* [INS-228] Add ignorePattern configuration support to Postgres and Sqlserver detectors (#4612)
* [INS-280] Fix Github "repostories" filter does not respect GHES endpoint (#4677)
* [INS-307] Added unspecified(0.0.0.0) check to DetectorHttpClientWithNoLocalAddresses (#4726)
* [INS-249] Updated Gitlab client from v0.129.0 to v1.12.0(latest) (#4655)
* enabled the test which was previously failing due to inaccessible github repo (#4715)
* [INS-258] Revert includeRepos removal from GitHub source (#4673)
* fix(github): preserve trailing hyphens in repository names (#4695)
OBS-URL: https://build.opensuse.org/request/show/1330999
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=255
- Update to version 3.92.5:
* [INS-243] Fix jdbc detector detecting incomplete connection string and fixed invalid… (#4636)
* added monthly requests limit to postman api request metrics collection (#4667)
* fix: report accurate line numbers for chunked file scanning (#1876) (#4615)
* fix(git): use `--iso-strict` git arg to prevent locale issue (#4653)
* Gitlab Source: Backoff from Scan2 which is experimental to legacy pagination API call (#4608)
* Rework JWT detector to better block local IPs; add HTTP instrumentation (#4607)
* Fix typo in help description for Postman API metric (#4656)
* detectors/twilio: add exponential backoff retry logic (#4652)
* [INS-170] Unify JDBC URL Parsing Across Detector and Analyzer (Continued) (#4606)
* [INS-232] Fix S3 Source "panic: runtime error: index out of range" bug (#4610)
* [INS-120] Increase test coverage for nested items(scanItem) function (#4648)
* Fix syslog test failing due to hardcoded timestamp (#4646)
* [INS-242] Add more validations to Custom Detector config (#4642)
* [INS-206] Store Gitlab Project ID in secret location metadata (#4601) (forwarded request 1328060 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1328099
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trufflehog?expand=0&rev=108
- Update to version 3.92.5:
* [INS-243] Fix jdbc detector detecting incomplete connection string and fixed invalid… (#4636)
* added monthly requests limit to postman api request metrics collection (#4667)
* fix: report accurate line numbers for chunked file scanning (#1876) (#4615)
* fix(git): use `--iso-strict` git arg to prevent locale issue (#4653)
* Gitlab Source: Backoff from Scan2 which is experimental to legacy pagination API call (#4608)
* Rework JWT detector to better block local IPs; add HTTP instrumentation (#4607)
* Fix typo in help description for Postman API metric (#4656)
* detectors/twilio: add exponential backoff retry logic (#4652)
* [INS-170] Unify JDBC URL Parsing Across Detector and Analyzer (Continued) (#4606)
* [INS-232] Fix S3 Source "panic: runtime error: index out of range" bug (#4610)
* [INS-120] Increase test coverage for nested items(scanItem) function (#4648)
* Fix syslog test failing due to hardcoded timestamp (#4646)
* [INS-242] Add more validations to Custom Detector config (#4642)
* [INS-206] Store Gitlab Project ID in secret location metadata (#4601)
OBS-URL: https://build.opensuse.org/request/show/1328060
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=251
- Update to version 3.92.1:
* Improve Copper Detector verification with stricter status code and email matching (#4594)
* Apply configured include/ignore lists to GitLab unit scans (#4592)
* Add more clone logging (#4593)
* skip flaky test (#4595)
* Create way to add key-value pairs to new sinks (#4582)
* [INS-204] Abort Postman scan if monthly API request limit crosses 80% (#4586)
* [INS-104] Support units in S3 source (#4560)
* Add Metrics to RetryableHTTPClient (#4545)
* Add Gitlab V3 Detector (#4563)
* Updated the failing Docker source Quay registry test (#4580)
* Added Additional Metrics and Job ID in the Docker Source (#4547)
* Added API Call Metrics to Docker Source (#4552) (forwarded request 1321971 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1321973
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trufflehog?expand=0&rev=105
- Update to version 3.92.1:
* Improve Copper Detector verification with stricter status code and email matching (#4594)
* Apply configured include/ignore lists to GitLab unit scans (#4592)
* Add more clone logging (#4593)
* skip flaky test (#4595)
* Create way to add key-value pairs to new sinks (#4582)
* [INS-204] Abort Postman scan if monthly API request limit crosses 80% (#4586)
* [INS-104] Support units in S3 source (#4560)
* Add Metrics to RetryableHTTPClient (#4545)
* Add Gitlab V3 Detector (#4563)
* Updated the failing Docker source Quay registry test (#4580)
* Added Additional Metrics and Job ID in the Docker Source (#4547)
* Added API Call Metrics to Docker Source (#4552)
OBS-URL: https://build.opensuse.org/request/show/1321971
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=245
- Update to version 3.90.13:
* Add source type label to chunk size metric (#4543)
* Updated GDrive proto to support On-Prem Scanning (#4539)
* chore: fix feature support to append user agent suffix (#4520)
* Implemented Graphql requests for Github PR's, Issues and comments scanning (#4431)
* use pr-approval-check@main (#4531)
* pr-approval-check: use separate workflow to check approvals (#4530)
* Switch to an outside action for pr approval (#4523)
* pr approval workflow: use pull_request_target (#4522)
* Require product eng approval for PRs (#4478) (forwarded request 1315740 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1315745
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trufflehog?expand=0&rev=101
- Update to version 3.90.12:
* Remove depaware (#4515)
* Remove include repos (#4469)
* explicit repositories now bypass wantRepo() filtering entirely. added ctx to newConnector (#4507)
* add ability to run github-experimental against private repos (#4508)
* Refactored circleci source test cases (#4506)
* Fix "skipping binary file" logging to show actual file name (#4509)
* Comment out broken CircleCI integration test (#4505)
* Updated Docker source with new test cases and README (#4481) (forwarded request 1314001 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1314076
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trufflehog?expand=0&rev=100
- Update to version 3.90.11:
* bump rardecode (#4503)
* Local Git Config Sanitization (#4502)
* Bump github.com/nwaples/rardecode/v2 (#4501)
* added prefix to the github old detector regex pattern (#4494)
* Fix wrong line number in private key detector (#4485) (#4486)
* refactor: use b.Loop() to simplify the code and improve performance (#4497)
* add support for account api token (#4495)
* Detect Organization ID to pass into AnalysisInfo for Atlassian Detector (#4480)
* set auth-in-url flag to true when using ssh clone (#4488)
* Proto update to support scanning confluence comments (#4484)
* Clarify what 'unknown' means (#4477)
* enhanced the api response handling in the secret verification (#4482)
* Return non-zero exit code if an error occurs during a scan (#4476) (forwarded request 1311608 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1311730
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trufflehog?expand=0&rev=99
- Update to version 3.90.11:
* bump rardecode (#4503)
* Local Git Config Sanitization (#4502)
* Bump github.com/nwaples/rardecode/v2 (#4501)
* added prefix to the github old detector regex pattern (#4494)
* Fix wrong line number in private key detector (#4485) (#4486)
* refactor: use b.Loop() to simplify the code and improve performance (#4497)
* add support for account api token (#4495)
* Detect Organization ID to pass into AnalysisInfo for Atlassian Detector (#4480)
* set auth-in-url flag to true when using ssh clone (#4488)
* Proto update to support scanning confluence comments (#4484)
* Clarify what 'unknown' means (#4477)
* enhanced the api response handling in the secret verification (#4482)
* Return non-zero exit code if an error occurs during a scan (#4476)
OBS-URL: https://build.opensuse.org/request/show/1311608
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=233
- Update to version 3.90.6:
* Added feature flag to configure projects per page in gitlab enumeration (#4437)
* pkg: fix some typos in comment (#4440)
* Changes to fix Enterprise UI filtering of Github Hosted Scanner Repositories to Include (#4430)
* Fix legacy json flag for Github and Gitlab private repos (#4386)
* fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.8 (#4396)
* fix(deps): update module github.com/brianvoe/gofakeit/v7 to v7.5.1 (#4425)
* Scan Github Private Repositories With Token (#4426)
* [Feature] Added Detector for the Photoroom API (#4414)
* Fix error propagation and a typo in verification logic (#4427)
* Ignore known common prefix matches for Github V1 detector (#4379)
* Added support for additional validation rules in custom detector (#4413)
* [GitHub] Add a GraphQL client to the connector (#3837)
* fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.10 (#4424)
* fix(deps): update aws-sdk-go-v2 monorepo (#4422)
* Recover logger if wrapped by a non-logging context implementation (#4406)
* Fix git tests if run with global commit.gpgsign=true (#4415)
* Added a dedicated optional flag to ignore gists during scan (#4423)
* added flyio detector (#2381)
* fix(deps): update module cloud.google.com/go/storage to v1.56.1 (#4412)
* fix(deps): update module google.golang.org/protobuf to v1.36.8 (#4397)
* Enable cloning repository to a specified location with retention option (#4408)
* Add support for AWS account allow and deny lists (#4407)
* [Feature] Updated Dotmailer Detector To Dotdigital (#4331)
* Added explicit secrets manager write flag to Bitbucket source (#4403)
* [Detector] rippling detector for phrase api tokens (#4348)
* Added support for indeterminate verification for letter Q detectors (#4398) (forwarded request 1303158 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1303194
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trufflehog?expand=0&rev=97
- Update to version 3.90.6:
* Added feature flag to configure projects per page in gitlab enumeration (#4437)
* pkg: fix some typos in comment (#4440)
* Changes to fix Enterprise UI filtering of Github Hosted Scanner Repositories to Include (#4430)
* Fix legacy json flag for Github and Gitlab private repos (#4386)
* fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.8 (#4396)
* fix(deps): update module github.com/brianvoe/gofakeit/v7 to v7.5.1 (#4425)
* Scan Github Private Repositories With Token (#4426)
* [Feature] Added Detector for the Photoroom API (#4414)
* Fix error propagation and a typo in verification logic (#4427)
* Ignore known common prefix matches for Github V1 detector (#4379)
* Added support for additional validation rules in custom detector (#4413)
* [GitHub] Add a GraphQL client to the connector (#3837)
* fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.10 (#4424)
* fix(deps): update aws-sdk-go-v2 monorepo (#4422)
* Recover logger if wrapped by a non-logging context implementation (#4406)
* Fix git tests if run with global commit.gpgsign=true (#4415)
* Added a dedicated optional flag to ignore gists during scan (#4423)
* added flyio detector (#2381)
* fix(deps): update module cloud.google.com/go/storage to v1.56.1 (#4412)
* fix(deps): update module google.golang.org/protobuf to v1.36.8 (#4397)
* Enable cloning repository to a specified location with retention option (#4408)
* Add support for AWS account allow and deny lists (#4407)
* [Feature] Updated Dotmailer Detector To Dotdigital (#4331)
* Added explicit secrets manager write flag to Bitbucket source (#4403)
* [Detector] rippling detector for phrase api tokens (#4348)
* Added support for indeterminate verification for letter Q detectors (#4398)
OBS-URL: https://build.opensuse.org/request/show/1303158
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=229
- Update to version 3.89.2:
* refactor: use HandleFile for Jenkins build log processing to improve chunking (#4225)
* Add git metrics for cloning and scanning (#4234)
* Log recursion limiting (#4236)
* fix(deps): update module github.com/googleapis/gax-go/v2 to v2.14.2 (#4231)
* fix(deps): update module github.com/go-logr/logr to v1.4.3 (#4228)
* fix(deps): update github.com/avast/apkparser digest to 166ba17 (#4119)
* fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.14.0 (#4025)
* fix(deps): update aws-sdk-go-v2 monorepo (#4213)
* addition of percent encoding for raw brackets CSM-1195 (#4221)
* (fix) validation to ensure only one of --org or --repo is provided for Github source (#4141)
* Analyzer/datadog (#4132) (forwarded request 1286293 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1286400
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trufflehog?expand=0&rev=92
- Update to version 3.89.2:
* refactor: use HandleFile for Jenkins build log processing to improve chunking (#4225)
* Add git metrics for cloning and scanning (#4234)
* Log recursion limiting (#4236)
* fix(deps): update module github.com/googleapis/gax-go/v2 to v2.14.2 (#4231)
* fix(deps): update module github.com/go-logr/logr to v1.4.3 (#4228)
* fix(deps): update github.com/avast/apkparser digest to 166ba17 (#4119)
* fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.14.0 (#4025)
* fix(deps): update aws-sdk-go-v2 monorepo (#4213)
* addition of percent encoding for raw brackets CSM-1195 (#4221)
* (fix) validation to ensure only one of --org or --repo is provided for Github source (#4141)
* Analyzer/datadog (#4132)
OBS-URL: https://build.opensuse.org/request/show/1286293
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=219
- Update to version 3.89.1:
* Update ngrok.go detector to handle 403s properly (#4216)
* chore(deps): update sigstore/cosign-installer action to v3.8.2 (#4212)
* chore(deps): update dependency go to v1.24.4 (#4136)
* feat(docker): implement exclude paths functionality (#4057)
* Fix git commit validation (#4192)
* Jiratoken Analyzer (#4193)
* Updated OpenAI Analyzer (#4203)
* Add support for defining sources via a config file (#4172)
* Fix typo: remove duplicated 'about' in documentation (#4211)
* Pass Context Through Postman NewRequest (#4190)
* Remove job ID from bytes_scanned and chunks_scanned metrics (#4206)
* [fix] Report the unit in a single scan job (#4209)
* Added new version for heroku detector (#4201)
* chore(actions): check to install `jq` if it is not already (#4000)
* updated the go-mssqldb library version from v1.8.0 to v1.8.2 (#4200)
* Fix for Larksuite regex (#4194)
* remove prefix regex for JIRA V2 patterns (#4197)
* Added support to scan github commit metadata for targeted scans (#4189)
* Stripe Payment Intent Detector (#4138)
OBS-URL: https://build.opensuse.org/request/show/1284499
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=218
- Update to version 3.88.34:
* Prevent indefinite hang for sql server detector (#4174)
* feat: allow input source from pipe (#4088)
* Enhanced smartsheets detector (#4168)
- Update to version 3.88.33:
* Added support for indeterminate verification for letter Z detectors (#4165)
* Change filesystem unit enumeration to use provided inputs (#4163)
- Update to version 3.88.32:
* Fixed Grafana detector (#4166)
* Reduce verbosity of chunk trace logging (#4161)
* Increase postman logging verbosity (#4160)
* Change github file extension log message verbosity (#4159)
* docs: fix typos (#4158)
Note: The previously pushed version 3.89.0 never existed. This was a typo, which in conjunction with using the wrong revision caused the 'main' branch to be packaged.
- Fix _service file (change revision from main to the actual tag)
- Update to version 3.88.31:
* fix(twitch): Update Twitch detector to handle new RawV2 field and adjust test expectations (#4150)
* Add a bunch of Postman logging (#4154)
* Added DataBricks Analyzer (#4135)
* fixed shopify detector line number (#4149)
* chore: run setup-go after checkout (#4143)
* Add per-chunk detection logging (#4152)
* [Feat] Added Dropbox API OAuth2 Token Analyzer (#4080)
* Updated Github Source Validate method (#4144)
* replace anthropic reference with groq (#4147)
* [Fix] Line number issue for custom detector (#3997)
- Update to version 3.89.0:
* Updated Github Source Validate method (#4144)
* replace anthropic reference with groq (#4147)
* [Fix] Line number issue for custom detector (#3997)
* fix(postman): prevent infinite recursion in variable substitution (#4145)
* Add metrics to the Postman source (#4142)
* [Feat] Implementation of Posthog Analyzer (#4103)
* [Feat] Added Mux API Analyzer (#4128)
* fixed name of netlify analyzer in cli output (#4140)
* fix(discordwebhook): Update Discord webhook detector to support 19-digit IDs (#4133)
* [Feat] Added New AccuWeather Detector Version (#4114)
* [Feat] Added Ngrok API Key Analyzer (#4110)
* Improved JDBC Detector Regex (#4109) (forwarded request 1279988 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1280315
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trufflehog?expand=0&rev=90