File gitleaks.changes of Package gitleaks
-------------------------------------------------------------------
Fri Apr 11 18:22:02 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 8.24.3:
* Add support for GitLab Runner Tokens (Routable) (#1820)
* bump repo version in pre-commit example (#1815)
* Fix currentLine out of bounds error (#1810)
* add support for Azure DevOps platform in SCM detection and link
(#1807)
* Add MaxMind license key rule (#1771)
* implement new openai regex pattern (#1780)
* A first attempt adding hooks.slack.com/triggers/ (#1792)
* feat(generic): tweak false-positives (#1803)
* chore: tweak logging and readme for GITLEAKS_CONFIG_TOML
feature (#1802)
* feat: add option to set config from env var with toml content
(#1662)
-------------------------------------------------------------------
Sat Mar 22 14:13:59 UTC 2025 - opensuse_buildservice@ojkastl.de
- Update to version 8.24.2 (8.24.1 was not released):
* Fix platform flag being ignored with gitleaks detect by @rgmz
in #1765
* Make AddFinding public by @bplaxco in #1767
* FIX upgrade x/crypto to 0.31.0 to get rid of CVE-2024-45337 by
@cgoessen in #1768
* Upgrade rs/zerolog, spf13/cobra, and spf13/viper by @rgmz in
#1769
* Infer report-format from report-path extension if no value is
provided by @rgmz in #1776
* generic-api-key: ignore csrf-tokens by @rgmz in #1779
* Prevent Yocto/BitBake false positives with generic-api-key rule
by @Okeanos in #1783
* Fix decoded line allowlist by @zricethezav in #1788
* Readme badge revisions by @jessp01 in #1744
* feat(regexp): use standard regexp by default, make go-re2
opt-in by @twpayne in #1798
* gore2 release tags by @zricethezav in #1801
-------------------------------------------------------------------
Thu Feb 20 08:41:06 UTC 2025 - opensuse_buildservice@ojkastl.de
- Update to version 8.24.0:
* Make paths and fingerprints platform-agnostic (#1622)
* Add Sonar rule (#1756)
* Minor false positive improvements (#1758)
* Add support for streaming DetectReader (#1760)
* chore: Update github.com/wasilibs/go-re2 to v1.9.0 (#1763)
* docs: describe extended rules take precedence over base rules
(#1563)
* feat(git): disable link generation (#1748)
* added sourcegraph token rule (#1736)
* feat(config): add rule for .p12 files (#1738)
* add deno.lock to default exclusions (#1740)
-------------------------------------------------------------------
Thu Jan 30 05:54:54 UTC 2025 - opensuse_buildservice@ojkastl.de
- Update to version 8.23.3:
* Don't exit with error if git repacking is required (#1711)
* refactor(config): use non-capture groups for allowlists (#1735)
* chore: Enhance `curl-auth-user` to detect empty usernames or
passwords (#1726)
* fix(cmd): read log-opts before GitLogCmd (#1730)
-------------------------------------------------------------------
Sat Jan 25 08:05:24 UTC 2025 - opensuse_buildservice@ojkastl.de
- Update to version 8.23.2:
* facebook keyword
* fix(meraki): restrict keyword case (#1722)
* feat(generic-api-key): detect base64 (#1598)
* great branch name (#1721)
* fix(git): remove .git suffix for links (#1716)
* chore: refine generic-api-key fps + trace logging (#1720)
* fix(generate): move newline out of char range (#1719)
* newline literal (#1718)
* build: support either stdlib or 3rd-party regexp (#1706)
* chore(detect): update trace logging (#1713)
* feat(git): redact passwords from remote URL (#1709)
* feat(git): include link in report (#1698)
* chore: reduce generic-api-key fps (#1707)
* blorp
* added new rule for cisco meraki api key (#1700)
* feat: general fp tweaks (#1703)
* chore(generate): use \x60 instead of literal (#1702)
* chore(regex): simplify secretPrefix, suffix (#1620)
* update version for pre-commit in README.md (#1699)
-------------------------------------------------------------------
Wed Jan 15 13:21:15 UTC 2025 - opensuse_buildservice@ojkastl.de
- Update to version 8.23.1:
* chore(gcp): add firebase example keys to the gcp-api-key
allowlists (#1635)
* fix: unaligned 64-bit atomic operation panic (#1696)
* force push to master everyday
* feat(config): disable extended rule (#1535)
* style: prevent globbing and word splitting (#1543)
* refactor(generic-api-key): remove hard-coded 'magic' (#1600)
* chore(generate): add failing test case (#1690)
-------------------------------------------------------------------
Mon Jan 13 15:55:07 UTC 2025 - opensuse_buildservice@ojkastl.de
- Update to version 8.23.0:
* feat(generate): use multiple allowlists (#1691)
* chore(rules): include fps in reference (#1471)
* Add comma as operator for GenerateSemiGenericRegex (#1679)
* refactor: central logger (#1692)
* friendship ended with tines
-------------------------------------------------------------------
Tue Dec 31 10:22:01 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.22.1:
* Entropy trace (#1659)
* build: add 'toolchain' to go.mod (#1682)
* refactor(detect): create readUntilSafeBoundary + add tests
(#1676)
* twitter really does suck ass now
* chore(tests): test cases for generate.go (#1623)
* fix: only use non-empty secret groups (#1632)
* build: upgrade sprig v2->v3 (#1674)
* fix: generate report file even if no findings (#1673)
-------------------------------------------------------------------
Sat Dec 21 14:17:25 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.22.0:
* replace std library regex engine with go-re2 (#1669)
-------------------------------------------------------------------
Sat Dec 21 14:14:21 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.21.4:
* Update golang version to 1.23 (#1672)
* bump go in dockerfile
* log bytes (#1670)
-------------------------------------------------------------------
Fri Dec 20 06:06:58 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- add completion subpackages
-------------------------------------------------------------------
Fri Dec 20 05:58:24 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.21.3:
* go mod 1.23
* Ensure keywords are downcased (#1633)
* feat: add settlemint api keys detection (#1663)
* feat(dir): better chunking (#1665)
* feat(report): allow user-defined templates (#1650)
* Add support for GitLab routable tokens (#1656)
* Add freemius secret key detection (#1611)
* fix(kubernetes): only match 'kind: secret' (#1649)
* feat: use STDOUT when report file not specified (#1642)
* fix(dir): skip opening file&dir if allowlist matches (#1653)
* fix: increase chunk size 10kb -> 100kb (#1652)
* feat: detect sentry.io tokens in the new format (#1640)
* refactor: pre-commit hooks (#1627)
* fix(easypost): only detect tokens of correct length (#1628)
* feat(dir): continue on permission error (#1621)
* Add human readable description for curl rules (#1625)
* Add option to include `Line` field in report (#1616)
* hm
* Update README.md
* nop for stupid build
* Add new jira api token pattern (#1601)
* feat: update global & generic allowlist (#1618)
* fix(vault-service-token): ensure that TPS contains digits
(#1614)
* Generate comprehensive secret samples (#1484)
* fix(aws): detect token in url (#1615)
* fix(rules): entropy, uppercase in samples (#1593)
* feat: tweak rules (#1608)
-------------------------------------------------------------------
Tue Oct 29 14:00:10 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.21.2:
* feat(rules): create Octopus Deploy api key (#1602)
* fix(aws-access-token): only match if correct length (#1584)
* fix(config): ignore jquery/swagger w/o version (#1607)
* feat: add new GitLab tokens (#1560)
* feat(generic-api-key): tune false positives (#1606)
* Create .gitleaks.toml (#1605)
* feat(curl): tweak tps and fps (#1603)
* feat(config): ignore swagger-ui assets (#1604)
* feat(generic-api-key): exclude keywords (#1587)
* feat(okta): bump entropy to 4 (#1599)
* feat: update global allowlist (#1597)
* refactor(allowlist): deduplicate commits & keywords (#1596)
* feat(config): ignore jquery static assets (#1595)
* More rule fixes (#1586)
* chore: log skipped symlinks (#1591)
* feat: match left side of identifier (#1585)
* what secrets?
* fix(rules): add entropy (#1580)
* feat(aws): add entropy & allowlist (#1582)
* feat(rules): add 1password token (#1583)
* feat(config): add curl header rule (#1576)
-------------------------------------------------------------------
Fri Oct 18 12:19:05 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.21.1:
* feat: add curl basic auth rule (#1575)
* Update spelling in README.md (#1574)
* refactor(allowlist): use iota for condition (#1569)
* refactor(config): temporarily switch to [rules.allowlist]
(#1573)
-------------------------------------------------------------------
Tue Oct 15 15:49:31 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.21.0:
* Define multiple allowlists per rule (#1496)
* build: upgrade gitleaks/go-gitdiff to v0.9.1 (#1559)
* Fix rule extension (#1556)
* Update base config allowlist (#1555)
* feat(azure): detect Azure AD client secrets (#1199)
* chore: match gitleaks.toml anywhere (#1553)
-------------------------------------------------------------------
Fri Oct 11 08:04:45 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.20.1:
* feat(config): add placeholder regexes to global allowlist
(#1547)
* feat: add PrivateAI rule (#1548)
* Bump golang verion used in docker build to match version
specified in go.mod (#1551)
* feat: add cohere rule (#1549)
* feat(generate): generate global (#1546)
* Feat/nuget config password rule (#1540)
-------------------------------------------------------------------
Fri Oct 04 19:37:49 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.20.0:
* Make private key check less greedy and include fifth dash
(#1440)
* print tags if they exist
* Decode Base64 (#1488)
* refactor(config): keyword map (#1538)
* fix: use regexTarget for extend config (#1536)
* feat: bump go to 1.22 (#1537)
* fix: handle pre-commit and staged (#1533)
* Bugfix/1352 incorrect report multiple lines (#1501)
-------------------------------------------------------------------
Fri Sep 27 20:59:59 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.19.3:
* fix(config): extend allowlist & handle extend when validating
(#1524)
* refactor(kubernetes-secret): tweak variable chars (#1520)
* Revert "remove validate config test temporarily" (#1529)
* feat: create fly.io rule (#1528)
* fix: to many false-positive for gltf files, add gltf suffix to
allowlist (#1527)
* Add support in .gitleaksignore file comment strings (#1425)
(#1502)
* Restrict Etsy keywords (#1491)
* feat(github): add entropy to rule (#1489)
* feat(gcp): update api key rule (#1481)
* fix(hashicorp): ignore common fps (#1498)
* fix(square): make prefix case sensitive (#1469)
* refactor(kubernetes-secret): collapse rules and update regex
(#1462)
-------------------------------------------------------------------
Sat Sep 21 17:09:32 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.19.2:
* fix(rule): comment out errant validation case (#1509)
* remove validate config test temporarily
* Update README.md
-------------------------------------------------------------------
Sat Sep 14 10:43:20 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.19.1:
* fix flag access (#1506)
-------------------------------------------------------------------
Sat Sep 14 10:38:06 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.19.0:
* Deprecate `detect` and `protect`. Add `git`, `dir`, `stdin`
(#1504)
* Update Harness rules to add _ and - in the account ID part.
(#1503)
* chore: fix gl workflow error (#1487)
* Make config generation utils public (#1480)
* Update Hashicorp Vault token pattern (#1483)
* feat(config): update rule validation (#1466)
* Update .gitleaksignore
* fix(detect): handle EOF with bytes (#1472)
* Added poetry.lock to default allowlist paths (#1474)
* refactor(sarif): remove |name| and change |shortDescription|
(#1473)
* Use rule id for config validation error (#1463)
* Use first non-empty group if `secretGroup` isn't set (#1459)
* chore: remove unnecessary capture groups (#1460)
* Return non-0 exit code from `DetectGit` (#1461)
* add gradle verification-metadata.xml to global allowlist
(#1446)
* feat(openshift): add user token (#1449)
* (feat): Adding secret detection rule for Kubernetes secrets
(#1454)
* add version to default
* Add go.work and go.work.sum to global allowlist (#1353)
* Add harness PAT and SAT rules (#1406)
* Update README.md
-------------------------------------------------------------------
Fri Jun 14 18:14:02 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.18.4:
* Limit hashicorp-tf-password to .tf/.hcl files (#1420)
* rm print
* reduce telegram... todo url and xml for later
* coderabbit.ai <3
* Add NewRelic insert key detection (#1417)
* Improved Telegram bot token rule regex and added more test
cases (#1404)
* Add intra42 client secret (#1408)
-------------------------------------------------------------------
Sat Jun 01 15:28:13 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 8.18.3:
* extend FB access token discovery (#1407)
* tests: scalingo validation consistent test (#1359)
* add real (test) standard and restricted keys (#1375)
* Add Cloudflare API and Origin CA keys (#1374)
* Update "contributing guidelines" link (#1390)
* add update token from square (#1370)
* feat: facebook secret, access token, and page access token
rules (#1372)
* update mailchimp with new tokens (#1376)
* Append ordered rules when extending (#1304)
* fix: age rule id with dashes (#1349)
* patching golang.org/x/text for CVE-2021-38561 and
CVE-2022-32149 (#1342)
* Use latest base images. (#1334)
-------------------------------------------------------------------
Sun May 5 15:19:43 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
- Update to version 8.18.2:
* Remove IAM identifiers for non-credential resources in the
aws-access-token rule
* Update stripe rule to not alert on publishable keys
* --max-target-megabytes flag now supported for --no-git flag as
well
* add pre-commit hook gitleaks-system
* fix errors when using protect and an external git diff tool
* rename filesystem to directory
* Enhance Secret Descriptions
* Small refactor `detect` and `sources`
* chore(config): refactor to go generate; simplify configRules
init
* pretty apparent 'protect' and 'detect' should be merged into
one command
* style: sort the stopwords
-------------------------------------------------------------------
Sat Nov 25 19:45:50 UTC 2023 - Dirk Müller <dmueller@suse.com>
- update to 8.18.1:
* dont crash on 100gb files pls (#1292)
* remove secretgroup from default config (#1288)
* feat: Hashicorp Terraform fields for password (#1237)
* perf: avoid allocations with
`(*regexp.Regexp).MatchString` (#1283)
* refactor: more explicit rules (#1280)
* bugfix: reduce false positives for stripe tokens by
using word boundaries in regex (#1278)
* add Infracost API rule (#1273)
* refactor: simplify test asserts (#1271)
* Update Makefile
* refactor: change detect tests to t.Fatal instead of
log.Fatal (#1270)
* feat(rules): Add detection for Scalingo API Token
(#1262)
* feat(jwt): detect base64-encoded tokens (#1256)
* feat: add --ignore-gitleaks-allow cmd flag (#1260)
* switch out libs (#1259)
* fix: no-color option should also affect zerolog
(#1242)
* Fixed lineEnd indexing if the match is the whole line
(#1223)
* feat: Add optional redaction value, default 100
(#1229)
* fix(jwt): longer segment lengths (#1214)
* Added yarn.lock file to default allowlist paths
(#1258)
* Update README.md
* feat(rules): make case insensitivity optional (#1215)
* feat(rules): detect Hugging Face access tokens
* Resolve #1170 - Enable selection of a single rule
(#1183)
* Update authress.go to include alternate form account
dash (-) (#1224)
* refactor: remove unnecessary removing temp files in
tests (#1255)
* refactor: use os.ReadFile instead of os.Open +
io.ReadAll (#1254)
* fix(sumologic): improve patterns (#1218)
* Fix inconsistent generated values in config
* feat: add JFrog API and Identity keys
* Add entropy check to plaid client/secret ID rules
* Update config template logic
* Include entropy in Plaid rule file
* refactor: fix #722 properly
* Add `REDACTED` to stopwords for `generic-api-key` rule
* Add detection for Snyk tokens
* Add makefile variable detections
* chore: update deps to fix solaris #1158
* Add junit report format
* Ignore all comits when `.gitleaksignore` fingerprint lacks
SHA
* Improved global exclusion list
* Add detection for OpenAI API keys
* Add warning for quoted `--log-opts` values
* Fixed docker run command in README.md
* add tags support for csv and sarif formats
* Update Slack token regexes
-------------------------------------------------------------------
Sat Nov 25 19:45:24 UTC 2023 - dmueller@suse.com
- Update to version 8.18.1:
* dont crash on 100gb files pls (#1292)
* remove secretgroup from default config (#1288)
* feat: Hashicorp Terraform fields for password (#1237)
* perf: avoid allocations with `(*regexp.Regexp).MatchString` (#1283)
* refactor: more explicit rules (#1280)
* bugfix: reduce false positives for stripe tokens by using word boundaries in regex (#1278)
* add Infracost API rule (#1273)
* refactor: simplify test asserts (#1271)
* Update Makefile
* refactor: change detect tests to t.Fatal instead of log.Fatal (#1270)
* feat(rules): Add detection for Scalingo API Token (#1262)
* feat(jwt): detect base64-encoded tokens (#1256)
* feat: add --ignore-gitleaks-allow cmd flag (#1260)
* switch out libs (#1259)
* fix: no-color option should also affect zerolog output (#1242)
* Fixed lineEnd indexing if the match is the whole line (#1223)
* feat: Add optional redaction value, default 100 (#1229)
* fix(jwt): longer segment lengths (#1214)
* Added yarn.lock file to default allowlist paths (#1258)
* Update README.md
* feat(rules): make case insensitivity optional (#1215)
* feat(rules): detect Hugging Face access tokens (#1204)
* Resolve #1170 - Enable selection of a single rule (#1183)
* Update authress.go to include alternate form account dash (-) (#1224)
* refactor: remove unnecessary removing temp files in tests (#1255)
* refactor: use os.ReadFile instead of os.Open + io.ReadAll (#1254)
* fix(sumologic): improve patterns (#1218)
* refactor: fix #722 properly (#1250)
* fix(plaid): include entropy in go definition (#1252)
* feat(config): update template logic (#1201)
* Add entropy check to plaid client/secret ID rules (#1213)
* feat: add JFrog API and Identity keys (#1233)
* chore(config): fix inconsistent generated values (#1200)
* Revert "Initial set of Azure secrets for #539 (#1079)" (#1197)
* Initial set of Azure secrets for #539 (#1079)
* feat(slack): update token regex (#1161)
* add tags support for csv and sarif formats (#1176)
* Fixed docker run command in README.md (#1194)
* feat: add warning for quoted --log-opts values (#1160)
* Add detection for OpenAI API keys (#1148)
* Add some useless files (#1193)
* add tests for commits
* fix broken vet, format some stuff
* add some gl ignores
* Ignore all comits when `.gitleaksignore` fingerprint lacks SHA (#1156)
* Add junit report format (#920)
* chore: update deps to fix solaris link (#1159)
* Add makefile variable detections (#1191)
* Add detection for Snyk tokens (#1190)
* Add `REDACTED` to stopwords for `generic-api-key` rule (#1188)
* Added option to specify .gitleaksignore path (#1179)
* Fix closing file in writeJson and writeSarif (#1187)
* Simplify tests by using T.TempDir (#1186)
* Fix typos in *.md, comments and logs (#1185)
* Update README.md
* Update bug_report.md
* Adding discord channel to readme
* 🐛 fix(sarif): update report to pass validator (#1167)
* fix(detect): extra secret from group before checking allowlist (#1152)
* Fix G307 warning: Deferring unsafe method "Close" on type "*os.File" (#1154)
* fix(detect): avoid panic with verbose flag (#1143)
* Fix typo (#1142)
* No color (#1136)
* Update README.md
* safer out of bounds (#1135)
* Add Authress access key format: https://authress.io/knowledge-base/docs/authorization/service-clients/secrets-scanning/ (#1131)
* Update pre-commit address and rev tag in README (#1125)
* Update gitleaks.yml
* Update README.md
* Update README.md
* Update .gitleaksignore
* Bufix/1100 protect stagged files (#1121)
* remove extra default on source option
* fix README.md !? (#1123)
* Improve rule descriptions for Stripe and Facebook access tokens (#1119)
* Add Defined Networking API Tokens (#1096)
* Update gitleaks.toml (#1116)
* Update gitleaks.yml (#1117)
* Add gradle.lockfile to allowlist (#1112)
* Update pre-commit rev tag in README (#1108)
* Add pnpm-lock.yaml and Database.refactorlo (#1109)
-------------------------------------------------------------------
Mon Mar 13 10:37:05 UTC 2023 - Johannes Kastl <kastl@b1-systems.de>
- BuildRequire go1.19; fix wrong URL and Summary
-------------------------------------------------------------------
Mon Mar 13 10:28:42 UTC 2023 - kastl@b1-systems.de
- Update to version 8.16.0:
* Feat/allowlist regex target (#1107)
-------------------------------------------------------------------
Mon Mar 13 10:28:33 UTC 2023 - kastl@b1-systems.de
- Update to version 8.15.4:
* ignore package-lock.json (#1076)
* Fix typos in README.md and CONTRIBUTING.md (#1090)
* fix: ignore baseline if path was not relative in source (#1101)
* Fix H in GitHub and update pre-commit rev tag in README (#1087)
-------------------------------------------------------------------
Mon Mar 13 10:28:23 UTC 2023 - kastl@b1-systems.de
- Update to version 8.15.3:
* Add missing GitLab token patterns (#1077)
* Fix rule for private keys (#1072)
-------------------------------------------------------------------
Mon Mar 13 10:28:13 UTC 2023 - kastl@b1-systems.de
- Update to version 8.15.2:
* remove color formatting when #1042 is encountered (#1050)
* Update README.md
* adding jwt tokens with padding format "=" (#1031)
-------------------------------------------------------------------
Mon Mar 13 10:28:03 UTC 2023 - kastl@b1-systems.de
- Update to version 8.15.1:
* include default newline pairs when calculating location (#1038)
* Add rule for fine-grained GitHub PAT (#1026)
-------------------------------------------------------------------
Mon Mar 13 10:27:54 UTC 2023 - kastl@b1-systems.de
- Update to version 8.15.0:
* Add scanning from a pipe with --pipe (#1012)
* add a few fingerprints for test data
* Add support for following symlinks (#1010)
* fix bug in readme (#1011)
-------------------------------------------------------------------
Mon Mar 13 10:27:43 UTC 2023 - kastl@b1-systems.de
- Update to version 8.14.1:
* define log-opts, odd that this wasn't failing before... (#1009)
-------------------------------------------------------------------
Mon Mar 13 10:27:34 UTC 2023 - kastl@b1-systems.de
- Update to version 8.14.0:
* add --max-target-megabytes : maximum size for a file/blob to be
scanned (#1003)
* Update USERS.md
* Update .gitleaksignore
* Update README.md
* Add detection rules for DigitalOcean tokens (#1002)
* docs: add Trendyol to users (#998)
* docs: added goreleaser to user list (#997)
* Update USERS.md (#996)
* Create USERS.md
* Exclude dacpac refactorlogs (#990)
* Output number of commits at info-level. (#991)
* Detect Slack Workflow Webhook URLs (#989)
* Upgrade go version to 1.19 (#987)
* Minor cleanup to error handling and logging (#985)
-------------------------------------------------------------------
Mon Mar 13 10:27:24 UTC 2023 - kastl@b1-systems.de
- Update to version 8.13.0:
* Update README.md
* Update .gitleaksignore
* Update README.md
* Adding quiet mode to silence banner (#852)
* Issue #980: Add support for Telegram Bot API Token (#981)
* add rule for microsoft teams webhooks (#970)
* Add baseline (#975)
* Add pre-commit autoupdate command to README.md (#978)
* refactor: more precise rule for private keys (#930)
-------------------------------------------------------------------
Mon Mar 13 10:26:17 UTC 2023 - kastl@b1-systems.de
- Update to version 8.12.0:
* update gitleaksignore
* add fingerprint to output
* Pretty output (#973)
* Update version in readme file (#972)
-------------------------------------------------------------------
Mon Mar 13 10:25:23 UTC 2023 - kastl@b1-systems.de
- Update to version 8.11.2:
* ignore empty files (#965)
-------------------------------------------------------------------
Mon Mar 13 10:25:14 UTC 2023 - kastl@b1-systems.de
- Update to version 8.11.1:
* Add grafana tokens rules (#959)
* add prefect and readme rules (#961)
-------------------------------------------------------------------
Mon Mar 13 10:25:04 UTC 2023 - kastl@b1-systems.de
- Update to version 8.11.0:
* draft: bump gitdiff, add git.Err state, better log messages
(#954)
-------------------------------------------------------------------
Mon Mar 13 10:23:25 UTC 2023 - kastl@b1-systems.de
- Update to version 8.10.3:
* Feat/add fingerprint no git (#952)
-------------------------------------------------------------------
Mon Mar 13 10:23:15 UTC 2023 - kastl@b1-systems.de
- Update to version 8.10.2:
* safe file checking (#946)
* Update README.md
-------------------------------------------------------------------
Mon Mar 13 10:23:06 UTC 2023 - kastl@b1-systems.de
- Update to version 8.10.1:
* Explicit fingerprint (#944)
-------------------------------------------------------------------
Mon Mar 13 10:22:15 UTC 2023 - kastl@b1-systems.de
- Update to version 8.10.0:
* add two test findings to gitleaksignore
* Feat/ignore finding (#938)
* add jwt rule (#943)
* bump golang test version (#942)
* gitleaks allow docs (#941)
* Add new rules for vault tokens (#919)
* Feature/add sidekiq rules (#933)
-------------------------------------------------------------------
Mon Mar 13 10:21:51 UTC 2023 - kastl@b1-systems.de
- Update to version 8.9.0:
* update readme
* add url for config
* Feature: Adding the ability to extend configuration files (#926)
* Add fix for issue #915 (#916)
* Update README.md
-------------------------------------------------------------------
Mon Mar 13 10:20:21 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.12:
* Update README.md
* Update README.md
* adding access to generic rule keywords and identifiers
* Fix proper names capitalization (#907)
* Add multi platform build (#897)
-------------------------------------------------------------------
Mon Mar 13 10:20:10 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.11:
* update twitter rule generation description and id
* capitilze twitter description
* adding travis ci
* Fix id and description for twitter tokens (#905)
* Adding okta, codecov, zendesk, and updating Atlassian's rule to
include `jira` keyword (#904)
* Fix Plaid, add Plaid access token (#903)
* adding airtable and adafruit (#902)
-------------------------------------------------------------------
Mon Mar 13 10:19:02 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.10:
* Fixes accidental type typos while translating rules from
validation spreadsheet, adds bittrex rule
-------------------------------------------------------------------
Mon Mar 13 10:18:35 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.9:
* Remove ssn allowlist (#898)
* Adding a bunch of new rules, update allowlist to include
node_modules… (#896)
* contributing guidelines first draft (#895)
* Lint python commit script to satisfy PEP8 (#893)
-------------------------------------------------------------------
Mon Mar 13 10:18:24 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.8:
* Update generate (#892)
* maintain parity with recent changes... need to create rule
contributing guidelines (#891)
* Fix duplicate TOML Rules and IDs (#889)
* Update README.md
* Update gitleaks.yml
* Update README.md
* user accounts don't need gitleaks license
* Update README.md
* Add gitleaks badge
* Create gitleaks.yml (#884)
* add link to gitleaks.io
-------------------------------------------------------------------
Mon Mar 13 10:18:13 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.7:
* fix git unsafe directory (#883)
* Limit newlines regex (#881)
-------------------------------------------------------------------
Mon Mar 13 10:18:04 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.6:
* add combo to stopwords, update cmd/generate
* Fix generic-api-key detected erroneously
(zricethezav#877) (#878)
* ignore end line when comparing generic rules (#879)
-------------------------------------------------------------------
Mon Mar 13 10:17:53 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.5:
* updating generic regex and algoia regex (#875)
* feat: add algolia key support (#866)
* Improve PlanetScale token detection (#874)
* Update README.md
* Adding JIT Security messages
* Update README.md
-------------------------------------------------------------------
Mon Mar 13 10:17:42 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.4:
* fix no-git bug (#859)
-------------------------------------------------------------------
Mon Mar 13 10:17:30 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.3:
* Removing private keyword from private key rule (#858)
-------------------------------------------------------------------
Mon Mar 13 10:17:18 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.2:
* nasty little bug (#853)
-------------------------------------------------------------------
Mon Mar 13 10:17:08 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.1:
* adding a ton of stopwords to the generic rule only as that is
the loudest rule (#851)
-------------------------------------------------------------------
Mon Mar 13 10:16:58 UTC 2023 - kastl@b1-systems.de
- Update to version 8.8.0:
* adding stopwords (#849)
-------------------------------------------------------------------
Mon Mar 13 10:16:08 UTC 2023 - kastl@b1-systems.de
- Update to version 8.7.2:
* Update dockerfile (#848)
* fix EOL in secret suffix (#847)
* unpin docker version in pre-commit hook (#832)
* Generate tps (#845)
-------------------------------------------------------------------
Mon Mar 13 10:15:59 UTC 2023 - kastl@b1-systems.de
- Update to version 8.7.1:
* maybe fix out of bounds (#843)
-------------------------------------------------------------------
Mon Mar 13 10:14:42 UTC 2023 - kastl@b1-systems.de
- Update to version 8.7.0:
* optimize keywords (#841)
* Update detect.go (#839)
* Standardize/alphabetize rules, add cmd/generate/config package
(#840)
* fix ghcr.io typo in README.md (#835)
-------------------------------------------------------------------
Mon Mar 13 10:14:24 UTC 2023 - kastl@b1-systems.de
- Update to version 8.6.1:
* normalize keyword check (#830)
-------------------------------------------------------------------
Mon Mar 13 10:14:03 UTC 2023 - kastl@b1-systems.de
- Update to version 8.6.0:
* Keyword (#825)
* doc gitleaks-docker pre-commit hook (#819)
-------------------------------------------------------------------
Mon Mar 13 10:13:22 UTC 2023 - kastl@b1-systems.de
- Update to version 8.5.3:
* skip content checks for path only rules
* use official docker image as pre-commit hook (#818)
-------------------------------------------------------------------
Mon Mar 13 10:13:13 UTC 2023 - kastl@b1-systems.de
- Update to version 8.5.2:
* remove stopwords from global allowlist
-------------------------------------------------------------------
Mon Mar 13 10:13:02 UTC 2023 - kastl@b1-systems.de
- Update to version 8.5.1:
* detect: skip binary files with --no-git (#810)
* fixing a location off by one edge case for --no-git (#812)
* Update README.md
-------------------------------------------------------------------
Mon Mar 13 10:12:22 UTC 2023 - kastl@b1-systems.de
- Update to version 8.5.0:
* Allow tag (#809)
* Stop words (#808)
* Refactor `detect`, add `entropy` to all findings (#804)
-------------------------------------------------------------------
Mon Mar 13 10:11:39 UTC 2023 - kastl@b1-systems.de
- Update to version 8.4.0:
* commenting out git tests, will need to revisit eventually
* commenting out flaky test for now
* go mod tidying
* more comments
* adding git test again
* handle goimports/go vet warnings
* more tests
* more cleaningup
* maintaining parity between current master
* more bug
* cleanup
* more cleaning up
* getting some tests working
* regular git scan parity
* init
* Escape - character in regex character groups (#802)
* adding go mod/sum to ignore (#797)
* GitLab pats may contain underscores as well as dashes (#794)
-------------------------------------------------------------------
Mon Mar 13 10:11:11 UTC 2023 - kastl@b1-systems.de
- Update to version 8.3.0:
* ignore k8s apiVersion in generic-api-key pattern (#760)
* build: updates for go1.17 (#769)
* allow non-last-element secret groups (#792)
* fixing segfault when using a rule with only a path (#791)
* Fix: Typo in LinkedIn id (#789)
* Fix vendor name casing, Flutterwave typo (#785)
* Sarif results with empty rules now represents as [] instead of
null/nil (#786)
* Fix typos in README.md (#780)
-------------------------------------------------------------------
Sun Feb 13 07:44:51 UTC 2022 - Johannes Kastl <kastl@b1-systems.de>
- first version of package gitleaks at 8.2.7
