- trufflehog-v3.37.0
* [chore] - Use correct detector proto by @ahrav in #1347
* Add message for discord server in readme by @zricethezav in #1344
* [chore] - Replace context.TODO by @ahrav in #1349
* needed perms for running workflows against forks by @codevbus in #1348
* Bump github.com/go-logr/zapr from 1.2.3 to 1.2.4 by @dependabot in #1355
* Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot in #1353
* Bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 by @dependabot in #1352
* Make OpenAI regex more specific by @nyanshak in #1345
* Bump github.com/getsentry/sentry-go from 0.20.0 to 0.21.0 by @dependabot in #1351
* Bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in #1354
* adds linting for workflow and actions by @codevbus in #1356
* Add Data member to ResultsMetadata struct. by @strazzere in #1358
* Surface missing git as an error during source initialization by @dustin-decker in #1362
* Bump go.mongodb.org/mongo-driver from 1.11.4 to 1.11.6 by @dependabot in #1367
* Bump github.com/envoyproxy/protoc-gen-validate from 1.0.0 to 1.0.1 by @dependabot in #1366
* Bump cloud.google.com/go/secretmanager from 1.10.0 to 1.10.1 by @dependabot in #1365
* fix mockaroo fps by @dustin-decker in #1370
* Bump github.com/googleapis/gax-go/v2 from 2.8.0 to 2.9.1 by @dependabot in #1363-
OBS-URL: https://build.opensuse.org/request/show/1090174
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=5
Update trufflehog to version 3.36.0
- trufflehog-v3.36.0
* Check to see if StructuredData exists before attempting to print it by @trufflesteeeve in #1346
- trufflehog-v3.35.0
* added pulumi cloud Access token detector by @vickygoel in #1295
* Bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 by @dependabot in #1339
* Bump google.golang.org/api from 0.114.0 to 0.122.0 by @dependabot in #1342
* Bump github.com/go-sql-driver/mysql from 1.7.0 to 1.7.1 by @dependabot in #1336
* Bump github.com/rabbitmq/amqp091-go from 1.8.0 to 1.8.1 by @dependabot in #1335
* Bump golang.org/x/sync from 0.1.0 to 0.2.0 by @dependabot in #1334
* [chore] - move objectManager interface by @ahrav in #1332
* use md5 hash for checking if key exists by @ahrav in #1257
* Add buildkitev2 detector for newer tokens by @ahrav in #1341
* GitHub basic auth by @dustin-decker in #1337
* Add extra data and structured data to plain output by @nyanshak in #1316
* [oc-313] - Add GitHub metrics by @ahrav in #1324
* Updating generic.go by @RuchitaKshirsagarTR in #1343
* Add Base64URLSafe decoder by @nyanshak in #1292
- trufflehog-v3.34.0
* Fixed contentfulpersonalaccesstoken regex by @amansakhuja in #1199
* Add max object size flag for s3 bucket scanning by @nyanshak in #1294
* add scripts to benchmark and plot performance across tags by @dustin-decker in #1293
* Implement EndpointCustomizer by @mcastorina in #1291
* add additional logging by @ahrav in #1298
* [chore] - format log msg by @ahrav in #1299
* Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.3.0 to 2.4.0 by @dependabot in #1306
* add tineswebhook detector by @jsolis in #1304
* Bump github.com/mholt/archiver/v4 from 4.0.0-alpha.7 to 4.0.0-alpha.8 by @dependabot in #1305
* Bump github.com/lib/pq from 1.10.8 to 1.10.9 by @dependabot in #1307
* Scan only for verified secrets in our CI by @dustin-decker in #1310
* add performance test by @zricethezav in #1301
* Add log to track git log size by @ahrav in #1325
* Extend cache interface by @ahrav in #1318
* Normalize GitHub repos during enumeration by @ahrav in #1269
* Output git timestamps as UTC times by @nyanshak in #1323
* Fix how we scan orgs by @ahrav in #1327
* [bug] - Update regex for ipstack by @ahrav in #1328
* Fix SquareApp detector type return value by @nyanshak in #1322
* Generate protos by @mcastorina in #1329
* Make sure context lines are properly handled by @bill-rich in #1331
* Do extraction after decompression by @nyanshak in #1320
* git worktree scanning fix for #827 by @nyanshak in #1315
* Support line numbers in filesystem source by @nyanshak in #1297
- trufflehog-v3.33.0
* improve sqlserver detection and testing by @dustin-decker in #1285
* Added a new detector for percy.io by @shabbirbs in #1284
* update jira detector by @ahrav in #1288
* update proto to allow for ignoring projects by @ahrav in #1289
* Fix include and exclude detector logic by @mcastorina in #1267
* Updated BrowserStack verified detector endpoint by @shabbirbs in #1290
- trufflehog-v3.32.2
* Bump google.golang.org/api from 0.118.0 to 0.119.0 by @dependabot in #1279
* Bump github.com/envoyproxy/protoc-gen-validate from 0.10.1 to 1.0.0 by @dependabot in #1280
* Bump cloud.google.com/go/storage from 1.29.0 to 1.30.1 by @dependabot in #1282
* Small optimizations for the base64 decoder by @ahrav in #1278
- trufflehog-v3.32.1
* Add RawV2 Results to the JSON Output by @yilmi in #1273
* optimize utf-8 decoder by @ahrav in #1275
* optimize base64 decoder by @ahrav in #1277
- trufflehog-v3.32.0
* Use md5 hash for resuming key by @ahrav in #1203
* [chore] - use hex encode vs base64 by @ahrav in #1256
* Remove toLower call on decoded chunk by @zricethezav in #1254
* git output []bytes were being logged as b64ed string by @dustin-decker in #1255
* Add team name to proto by @ahrav in #1258
* Only add detectors once by @bill-rich in #1265
* Bump google.golang.org/api from 0.114.0 to 0.118.0 by @dependabot in #1261
* Bump github.com/xanzy/go-gitlab from 0.81.0 to 0.82.0 by @dependabot in #1262
* [chore] Log possible duplicate detectors by @mcastorina in #1266
* Bump github.com/lib/pq from 1.10.7 to 1.10.8 by @dependabot in #1260
* Bump github.com/xanzy/go-gitlab from 0.81.0 to 0.83.0 by @dependabot in #1268
* Adding Google drive to MetaData proto by @0x1 in #1264
* Allow multiple team IDs for MS Teams by @ahrav in #1259
* Switch Endpoint Field to Client ID by @zubairk14 in #1270
* Add configurable detectors by @bill-rich in #1139
* Add utf16 decoder by @ahrav in #1274
* Ensure multipart credentials are deduplicated correctly by @dustin-decker in #1271
* Add utf16 decoder proto by @ahrav in #1276
- trufflehog-v3.31.6
* optimize gitparse handling of diffs by @zricethezav in #1253
- trufflehog-v3.31.5
* Use persistable cache for GCS progress tracking by @ahrav in #1204
* Bump golang.org/x/text from 0.8.0 to 0.9.0 by @dependabot in #1246
* Bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 by @dependabot in #1243
* Bump golang.org/x/crypto from 0.7.0 to 0.8.0 by @dependabot in #1244
* Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.2.0 to 2.3.0 by @dependabot in #1245
* Bump go.mongodb.org/mongo-driver from 1.11.3 to 1.11.4 by @dependabot in #1247
* THOG-920/add oss proto by @zubairk14 in #1240
* Generate protos by @mcastorina in #1250
* update circle test because workflows expire and need re-running by @dustin-decker in #1251
- trufflehog-v3.31.4
* fix linting step by @dustin-decker in #1235
* Resolve#1167 by adding support for the AWS_SESSION_TOKEN by @iamjpotts in #1170
* Use default endpoints when no custom verifier provided by @ahrav in #1242
- trufflehog-v3.31.3
* Run golang lint on entire repo instead of patches by @zricethezav in #1214
* add CLI switch to actions config by @codevbus in #1215
* Update verification endpoint - BrowserStack Detector by @gobind-singh in #1179
* Allow for custom verifier by @ahrav in #1070
* Add oauth2 cred as auth type for Teams. by @ahrav in #1221
* Use OAuth2 http client with GCS by @ahrav in #1220
* Add DetectorName to Result by @bill-rich in #1223
* Bump github.com/envoyproxy/protoc-gen-validate from 0.9.1 to 0.10.1 by @dependabot in #1207
* Bump github.com/TheZeroSlave/zapsentry from 1.14.0 to 1.15.0 by @dependabot in #1229
* Bump github.com/go-logr/logr from 1.2.3 to 1.2.4 by @dependabot in #1226
* Bump google.golang.org/api from 0.109.0 to 0.114.0 by @dependabot in #1228
* Bump go from 1.18 to 1.20 by @bceylan in #1230
* Bump github.com/googleapis/gax-go/v2 from 2.7.0 to 2.8.0 by @dependabot in #1227
* Bump cloud.google.com/go/storage from 1.29.0 to 1.30.1 by @dependabot in #1225
* Bump github.com/getsentry/sentry-go from 0.19.0 to 0.20.0 by @dependabot in #1231
* forager requires direct access to gitparse.FromReader by @dustin-decker in #1233
* Add lint for exporting loop references by @mcastorina in #1232
* readme improvements by @dustin-decker in #1234
- trufflehog-v3.31.2
* revert to original entrypoint config by @codevbus in #1219
- trufflehog-v3.31.1
* ensure stdout is still provided by @codevbus in #1217
- trufflehog-v3.31.0
* Bump cloud.google.com/go/storage from 1.30.0 to 1.30.1 by @dependabot in #1209
* Support for exclude globs at the git log level by @zricethezav in #1202
* Add GitHub Actions output by @dustin-decker in #1201
- trufflehog-v3.30.0
* update integration test excludes by @dustin-decker in #1169
* Bump github.com/googleapis/gax-go/v2 from 2.7.0 to 2.7.1 by @dependabot in #1171
* Bump github.com/fatih/color from 1.13.0 to 1.15.0 by @dependabot in #1174
* Bump github.com/xanzy/go-gitlab from 0.80.2 to 0.81.0 by @dependabot in #1172
* [chore] - Add unauth GCS source type by @ahrav in #1178
* Fix git commit date string formatting by @fearnoeval in #1181
* Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 by @dependabot in #1182
* [chore] Log git output on error by @mcastorina in #1180
* [chore] Add a break statement when iterating through keywords by @zricethezav in #1184
* [chore] Ignore errors from CustomRegex so the channel doesn't leak by @mcastorina in #1149
* updating browserstack detector user and key PrefixRegex strings by @raju-kamble in #1176
* [chore] - add support for json service account and service account file by @ahrav in #1185
* Add resuming capability to GCS source by @ahrav in #1161
* Add OpenAI API Tokens detector by @yilmi in #1142
* added new detectors and fixed mesibo detector by @garg472 in #1166
* Bump go.mongodb.org/mongo-driver from 1.11.2 to 1.11.3 by @dependabot in #1196
* Bump cloud.google.com/go/storage from 1.29.0 to 1.30.0 by @dependabot in #1195
* Bump github.com/go-git/go-git/v5 from 5.6.0 to 5.6.1 by @dependabot in #1194
* Bump google.golang.org/protobuf from 1.29.1 to 1.30.0 by @dependabot in #1193
* Bump github.com/googleapis/gax-go/v2 from 2.7.1 to 2.8.0 by @dependabot in #1192
* Add in-memory caching pkg by @ahrav in #1189
* [chore] - log enumeration duration by @ahrav in #1187
* Bump actions/setup-go from 3 to 4 by @dependabot in #1191
* Fix OpenAI test by @dustin-decker in #1186
* Bump google.golang.org/api from 0.111.0 to 0.114.0 by @dependabot in #1210
* Bump github.com/rabbitmq/amqp091-go from 1.7.0 to 1.8.0 by @dependabot in #1208
* [bug] - Use correct date format for Date posted by @ahrav in #1211
* Add Oauth creds to GCS by @ahrav in #1212
* Delete progress tracking from GCS source by @ahrav in #1190
- trufflehog-v3.29.1
* Make slack webhook detector regex more specific by @trufflesteeeve in #1168
- trufflehog-v3.29.0
* Remove period from file extension by @ahrav in #1154
* Bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in #1158
* Bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.0 by @dependabot in #1147
* Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.1.0 to 2.2.0 by @dependabot in #1148
* Bump github.com/getsentry/sentry-go from 0.18.0 to 0.19.0 by @dependabot in #1157
* Add gcs scanning integration by @ahrav in #1153
- trufflehog-v3.28.7
Support filtering detectors by version by @mcastorina in #1150
- trufflehog-v3.28.6
* Rename .pre-commit-hooks.yml to .pre-commit-hooks.yaml by @zhuwenxing in #1141
* Keyword optimization by @zricethezav in #1144
* Release should only run on tags by @dustin-decker in #1146
- trufflehog-v3.28.5
[chore] - Only scanned staged git changes by @ahrav in #1143
- trufflehog-v3.28.4
* [chore] Address more linter errors by @mcastorina in #1134
* Custom regex parallel verify by @0x1 in #1127
* [chore] Close response bodies by @mcastorina in #1137
* Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 by @dependabot in #1130
* Add pre-commit yml config by @ahrav in #1138
* Disable profiler in debug mode and add profile switch by @yilmi in #1136
- trufflehog-v3.28.3
* Support file scanning in filesystem source by @mcastorina in #1030
* Add ability to include and exclude detectors by @mcastorina in #1106
* [chore] Implement String for ScanErrors by @mcastorina in #1131
* [chore] Update docs for individual file scanning by @mcastorina in #1132
* [chore] Address lint errors by @mcastorina in #1133
- trufflehog-v3.28.2
* Bump github.com/xanzy/go-gitlab from 0.78.0 to 0.80.2 by @dependabot in #1117
* Gitparse message fix by @bill-rich in #1125
- trufflehog-v3.28.1
* Bump github.com/xanzy/go-gitlab from 0.78.0 to 0.80.2 by @dependabot in #1117
* Gitparse message fix by @bill-rich in #1125
OBS-URL: https://build.opensuse.org/request/show/1088795
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=4
- trufflehog-v3.28.0
* add smoke test by @dustin-decker in #1099
* Remove duplicated detectors by @trufflesteeeve in #1092
* adds TESTING doc w. steps for local GHA tests by @codevbus in #1093
* add more confluence options by @dustin-decker in #1105
* Github filter support for exclude and include by @MetinSAYGIN in #1087
* Fix nil scan options by @mcastorina in #1107
* [chore] Remove logrus from trufflehog by @mcastorina in #1095
* Bump golang.org/x/text from 0.6.0 to 0.7.0 by @dependabot in #1100
* Bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in #1101
* Bump github.com/getsentry/sentry-go from 0.17.0 to 0.18.0 by @dependabot in #1102
* [chore] - Add the unit for max archive size by @ahrav in #1108
* [chore] - archive size helper text by @ahrav in #1110
* [chore] - Update helper text for max-archive-size. by @ahrav in #1114
* Correctly parse most filenames with ' and ' by @bill-rich in #1113
* Drop tabs for filenames with spaces by @bill-rich in #1115
* Bump golang.org/x/oauth2 from 0.4.0 to 0.5.0 by @dependabot in #1116
* fix browserstack detector by @raju-kamble in #1120
* Bump golang.org/x/net from 0.6.0 to 0.7.0 by @dependabot in #1122
* Bump go.mongodb.org/mongo-driver from 1.11.1 to 1.11.2 by @dependabot in #1119
* Bump github.com/TheZeroSlave/zapsentry from 1.12.0 to 1.14.0 by @dependabot in #1118
* Bump github.com/rabbitmq/amqp091-go from 1.6.0 to 1.7.0 by @dependabot in #1103
* Adding initial protos for Google Drive scanner by @0x1 in #1121
* fixing browserstack regex username detection by @raju-kamble in #1123
- trufflehog-v3.27.1
* Revert "Make detectors configurable" by @dustin-decker in #1097
- trufflehog-v3.27.0
* Bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 by @dependabot in #1039
* add bodyclose linter to help prevent file handle leaks by @dustin-decker in #1048
* braintree detector: use production API URL instead of the test sandbo… by @swdbo in #1054
OBS-URL: https://build.opensuse.org/request/show/1067374
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=3
- trufflehog-v3.25.1
* Update entrypoint by @ahrav in #1013
* Copy metadata for line number aware sources by @bill-rich in #1011
* Rename and export isGitSource by @bill-rich in #1016
* Fix GitUrl Return by @pulkitanz in #987
* Bump goreleaser/goreleaser-action from 3 to 4 by @dependabot in #980
* Switch to retryableHttpClient for GitHub AuthN API Client + More Logs by @yilmi in #995
* Bump cloud.google.com/go/secretmanager from 1.9.0 to 1.10.0 by @dependabot in #1006
* Bump github.com/go-git/go-git/v5 from 5.5.1 to 5.5.2 by @dependabot in #1007
* Bump github.com/hashicorp/go-retryablehttp from 0.7.1 to 0.7.2 by @dependabot in #1008
* Bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in #1009
* Handle invalid regex for custom detector. by @ahrav in #1005
* Capture callstack of canceled contexts by @mcastorina in #979
* Validate custom regular expressions on detector initialization by @mcastorina in #1010
* fix: do not override base parameter with default in GitHub Action by @clarkedb in #1004
* Fix GitUrl Return by @pulkitanz in #987
* Bump goreleaser/goreleaser-action from 3 to 4 by @dependabot in #980
* Switch to retryableHttpClient for GitHub AuthN API Client + More Logs by @yilmi in #995
* Bump cloud.google.com/go/secretmanager from 1.9.0 to 1.10.0 by @dependabot in #1006
* Bump github.com/go-git/go-git/v5 from 5.5.1 to 5.5.2 by @dependabot in #1007
* Bump github.com/hashicorp/go-retryablehttp from 0.7.1 to 0.7.2 by @dependabot in #1008
* Bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in #1009
* Handle invalid regex for custom detector. by @ahrav in #1005
* Capture callstack of canceled contexts by @mcastorina in #979
* Validate custom regular expressions on detector initialization by @mcastorina in #1010
* Allow for default value to be used in GHA Workflow by @ahrav in #999
* Add Circle CI source by @dustin-decker in #997
* Remove ctx from source structs by @ahrav in #986
* Removing Debug version Println to logrus debug - Issue #992 by @yilmi in #993
* Make GA action default base an empty string. by @ahrav in #996
OBS-URL: https://build.opensuse.org/request/show/1058007
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=2
Trufflehog
TruffleHog is an open source secret-scanning engine that helps resolve exposed
secrets across your company’s entire tech stack.
-------------------------------------------------------------------
Thu Dec 22 16:46:59 UTC 2022 - Pavel Dostál <pdostal@suse.com>
- Change the minimal version of Go from 1.14 to 1.18
-------------------------------------------------------------------
Thu Dec 22 15:51:49 UTC 2022 - Pavel Dostál <pdostal@suse.com>
- Bump github.com/xanzy/go-gitlab from 0.76.0 to 0.77.0 by @dependabot in #981
- Bump golang.org/x/crypto from 0.3.0 to 0.4.0 by @dependabot in #982
- Add configuration parsing and custom detectors to engine by @mcastorina in #968
- Add custom regex detector docs by @mcastorina in #983
- Remove custom log leveler by @mcastorina in #985
OBS-URL: https://build.opensuse.org/request/show/1045674
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/trufflehog?expand=0&rev=1
Jeff Kowalczyk