsinfo | 6 +-- trufflehog.spec | 2 +- vendor.tar.gz | 4 +- 7 files changed, 105 insertions(+), 10 deletions(-) delete mode 100644 trufflehog-3.67.7.obscpio create mode 100644 trufflehog-3.68.0.obscpio diff --git a/_service b/_service index 771a2c7..2205934 100644 --- a/_service +++ b/_service @@ -3,7 +3,7 @@ https://github.com/trufflesecurity/trufflehog.git git main - v3.67.7 + v3.68.0 v(.*) enable diff --git a/trufflehog-3.67.7.obscpio b/trufflehog-3.67.7.obscpio deleted file mode 100644 index a264dd1..0000000 --- a/trufflehog-3.67.7.obscpio +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7c7d5f1ade254f907a56077b4dc5b70bc1bd823f0a5316c22338b2c8d3b7d244 -size 9657869 diff --git a/trufflehog-3.68.0.obscpio b/trufflehog-3.68.0.obscpio new file mode 100644 index 0000000..934f7fb --- /dev/null +++ b/trufflehog-3.68.0.obscpio @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8134a2c48aabdc971fa59ea0a27ee2999b93890889c74b66ca66aa3e712b8f59 +size 9661453 diff --git a/trufflehog.changes b/trufflehog.changes index a621a19..5f7267b 100644 --- a/trufflehog.changes +++ b/trufflehog.changes @@ -1,3 +1,98 @@ +------------------------------------------------------------------- +Thu Feb 22 07:47:17 UTC 2024 - felix.niederwanger@suse.de + +- Update to version 3.68.0: + * Identify some canary tokens without detonation (#2500) + * fix(deps): update module go.uber.org/zap to v1.27.0 (#2498) + * fix(deps): update module github.com/snowflakedb/gosnowflake to v1.8.0 (#2497) + * fix(deps): update module github.com/couchbase/gocb/v2 to v2.7.2 (#2493) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.22 (#2492) + * fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v7 (#2490) + * Add Display method to SourceUnit and Kind member to the CommonSourceUnit (#2450) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.21 (#2489) + * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2486) + * concurrency uint8 to int (#2488) + * use read full (#2474) + * [chore] - upgrade lru cache version (#2487) + * fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.2 (#2484) + * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2483) + * fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 (#2482) + * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2481) + * fix(deps): update module google.golang.org/api to v0.165.0 (#2480) + * fix(deps): update module go.mongodb.org/mongo-driver to v1.14.0 (#2479) + * fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 (#2478) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.20 (#2477) + * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2462) + * move clenaup outside the engine (#2475) + * tighten keyword match (#2473) + * [chore] Increase TestMaxDiffSize timeout (#2472) + * add lazy quantifier to prefixregex (#2466) + * [cleanup] - Extract buffer logic (#2409) + * update gitlab proto (#2469) + * add missing prefixregex (#2468) + * Remove some noisy / less useful detectors (#2467) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.18 (#2463) + * fix(deps): update module github.com/google/go-github/v57 to v59 (#2449) + * fix(deps): update module github.com/aymanbagabas/go-osc52 to v1.2.2 (#2460) + * fix(deps): update module github.com/aymanbagabas/go-osc52 to v2 (#2459) + * fix(deps): update module go.mongodb.org/mongo-driver to v1.13.2 (#2458) + * fix(deps): update module github.com/aymanbagabas/go-osc52 to v1.2.2 (#2457) + * fix(deps): update module github.com/aymanbagabas/go-osc52 to v2 (#2447) + * fix(deps): update module github.com/googleapis/gax-go/v2 to v2.12.1 (#2454) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.17 (#2453) + * fix(deps): update golang.org/x/exp digest to ec58324 (#2452) + * fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 (#2448) + * [chore] Add some doc comments to source manager (#2434) + * 2396 since commit stopped working (#2402) + * Update custom detector example (#2435) + * chore(deps): update golangci/golangci-lint-action action to v4 (#2445) + * chore(deps): update github/codeql-action action to v3 (#2444) + * fix(deps): update module google.golang.org/api to v0.164.0 (#2442) + * fix(deps): update module golang.org/x/oauth2 to v0.17.0 (#2441) + * chore(deps): update actions/setup-go action to v5 (#2443) + * fix(deps): update module golang.org/x/net to v0.21.0 (#2440) + * fix(deps): update module golang.org/x/crypto to v0.19.0 (#2439) + * fix(deps): update module cloud.google.com/go/storage to v1.38.0 (#2438) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.16 (#2436) + * fix(deps): update module go.uber.org/mock to v0.4.0 (#2437) + * fix(deps): update module go.mongodb.org/mongo-driver to v1.13.1 (#2433) + * fix(deps): update module github.com/xanzy/go-gitlab to v0.97.0 (#2432) + * fix(deps): update module github.com/prometheus/client_golang to v1.18.0 (#2429) + * fix(deps): update module github.com/snowflakedb/gosnowflake to v1.7.2 (#2430) + * fix(deps): update module github.com/thezeroslave/zapsentry to v1.20.2 (#2431) + * fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 (#2428) + * fix(deps): update module github.com/google/uuid to v1.6.0 (#2427) + * chore(gcp): ignore known test creds (#2413) + * [fix] Add unit information to error returned by ChunkUnit (#2410) + * fix(deps): update module github.com/google/go-containerregistry to v0.19.0 (#2425) + * fix(deps): update module github.com/getsentry/sentry-go to v0.27.0 (#2424) + * fix(deps): update module cloud.google.com/go/storage to v1.37.0 (#2423) + * chore(deps): update sigstore/cosign-installer action to v3.4.0 (#2421) + * chore(deps): update golang docker tag to v1.22 (#2420) + * fix(deps): update module github.com/aymanbagabas/go-osc52 to v1.2.2 (#2416) + * fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.22 (#2417) + * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.15 (#2415) + * fix(deps): update module cloud.google.com/go/secretmanager to v1.11.5 (#2414) + * fix(deps): update golang.org/x/exp digest to 2c58cdc (#2412) + * fix(deps): update github.com/lrstanley/bubblezone digest to b7bafc4 (#2411) + * fix(deps): update module github.com/aymanbagabas/go-osc52 to v2 (#2048) + * fix(deps): update module github.com/charmbracelet/bubbles to v0.18.0 (#2296) + * fix(deps): update module github.com/charmbracelet/bubbletea to v0.25.0 (#2326) + * [chore] Ensure Postgres detector respects context deadline (#2408) + * [chore] Rename file to legacy_reporters.go (#2406) + * Add flag to write job reports to disk (#2298) + * Implement SourceUnitEnumChunker for GitLab (#2367) + * Update brew install instructions (#2404) + * Refactor UnitHook to block the scan if finished metrics aren't handled (#2309) + * skip community PR (forks) secret scans for now (#2401) + * [feat] - buffered file writer metrics (#2395) + * Update GitParse to handle quoted binary filenames (#2391) + * Allow multiple domains for Forager (#2400) + * prevent concurrent map writes (#2399) + * Allow CLI version pinning in GHA (#2397) (#2398) + * Set GHA workdir (#2393) + * Fix handling of GitHub ratelimit information (#2041) + ------------------------------------------------------------------- Wed Feb 21 06:27:30 UTC 2024 - felix.niederwanger@suse.com diff --git a/trufflehog.obsinfo b/trufflehog.obsinfo index 9f17564..1e81413 100644 --- a/trufflehog.obsinfo +++ b/trufflehog.obsinfo @@ -1,4 +1,4 @@ name: trufflehog -version: 3.67.7 -mtime: 1708472330 -commit: 05c2f550f0aed07b15827f9c3cedbd7c56a3a533 +version: 3.68.0 +mtime: 1708537341 +commit: d53b83b58e37db1e58560a0ea5344470c054793f diff --git a/trufflehog.spec b/trufflehog.spec index 144f237..481b77a 100644 --- a/trufflehog.spec +++ b/trufflehog.spec @@ -17,7 +17,7 @@ Name: trufflehog -Version: 3.67.7 +Version: 3.68.0 Release: 0 Summary: CLI tool to find exposed secrets in source and archives License: AGPL-3.0-or-later diff --git a/vendor.tar.gz b/vendor.tar.gz index 5fc6a22..e545d0e 100644 --- a/vendor.tar.gz +++ b/vendor.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:81ae2313868ad516cadfda23ffbdb0acf1c8a05c8a931b27d8dd7f27a0adec8d -size 21116948 +oid sha256:ef46209a7a8488b0a6f5a5ae8c576a8892aed1cb260fff63ee378f7d82460304 +size 21129455