pool/trufflehog
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: pool:factory
Branches Tags
pool:factory
pool:devel
rpm:factory
rpm:devel
..
compare: rpm:factory
Branches Tags
rpm:factory
rpm:devel
pool:factory
pool:devel

No commits in common. "factory" and "factory" have entirely different histories.
factory ... factory

8 changed files with 12 additions and 707 deletions
Show Stats Expand all files Collapse all files

2
_service
View File

@ -3,7 +3,7 @@
<param name="url">https://github.com/trufflesecurity/trufflehog.git</param>
<param name="scm">git</param>
<param name="revision">main</param>
<param name="version">v3.88.15</param>
<param name="version">v3.81.10</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
</service>

2
_servicedata
View File

@ -1,4 +1,4 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/trufflesecurity/trufflehog.git</param>
<param name="changesrevision">00ba5a6cd56af7a8e907ae2514a10557cda77a37</param></service></servicedata>
<param name="changesrevision">17f6c98119fadbf019540ef6c76632cf5633d5c6</param></service></servicedata>

3
trufflehog-3.81.10.obscpio Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7fd233766cc0eed0385867043d4fcfae6d12bcb5dc3e669ff1a3eb966fe466a3
size 12038669

3
trufflehog-3.88.15.obscpio
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2316e8c10934fed2074c8095a61c20e5c2f3b8d2455593e35e59e17cccb00ae9
size 17283597

695
trufflehog.changes
View File

@ -1,698 +1,3 @@
-------------------------------------------------------------------
Thu Mar 06 09:26:37 UTC 2025 - felix.niederwanger@suse.de
- Update to version 3.88.15:
* Add terminal output for analyze, if detector support it (#3959)
* chore(deps): update golang docker tag to v1.24 (#3950)
* uncommte plaidkey detector (#3953)
* Enumeration jobs should not consume concurrency slots (#3952)
* Feature: Airtable Analyzer for Personal Access Tokens (#3941)
* [Feat] Planetscale Analyzer (#3928)
-------------------------------------------------------------------
Mon Mar 03 14:30:27 UTC 2025 - felix.niederwanger@suse.de
- Update to version 3.88.14:
* chore(deps): update dependency go to v1.24.0 (#3944)
* Updated custom detector setup docs (#3913)
* Updated returned error to include original error (#3949)
* check for invalid_grant to avoid setting verification error (#3935)
* [bug] - Ensure detector HTTP clients share the same timeout set at runtime (#3946)
* fix(deps): update module google.golang.org/protobuf to v1.36.5 (#3943)
* fix(deps): update module go.mongodb.org/mongo-driver to v1.17.3 (#3942)
* fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.6 (#3940)
* Feature: Airtable Personal Access Token Detector (#3933)
* fix(deps): update module github.com/elastic/go-elasticsearch/v8 to v8.17.1 (#3937)
* Enable GitHub Realtime authentication (#3929)
* fix(deps): update module github.com/couchbase/gocb/v2 to v2.9.4 (#3936)
* elevenlabs analyzer (#3850)
-------------------------------------------------------------------
Tue Feb 25 13:42:29 UTC 2025 - felix.niederwanger@suse.de
- Update to version 3.88.13:
* [Feat] DigitalOcean Analyzer (#3932)
* Remove duplicate `github.com/golang-jwt/jwt` dependency (#3930)
* Postman workspace enumeration (#3925)
-------------------------------------------------------------------
Fri Feb 21 18:42:55 UTC 2025 - felix.niederwanger@suse.com
- Update to version 3.88.12:
* fix(deps): update module github.com/xo/dburl to v0.23.3 (#3898)
* fix(deps): update module github.com/google/go-containerregistry to v0.20.3 (#3897)
* Remove duplicate `github.com/jedib0t/go-pretty` dependency (#3924)
-------------------------------------------------------------------
Thu Feb 20 07:53:55 UTC 2025 - felix.niederwanger@suse.de
- Update to version 3.88.11:
* [Feature] Airtable Analyzer for OAuth Tokens (#3879)
* Updated Sendgrid Analyzer (#3906)
* Export git.handleBinary and getSafeRemoteURL (#3921)
* refactor(handlers): move timeout to archive file (#3918)
* Updated job completion status for Postman (#3922)
-------------------------------------------------------------------
Wed Feb 19 13:15:02 UTC 2025 - felix.niederwanger@suse.de
- Update to version 3.88.10:
* updated go-re2 to v1.9.0 to fix panics for go1.24 (#3923)
-------------------------------------------------------------------
Wed Feb 19 07:19:38 UTC 2025 - felix.niederwanger@suse.de
- Update to version 3.88.10:
* remove magnetic from default (#3920)
* Replace `golang.org/x/exp` with stdlib (#3916)
* Differentiate postman folder from request when at collection root (#3912)
* add protos for github realtime (#3911)
* Make log command extensible internally (#3888)
* Implemented collection authorization scanning (#3910)
* [tempfix] - add bounds check check to avoid panics (#3867)
* feat(azure): log unhandled error codes (#3865)
* fixed uri regex issue (#3815)
* anthropic api key analyzer (#3878)
* [Update] Fixed the Return of the GCP Detector (#3905)
* Add Jenkins happy-path logging (#3908)
* Reinstated Postman body scanning (#3904)
* [Feat] implementation Notion analyzer (#3869)
* Fix double summary printing introduced in 03ca8aaa08 (#3903)
* [fix] False Positive Verification in Auth0oauth Detectors (#3901)
* dockerhub analyzer (#3861)
* updated openai analyzer output (#3902)
- Update to version 3.88.9
* [tempfix] - add bounds check check to avoid panics (#3867)
* Implemented Postman collection authorization scanning (#3910)
* Make log command extensible internally (#3888)
* Add protos for GitHub Realtime (#3911)
- Update to version 3.88.8
* Reinstated Postman body scanning (#3904)
* Add Jenkins happy-path logging (#3908)
* [Update] Fixed the Return of the GCP Detector (#3905)
* anthropic api key analyzer (#3878)
* fixed uri regex issue (#3815)
* Update Azure Refresh Token errors (#3865)
- Update to version 3.88.7
* optimized and updated mailgun analyzer (#3899)
* updated openai analyzer output (#3902)
* dockerhub analyzer (#3861)
* [fix] False Positive Verification in Auth0oauth Detectors (#3901)
* Fix double summary printing (#3903)
* [Feat] implementation Notion analyzer (#3869)
-------------------------------------------------------------------
Tue Feb 11 07:18:11 UTC 2025 - felix.niederwanger@suse.de
- Update to version 3.88.6:
* optimized and updated mailgun analyzer (#3899)
* fix(deps): update module github.com/go-ldap/ldap/v3 to v3.4.10 (#3896)
* fix(deps): update module github.com/go-git/go-git/v5 to v5.13.2 (#3895)
* fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.8 (#3894)
* fix(deps): update module github.com/aws/aws-sdk-go to v1.55.6 (#3893)
* chore(deps): update dependency go to v1.23.6 (#3889)
* fixed square analyzer client error (#3887)
* Merge analyze tui with trufflehog tui (#3735)
* Exported Ahocorasick core in engine (#3880)
* fixed sourcegraph analyzer (#3877)
-------------------------------------------------------------------
Fri Feb 07 10:39:37 UTC 2025 - felix.niederwanger@suse.com
- Update to version 3.88.5:
* fix(deps): update github.com/tailscale/depaware digest to b748de0 (#3883)
* Feature: Airtable OAuth Detector (#3868)
* disable noisy detector (#3876)
* Compress release with UPX (#3456)
* Use smaller array to count commits in the GHA action (#3864)
* [SCAN-165] Use Err Reporting (#3862)
* [Feat] PrivateKey Analyzer (#3854)
* fix base on initial commits (#3586)
* feat(detectors): create azure refresh token (#2978)
* Enable Auth0 (#3857)
-------------------------------------------------------------------
Fri Jan 31 10:48:12 UTC 2025 - felix.niederwanger@suse.de
- Update to version 3.88.4:
* Support exclude regexes, excludewords, and entropy filters for custom detectors (#3860)
* Update postman metadata (#3852)
-------------------------------------------------------------------
Thu Jan 30 07:13:22 UTC 2025 - felix.niederwanger@suse.de
- Update to version 3.88.3:
* [Fix] use unrestricted http client only for non-safe requests (#3847)
* update jenkins err message (#3855)
* use first capture group in custom detector regex if available (#3853)
* fix typo (#3846)
* fixed sentry auth token detector (#3827)
* Removed global variable scanning implementationfor Postman (#3843)
* raw (#3845)
* fix(ngrok): panic from broken pattern (#3844)
* chore(detectors): remove match len check (#2746)
* feat(uri): update detector (#3656)
* fix import issue (#3842)
* create new unrestricted analyzer client to not filter out unsafe success requests (#3841)
* issue:3838 - fixed common email pattern (#3840)
* Run detector tests from test workflow #3839
* chore: run unit tests (#3773)
* fixed jirav1 detector email pattern (#3826)
* Support for Customize Endpoint in Gitlab Analyzer (#3832)
-------------------------------------------------------------------
Sat Jan 11 20:58:18 UTC 2025 - felix.niederwanger@suse.com
- Update to version 3.88.2:
* oss-87: added new sanity detector (#3836)
* Update log for large s3 file (#3835)
* [chore] Use static token in GitHub source (#3834)
-------------------------------------------------------------------
Tue Jan 07 19:03:23 UTC 2025 - felix.niederwanger@suse.com
- Update to version 3.88.1:
* added token_revoke status condition in slack api detector (#3831)
* feat(scrapingbee): tweak detections (#3820)
* [chore] - remove resumption option (#3830)
* Deprecated RockSet and RestPack detectors (#3812)
* fix(deps): update module github.com/go-git/go-git/v5 to v5.13.0 [security] (#3829)
* stop using context.TODO in archive handler (#3809)
* fixed bombbomb detector pattern test as part of issue 3817 (#3825)
* fixed github issue 3821 for string shannon entropy test (#3824)
* fixed github issue 3819 for endpoint customizer tests (#3823)
* fixed github issue 3774 for custom detector secret size (#3816)
-------------------------------------------------------------------
Mon Dec 23 06:44:33 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.88.0:
* Implement verification cache (#3801)
* fix(deps): update module github.com/googleapis/gax-go/v2 to v2.14.1 (#3805)
* fix(deps): update module google.golang.org/api to v0.214.0 (#3806)
* [Fix] detector's integration tests starting with alphabet 'm' (#3807)
* Disabled blocknative detector (#3804)
* fixed website pulse detector integration tests (#3776)
* fixed netlify detector integration tests (#3797)
* fixed integration test for neutrinoapi detector (#3796)
* fixed integration test for opsgenie detector (#3795)
* fixed plivo detector integration test (#3794)
* Update docs from --only-verified with --results (#3798)
* Added new detector for Twilio APIKey (#3803)
-------------------------------------------------------------------
Thu Dec 19 09:54:15 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.87.2:
* fix(deps): update module golang.org/x/net to v0.33.0 [security] (#3800)
* [fix] - integer types (#3793)
-------------------------------------------------------------------
Wed Dec 18 15:37:48 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.87.0:
* fix(deps): update module github.com/elastic/go-elasticsearch/v8 to v8.17.0 (#3789)
* fix const type (#3792)
* fix(deps): update module google.golang.org/api to v0.213.0 (#3790)
* fix(deps): update golang.org/x/exp digest to b2144cd (#3788)
* fix(deps): update module google.golang.org/protobuf to v1.36.0 (#3787)
* fix(deps): update module google.golang.org/api to v0.212.0 (#3786)
* fix(deps): update github.com/mholt/archives digest to 23e0af8 (#3785)
* fix(deps): update golang.org/x/exp digest to 4a55095 (#3779)
* fix(deps): update module github.com/go-ldap/ldap/v3 to v3.4.9 (#3781)
* feat(engine): make |detectionTimeout| configurable (#3768)
* updated pusher channel key detector and fixed it's integration tests (#3782)
* fix: corrected verification endpoint & validation logic for bombbomb (#3462)
* fix test (#3780)
* fix(deps): update module pault.ag/go/debian to v0.18.0 (#3778)
* fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.5 (#3777)
* fixed vouchery detector integration tests (#3775)
* updated and added pattern tests for detectors w-z (#3771)
* updated and fixed typeform detectors (#3769)
* [UPDATE] Updated plaidkey detector results, and added uniqueness check (#3709)
* Added pattern unit tests for detectors starting with the letters r through s (#3752)
-------------------------------------------------------------------
Thu Dec 12 08:00:04 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.86.1:
* updated tickettailor detector (#3766)
* fix(deps): update module golang.org/x/crypto to v0.31.0 (#3767)
* fix(deps): update golang.org/x/exp digest to 1829a12 (#3761)
* [refactor] - s3 metrics (#3760)
* [Fix] detector's integration tests starting with alphabet 'g' (#3765)
* [Fix] detector's integration tests starting with alphabet 'e' & 'f' (#3764)
* updated testingbot detector and it's integration tests (#3763)
* fix(deps): update module google.golang.org/api to v0.211.0 (#3759)
* fix(deps): update golang.org/x/exp digest to 1443442 (#3758)
-------------------------------------------------------------------
Tue Dec 10 19:57:40 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.86.0:
* Add new detector for Twitch OAuth Access Tokens (#3756)
* Fix SatisMeter Detector (#3692)
* updated and added pattern tests for detectors t-v (#3753)
* Fixed stripe detector integration tests (#3754)
* fixed scrapingAnt detector (#3736)
* [chore] - Upgrade `Archiver` dependency (#3743)
* fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.4 (#3751)
* fixed slack detector integration tests (#3748)
* fixed skybiometery detector and integration tests (#3747)
* [Fix] detector's integration tests starting with alphabet 'd' (#3750)
* [Fix] detector's integration tests starting with alphabet 'c' (#3749)
* [Fix] detector's integration tests starting with alphabet 'b' (#3746)
* [Fix] detector's integration tests starting with alphabet 'A' (#3745)
* fixed shopify integration test (#3744)
-------------------------------------------------------------------
Mon Dec 09 08:54:36 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.85.0:
* chore(deps): update alpine docker tag to v3.21 (#3739)
* fix(deps): update module github.com/microsoft/go-mssqldb to v1.8.0 (#3741)
* fix(deps): update module cloud.google.com/go/storage to v1.48.0 (#3740)
* fix(deps): update golang.org/x/exp digest to 43b7b7c (#3737)
* fix(deps): update module github.com/snowflakedb/gosnowflake to v1.12.1 (#3738)
* fix(deps): update module google.golang.org/api to v0.210.0 (#3732)
* fix(deps): update module golang.org/x/crypto to v0.30.0 (#3733)
* feat: replace --only-verified with --results in docs/precommit (#3643)
* updated twilio detector (#3734)
* Add analysis info for GCP creds (#3727)
* fix(deps): update module golang.org/x/text to v0.21.0 (#3731)
* fix(deps): update module golang.org/x/sync to v0.10.0 (#3730)
* feat(typeform): add v2 detector for new key formats (#3660)
* chore(deps): update dependency go to v1.23.4 (#3726)
* fix(deps): update module github.com/getsentry/sentry-go to v0.30.0 (#3725)
* Add additional canary ID (#3720)
-------------------------------------------------------------------
Mon Dec 02 20:39:09 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.84.2:
* Auto packing the repository in background for optimum performance.
* See "git help gc" for manual housekeeping.
* fix(deps): update module github.com/aymanbagabas/go-osc52 to v2 (#3715)
* [refactor] - `detectorKeywordMatcher` initialization (#3687)
* fix typo (#3683)
* upgrade Github dep (#3699)
* Added how to scan a local git repo (#3593)
* Add Flexport detector (#3633)
* add pkg level doc (#3684)
* Improved cloudflarecakey detector (#3688)
* fixed and updated satismeterwritekey detector (#3693)
* feat(cli): fine-grained log level (#3703)
* fixed scalr detector integration test (#3707)
* Fix/saucelabs detector (#3696)
* fixed issue#3701 (#3711)
* added and updated pattern tests for detectors starting from p to q (#3710)
* fix(deps): update module github.com/wasilibs/go-re2 to v1.8.0 (#3695)
* updated the function names of new pattern tests for detetors n through o (#3691)
* fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.3 (#3690)
* Added pattern unit tests for detectors starting with the letters n through o (#3685)
* fixed api flash detector (#3666)
* [feat] - S3 metrics (#3577)
* chore(deps): update jaxxstorm/action-install-gh-release action to v1.14.0 (#3672)
* fix(deps): update module github.com/couchbase/gocb/v2 to v2.9.3 (#3682)
* Add Scan method to SourceManager to scan a single SourceUnit (#3650)
* [scan-9] Update enumeration logic (#3626)
* test: fix multiple package names (#3661)
-------------------------------------------------------------------
Sun Nov 24 08:36:57 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.84.1:
* fix(deps): update module github.com/stretchr/testify to v1.10.0 (#3659)
* [feat] - Support S3 Source Resumption (#3570)
* [refactor] - Rename S3 ProgressTracker (#3652)
* Separate org listing error from finding 0 members error cases (#3654)
* fix(deps): update module google.golang.org/api to v0.209.0 (#3655)
* fix(algolia): 403 is invalid (#3653)
* Recover general chunker panics (#3625)
* updated buildkite detectors (#3611)
* added godaddy detector (#3615)
* fix(deps): update module google.golang.org/api to v0.208.0 (#3647)
* fix test (#3641)
* fixed test failure (#3646)
* fix(gcp): handle quoted JSON (#2865)
* build: remove golang-jwt@v4 (#3644)
* build: remove azure sdk (#3642)
* feat(algolia): upgrade detector (#3613)
* fix(azure_storage): use DefaultMultiPartCredentialProvider (#3639)
* feat(hubspot): update v1 detector (#2845)
* fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.3.2 (#3617)
* feat(azurecr): update detector (#3632)
* feat(azure): improve connstring matching (#2097)
* fixing databricks detector for azure workspaces (#3038)
* feat(detectors): create azure_entra base package (#2985)
* feat(azure): create openai detector (#2347)
* feat: cleanup AWS detector logic (#3583)
* added handling of forbidden state in slack webhook detector. (#3635)
* fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.7 (#3636)
* fixed github classic token analyzer expiry time (#3624)
* fix(deps): update module google.golang.org/api to v0.207.0 (#3630)
* Add log.ToLogger and log.ToSlogger helper functions (#3629)
* Remove unused findLevel function (#3628)
* chore: fix function name in comment (#3616)
* Update CODEOWNERS (#3627)
* Added pattern unit tests for detectors starting with the letters i through m (#3614)
* fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.2 (#3623)
* fix(deps): update module github.com/xanzy/go-gitlab to v0.114.0 (#3621)
* feat(mongodb): increase timeout to 5 seconds (#3620)
* [chore] Log non-fatal errors encountered during a scan (#3612)
* add comment to close reader (#3622)
* [fix] - Close the BufferedReadSeekr after use (#3618)
* Add GitLab shared exclusion flag (#3572)
* Feat: Added ZohoCRM detector (#3516)
-------------------------------------------------------------------
Sun Nov 17 12:32:43 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.83.7:
* chore: fix typos in comments and tests; enable misspell (#3573)
* [feat] - S3 Progress Tracker (#3568)
* [feat] - Introduce Fatal/Non-Fatal File Handling Errors (#3521)
* [refactor] - Add DataOrErr (#3520)
* [refactor] - Adjust File Handling Errors (#3519)
* [fix] - Improve UTF8 decoder's handling of non-printable characters (#3588)
* [bug] - correctly capture db type for postgres detector (#3610)
* Add support for scanning APK files (#3517)
* feat(opsgenie): update detector (#3608)
* fix(deps): update module google.golang.org/api to v0.206.0 (#3609)
* fix(deps): update module cloud.google.com/go/storage to v1.47.0 (#3607)
* fix(deps): update module github.com/elastic/go-elasticsearch/v8 to v8.16.0 (#3606)
* fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.12.0 (#3600)
* chore(deps): update jaxxstorm/action-install-gh-release action to v1.13.0 (#3599)
* fix(deps): update module golang.org/x/oauth2 to v0.24.0 (#3605)
* build: upgrade go-debian to v0.17.0 (#3603)
* fix(deps): update module google.golang.org/protobuf to v1.35.2 (#3604)
* fix(deps): update module github.com/googleapis/gax-go/v2 to v2.14.0 (#3601)
* fix(deps): update module github.com/schollz/progressbar/v3 to v3.17.1 (#3598)
* golangci-lint: replace exportloopref with copyloopvar and remove the copy of the 'for' variables (#3591)
* chore(deps): update module github.com/trufflesecurity/overseer to v1.2.8 (#3596)
* fix(deps): update golang.org/x/exp digest to 2d47ceb (#3595)
* chore(deps): update mikepenz/action-junit-report action to v5 (#3553)
* feat: added check for valid git commit and warning message (#3413)
* fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.3.1 (#3566)
* fix(deps): update module github.com/xanzy/go-gitlab to v0.113.0 (#3562)
* Add Detector Description to JSON output (#3404)
* added pattern test cases for F, G and H alphabet detectors (#3590)
* remove unused embedded struct (#3592)
* chore: increase level for verbose log (#3589)
* fix(giturl): encode % (#2982)
* chore: sort defaults.go (#3587)
* Added pattern test cases for Alphabet D and E detectors (#3584)
* feat(airtable): update detector (#3581)
-------------------------------------------------------------------
Mon Nov 11 08:33:20 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.83.6:
* chore: log false positive result as string (#3582)
* feat: log why false positives are skipped (#3579)
-------------------------------------------------------------------
Sat Nov 09 09:47:31 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.83.5:
* remove Analyze protos from gen_protos.sh #3571
* fix(jdbc): ignore invalid sqlserver URLs (#3429)
* Added pattern test cases for detectors starting with Alphabet C (#3564)
* added name back in extradata (#3569)
* feat(mailgun): update detector (#2679)
* fix(fetchrss): update detector logic (#2844)
* Add UUIDs to false positive checker (#2976)
* feat(sumologic): update detector (#3511)
* fix(mongodb): ignore invalid URLs (#3440)
* fix(rabbitmq): add dial timeout (#3421)
-------------------------------------------------------------------
Thu Nov 07 11:14:46 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.83.4:
* add config option for s3 resumption (#3563)
* added pattern test cases for detectors starting with b (#3559)
* added pattern test cases for all detectors starting with Alphabet `a` (#3539)
* validate if twitter services are more than one before accessing it. (#3565)
-------------------------------------------------------------------
Wed Nov 06 09:50:46 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.83.3:
* fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.3.0 (#3561)
* [bug] - Correct Line Number Calculation (#3550)
* set verification error if failed to decode body (#3560)
* Add owner to github tokens (#3558)
* [feat] - Add Weights and Biases detector (#3551)
* [chore] - minor cleanup S3 source (#3554)
* fix(deps): update module github.com/golang-jwt/jwt/v4 to v4.5.1 (#3555)
* stop logging all GitLab projects (#3541)
* fix(deps): update module cloud.google.com/go/storage to v1.46.0 (#3544)
* fix(deps): update module github.com/snowflakedb/gosnowflake to v1.12.0 (#3531)
* fix(deps): update module google.golang.org/api to v0.204.0 (#3543)
* fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.3 (#3540)
-------------------------------------------------------------------
Thu Oct 31 15:29:58 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.83.2:
* fixed gitlab extradata overwriting (#3537)
-------------------------------------------------------------------
Thu Oct 31 10:46:20 UTC 2024 - Felix Niederwanger <felix.niederwanger@suse.de>
- Update to version 3.83.1:
* standardize email pattern (#3524)
* strip symbol table and DWARF generation (#3534)
* gcp cred not set (#3535)
-------------------------------------------------------------------
Thu Oct 31 08:07:23 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.83.0:
* fix(deps): update module github.com/brianvoe/gofakeit/v7 to v7.1.2 (#3536)
* gcp cred not set (#3535)
* strip symbol and DWARF tables (#3534)
* standardize email pattern (#3524)
* Add Scanning team to CODEOWNERS (#3533)
* stop logging detailed group info (#3532)
* [analyze] Add Analyzer interface for Gitlab (#3232)
* [feat] Gitlab inclusion globbing (#3500)
* feat: added `v3` API version for the detector `captaindatago` (#3484)
* update aws descriptions (#3529)
* enforce timeout on circleci test (#3528)
* rm snifftest (#3527)
* Redact more source credentials (#3526)
* Create global log redaction capability (#3522)
* Adding basic "what is trufflehog" to the readme (#3514)
* Handle custom detector response and include in extra data (#3411)
* fix: fixed validation logic for `calendarific` (#3480)
* fix(deps): update github.com/tailscale/depaware digest to 3d7f3b3 (#3518)
* Move DecoderType into ResultWithMetadata #3502
* Addeded 403 account block status code handling for gitlab (#3471)
* updated gcpapplicationdefaultcredentials detector results with RawV2 (#3499)
* fix(deps): update module github.com/brianvoe/gofakeit/v7 to v7.1.1 (#3512)
* fix(deps): update module github.com/schollz/progressbar/v3 to v3.17.0 (#3510)
* fix(deps): update module cloud.google.com/go/secretmanager to v1.14.2 (#3498)
-------------------------------------------------------------------
Fri Oct 25 19:54:55 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.82.13:
* Adds a logging section in the contributing guidelines (#3509)
* fix: fixed verifcation pattern logic for `bulksms` (#3478)
* Extend `algoliaadminkey` with additional checks (#3459)
* fix(deps): update module google.golang.org/api to v0.203.0 (#3497)
* fix: added correct api endpoint for verification & logic for Aeroworkflow (#3435)
* remove debug log (#3505)
* delete unused code (#3504)
* fix: added correct verification endpoint & validation logic for alegra (#3437)
* fix(deps): update module google.golang.org/api to v0.202.0 (#3496)
* chore: re-order log context fields (#3430)
* fix(deps): update module github.com/fatih/color to v1.18.0 (#3492)
* feat: validation & verification fix for apiscience to apimetrics (#3475)
* fix: fixed validation logic for `cannyio` (#3482)
* update error messages (#3490)
-------------------------------------------------------------------
Tue Oct 22 06:46:20 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.82.12:
* [fix] - Inadvertent s3 body close (#3491)
* Remove proto (#3489)
* fix(deps): update testcontainers-go monorepo to v0.34.0 (#3488)
* fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.1 (#3487)
* Extract FP logic correctly at other call site #3476
* fix(deps): update module go.uber.org/mock to v0.5.0 (#3468)
* fix(deps): update module cloud.google.com/go/storage to v1.45.0 (#3467)
* increase timeout to 30s (#3422)
* Update yousign detector endpoints to check againt prod and staging urls (#3426)
* fix: fixed autoklose verification endpoint (#3447)
* fix: fixed verification logic & endpoint for AyrShare (#3452)
-------------------------------------------------------------------
Fri Oct 18 12:24:31 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.82.11:
* fix timeout (#3460)
* Revert "Compress release with UPX (#3445)" (#3455)
* Compress release with UPX (#3445)
* ignore https as false postive for slackwebhook detector (#3425)
-------------------------------------------------------------------
Wed Oct 16 06:24:21 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.82.9:
* fix(deps): update module github.com/prometheus/client_golang to v1.20.5 (#3412)
* fix: include integration test in generate.go (#3415)
* Add feature flags to CLI args (#3359)
* fix(deps): update module google.golang.org/api to v0.201.0 (#3416)
* feat: add github comments timeframe filtering (fixes #3388) (#3390)
* [fix] - resource leak (#3402)
* [detector] Implemented Box Detector (#3242)
* feat: propagate file info in log context (#3405)
* fix(deps): update module github.com/xanzy/go-gitlab to v0.112.0 (#3410)
* fix(deps): update module github.com/getsentry/sentry-go to v0.29.1 (#3408)
* fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.6 (#3407)
-------------------------------------------------------------------
Sat Oct 12 14:36:22 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.82.8:
* Update SaladCloud description (#3399)
* fix tests (#3400)
* [chore] Update custom detector default description (#3398)
* add description to salad (#3397)
* Add detector for SaladCloud API Keys (#3273)
* fix(deps): update module github.com/xanzy/go-gitlab to v0.111.0 (#3393)
* Add SliceContainsString common util (#3395)
* fix: pr template link to golangci-lint (#3392)
* fix(deps): update golang.org/x/exp digest to f66d83c (#3389)
* Separate detector tests into unit/integration (#3274)
* Manually upgrade github dep (#3387)
* Updated Fastly Personal Token Detector (#3386)
* fix(deps): update module google.golang.org/api to v0.200.0 (#3391)
* [Fix] Snowflake privatelink Support (#3286)
* Enhanced the easyinsight detector (#3384)
-------------------------------------------------------------------
Tue Oct 08 09:21:03 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.82.7:
* Log skipped files on debug level (#3383)
* build: update retracted bluemonday ver (#3369)
* Fix git binary handling and add a smoke test (#3379)
* fix(deps): update module google.golang.org/protobuf to v1.35.1 (#3382)
* Added Cisco Meraki API Key detector (#3367)
* improved the agora detector (#3360)
* fix(deps): update module github.com/xanzy/go-gitlab to v0.110.0 (#3376)
* fix(deps): update golang.org/x/exp digest to 225e2ab (#3371)
* fix(deps): update module golang.org/x/net to v0.30.0 (#3373)
* fix(deps): update module golang.org/x/crypto to v0.28.0 (#3372)
* chore(deps): update sigstore/cosign-installer action to v3.7.0 (#3368)
* fix(deps): update module cloud.google.com/go/storage to v1.44.0 (#3366)
* fix(deps): update module github.com/schollz/progressbar/v3 to v3.16.1 (#3365)
* [refactor] - Decouple Metrics From Cache Implementation (#3355)
* fix(deps): update module github.com/snowflakedb/gosnowflake to v1.11.2 (#3363)
* Updated Cosign Install URL (#3364)
* fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.0 (#3361)
* Added Pattern test cases for detectors (#3354)
* remove size check (#3351)
* fix(deps): update module go.mongodb.org/mongo-driver to v1.17.1 (#3357)
* [chore] - Rename memory cache package to 'simple' for clarity (#3352)
* Fixed github oauth2 token detector (#3353)
-------------------------------------------------------------------
Tue Oct 01 08:05:06 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.82.6:
* [feat] - Add SizedLRU Cache (#3344)
* [bug] - Recover From Panic During Archive Handling (#3348)
* [fix] - Use Parent Context in Azure Detector (#3346)
* [chore] - update Go version to 1.23.0 (#3340)
* disable secret scans for community PRs (#3343)
* Enhanced the eraser detector to handle new status code from verification API (#3342)
* [feat] - Add Generic Hasher Interface with Blake2b Implementation (#3337)
* [fix] Move detector initialization to DefaultDetectors function (#3341)
* Improve process cleanup (#3339)
* fix(decoder): prevent race (#3031)
* Add named params to interface methods (#3335)
-------------------------------------------------------------------
Thu Sep 26 08:17:06 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.82.5:
* fix(deps): update module google.golang.org/api to v0.199.0 (#3336)
* [chore] Ensure testing Endpoints() doesn't silently pass on change (#3334)
* [fix] Correctly initialize detectors with cloud endpoint customization (#3333)
* RailwayApp Detector (#3331)
* fix(deps): update module github.com/couchbase/gocb/v2 to v2.9.2 (#3332)
* Adding Descriptions (#3258)
* update timeout to 60s (#3330)
* Include all detector tests for captain (#3329)
* Use captain for test aggregation (#3328)
* [Fix] (#3306)
* fix(deps): update module google.golang.org/api to v0.198.0 (#3323)
* Endpoint customizer refresh (#3308)
* Ignore glTF & JPEG XL files (#3325)
* fix(deps): update module golang.org/x/oauth2 to v0.23.0 (#3322)
* fix(deps): update module go.uber.org/automaxprocs to v1.6.0 (#3321)
* fix(deps): update module go.mongodb.org/mongo-driver to v1.17.0 (#3319)
* [bug] - Improve seekability check for stdout pipes in BufferedReadSeeker (#3189)
* Improve MongoDB connection string matching (#1550)
* fix(deps): update module github.com/xanzy/go-gitlab to v0.109.0 (#3318)
* [Analyzer] Test and generated permissions for HuggingFace, Square & Stripe (#3294)
* Implement SourceUnitEnumChunker for GitHub (#3298)
* fix(deps): update module github.com/wasilibs/go-re2 to v1.7.0 (#3317)
* fix(deps): update module github.com/schollz/progressbar/v3 to v3.16.0 (#3315)
* hit em w/ a min (#3316)
* fix(deps): update module github.com/snowflakedb/gosnowflake to v1.11.1 (#3313)
* [fix] - Add Size Method to BufferedReadSeeker and Refactor Context Timeout Handling in HandleFile (#3307)
* fix(deps): update module github.com/sendgrid/sendgrid-go to v3.16.0+incompatible (#3312)
* fix(deps): update module github.com/schollz/progressbar/v3 to v3.15.0 (#3311)
* fix(deps): update module github.com/getsentry/sentry-go to v0.29.0 (#3310)
* fix(deps): update module github.com/elastic/go-elasticsearch/v8 to v8.15.0 (#3309)
* Update GitHub enumeration to report unique filtered values (#3292)
* [analyze] Add client filter to detect successful unsafe HTTP requests (#3305)
* fix(deps): update module github.com/prometheus/client_golang to v1.20.4 (#3303)
* fix(deps): update module cloud.google.com/go/secretmanager to v1.14.1 (#3301)
-------------------------------------------------------------------
Tue Sep 17 07:39:34 UTC 2024 - felix.niederwanger@suse.de
- Update to version 3.82.2:
* Instrument GitHub source with a ChunkReporter (#3296)
* fix(deps): update golang.org/x/exp digest to 701f63a (#3291)
* Add user agent suffix feature flag (#3297)
* Fix GitHub analyzer panic on empty organization name (#3295)
* Fix slice initialization error (#3293)
-------------------------------------------------------------------
Fri Sep 13 12:30:43 UTC 2024 - felix.niederwanger@suse.com
- Update to version 3.82.1:
* [analyze] Add analyzer interface for Shopify (#3226)
* [analyze] Add Analyzer for Mailgun (#3206)
* [analyze] Add Analyzer for MySQL (#3193)
* Instrument GitHub source with a UnitReporter (#3284)
* fix(deps): update module github.com/prometheus/client_golang to v1.20.3 (#3279)
* adding pypi v1 support (#3289)
* adding pypi detector (#3287)
* feature flag additional refs (#3282)
* Clarify "no decoder found for chunk" log message (#3001)
* update aha keyword (#3281)
* [chore] - remove unused method and function (#3089)
* Jira Email fix (#3061)
* fix(git): config normalization for git sources (#3278)
* Add detector for Nvidia NGC Personal Keys (#3280)
-------------------------------------------------------------------
Tue Sep 10 07:48:42 UTC 2024 - felix.niederwanger@suse.de

6
trufflehog.obsinfo
View File

@ -1,4 +1,4 @@
name: trufflehog
version: 3.88.15
mtime: 1741244276
commit: 00ba5a6cd56af7a8e907ae2514a10557cda77a37
version: 3.81.10
mtime: 1725911096
commit: 17f6c98119fadbf019540ef6c76632cf5633d5c6

4
trufflehog.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package trufflehog
#
# Copyright (c) 2025 SUSE LLC
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -17,7 +17,7 @@
Name: trufflehog
Version: 3.88.15
Version: 3.81.10
Release: 0
Summary: CLI tool to find exposed secrets in source and archives
License: AGPL-3.0-or-later

4
vendor.tar.gz
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:80f9dbd514e1ad3d7789a8c77dda3106ca8e24302b49af78c377b08f7769e852
size 23313660
oid sha256:b87f937f8ac72bde29659c982bfb164c08f4726f9ca219253c5a5627e397eac3
size 21634320