-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.22.0 #12
Open
renovate
wants to merge
1
commit into
main
Choose a base branch
from
renovate/zricethezav-gitleaks-8.x
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.15.1
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.15.2
Dec 2, 2022
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
December 2, 2022 04:51
f66cb3d
to
1b4674f
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.15.2
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.16.0
Mar 11, 2023
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
March 11, 2023 22:44
1b4674f
to
8ace0fc
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.16.0
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.16.1
Mar 18, 2023
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
March 18, 2023 19:57
8ace0fc
to
68ddada
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.16.1
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.16.2
Mar 30, 2023
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
March 30, 2023 23:52
68ddada
to
dbb8533
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.16.2
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.16.3
May 28, 2023
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
May 28, 2023 11:07
dbb8533
to
b3c478f
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.16.3
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.16.4
Jun 6, 2023
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
June 6, 2023 18:31
b3c478f
to
1667158
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.16.4
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.17.0
Jun 15, 2023
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
June 15, 2023 12:56
1667158
to
0ae0fac
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.17.0
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.18.0
Aug 22, 2023
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
August 22, 2023 23:36
0ae0fac
to
e33de3a
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.18.0
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.18.1
Nov 17, 2023
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
November 17, 2023 23:03
e33de3a
to
d7bf79b
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.18.1
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.18.2
Feb 1, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
February 1, 2024 18:55
d7bf79b
to
f8e8199
Compare
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
June 1, 2024 15:50
f8e8199
to
3266033
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.18.2
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.18.3
Jun 1, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
June 14, 2024 17:39
3266033
to
1eb452c
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.18.3
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.18.4
Jun 14, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
September 14, 2024 02:14
1eb452c
to
167d8cc
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.18.4
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.19.0
Sep 14, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
September 14, 2024 10:58
167d8cc
to
5ab652d
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.19.0
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.19.1
Sep 14, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
September 16, 2024 16:41
5ab652d
to
cb551f9
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.19.1
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.19.2
Sep 16, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
September 26, 2024 16:22
cb551f9
to
60ccff0
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.19.2
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.19.3
Sep 26, 2024
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.19.3
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.20.0
Oct 3, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
2 times, most recently
from
October 7, 2024 19:02
c02b94a
to
2d71f18
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.20.0
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.20.1
Oct 7, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
October 15, 2024 04:51
2d71f18
to
077b63c
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.20.1
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.21.0
Oct 15, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
October 18, 2024 12:14
077b63c
to
88e7839
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.21.0
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.21.1
Oct 18, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
October 28, 2024 17:18
88e7839
to
ef52cef
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.21.1
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.21.2
Oct 28, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
December 19, 2024 21:51
ef52cef
to
538a0d6
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.21.2
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.21.3
Dec 19, 2024
renovate
bot
force-pushed
the
renovate/zricethezav-gitleaks-8.x
branch
from
December 20, 2024 20:13
538a0d6
to
498e3ee
Compare
renovate
bot
changed the title
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.21.3
chore(deps): update pre-commit hook zricethezav/gitleaks to v8.22.0
Dec 20, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
None yet
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v8.15.0
->v8.22.0
Note: The
pre-commit
manager in Renovate is not supported by thepre-commit
maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.Release Notes
zricethezav/gitleaks (zricethezav/gitleaks)
v8.22.0
Compare Source
v8.21.4
Compare Source
Changelog
906085f
Update golang version to 1.23 (#1672)8a83062
log bytes (#1670)v8.21.3
Compare Source
Changelog
a9e6d8c
go mod 1.232f73a3e
Ensure keywords are downcased (#1633)f696605
feat: add settlemint api keys detection (#1663)0bf13fc
feat(dir): better chunking (#1665)83e99ba
feat(report): allow user-defined templates (#1650)e393d29
Add support for GitLab routable tokens (#1656)263ce82
Add freemius secret key detection (#1611)3c0e068
fix(kubernetes): only match 'kind: secret' (#1649)f3adda0
feat: use STDOUT when report file not specified (#1642)ed205a5
fix(dir): skip opening file&dir if allowlist matches (#1653)6018012
fix: increase chunk size 10kb -> 100kb (#1652)7f77987
feat: detect sentry.io tokens in the new format (#1640)48a2e0e
refactor: pre-commit hooks (#1627)4e303d0
fix(easypost): only detect tokens of correct length (#1628)c1add1d
feat(dir): continue on permission error (#1621)202106a
Add human readable description for curl rules (#1625)8e94f98
Add option to includeLine
field in report (#1616)dbb42a7
hm (great comment)2599460
Update README.md8ffb980
nop for stupid build4181ad6
Add new jira api token pattern (#1601)48ea14b
feat: update global & generic allowlist (#1618)81f0002
fix(vault-service-token): ensure that TPS contains digits (#1614)c11adc9
Generate comprehensive secret samples (#1484)d1d9054
fix(aws): detect token in url (#1615)5fe58bf
fix(rules): entropy, uppercase in samples (#1593)5c2e813
feat: tweak rules (#1608)v8.21.2
Compare Source
Changelog
43fae35
feat(rules): create Octopus Deploy api key (#1602)a158e4f
fix(aws-access-token): only match if correct length (#1584)b6e0eee
fix(config): ignore jquery/swagger w/o version (#1607)722e7d8
feat: add new GitLab tokens (#1560)961f2e6
feat(generic-api-key): tune false positives (#1606)e734fcf
Create .gitleaks.toml (#1605)7206d6b
feat(curl): tweak tps and fps (#1603)2db25f1
feat(config): ignore swagger-ui assets (#1604)e97695b
feat(generic-api-key): exclude keywords (#1587)0afb525
feat(okta): bump entropy to 4 (#1599)2068870
feat: update global allowlist (#1597)8cf93b9
refactor(allowlist): deduplicate commits & keywords (#1596)50c2818
feat(config): ignore jquery static assets (#1595)455ae0a
More rule fixes (#1586)5407c44
chore: log skipped symlinks (#1591)d03d6c4
feat: match left side of identifier (#1585)851c11a
what secrets?8cfa6b2
fix(rules): add entropy (#1580)9152eaa
feat(aws): add entropy & allowlist (#1582)93acc6e
feat(rules): add 1password token (#1583)83a5724
feat(config): add curl header rule (#1576)v8.21.1
Compare Source
Changelog
cf5334f
feat: add curl basic auth rule (#1575)d07b394
Update spelling in README.md (#1574)5c03fa4
refactor(allowlist): use iota for condition (#1569)12034a7
refactor(config): temporarily switch to [rules.allowlist] (#1573)v8.21.0
Compare Source
Changelog
aabe381
Define multiple allowlists per rule (#1496)8ea6085
build: upgrade gitleaks/go-gitdiff to v0.9.1 (#1559)be9d0f8
Fix rule extension (#1556)9988e52
Update base config allowlist (#1555)8fb39ba
feat(azure): detect Azure AD client secrets (#1199)14c924d
chore: match gitleaks.toml anywhere (#1553)respect @rgmz @9999years
v8.20.1
Compare Source
Changelog
b2fbaeb
feat(config): add placeholder regexes to global allowlist (#1547)00bb821
feat: add PrivateAI rule (#1548)445abe3
Bump golang verion used in docker build to match version specified in go.mod (#1551)1a2f656
feat: add cohere rule (#1549)82d737d
feat(generate): generate global (#1546)f6e5499
Feat/nuget config password rule (#1540)v8.20.0
Compare Source
Changelog
bf8a49f
Make private key check less greedy and include fifth dash (#1440)9c354f5
print tags if they exist2278a2a
Decode Base64 (#1488)c5b15c9
refactor(config): keyword map (#1538)a971a32
fix: use regexTarget for extend config (#1536)a0f2f46
feat: bump go to 1.22 (#1537)4e8d7d3
fix: handle pre-commit and staged (#1533)f8dcd83
Bugfix/1352 incorrect report multiple lines (#1501)Huge huge thanks to @bplaxco for supporting b64 decoding, @recreator66 for bug fixes, and to @rgmz for his continued support of the project in the form of PRs and reviews. Thanks you!
New Feature: Decoding
Sometimes secrets are encoded in a way that can make them difficult to find
with just regex. Now you can tell gitleaks to automatically find and decode
encoded text. The flag
--max-decode-depth
enables this feature (the defaultvalue "0" means the feature is disabled by default).
Recursive decoding is supported since decoded text can also contain encoded
text. The flag
--max-decode-depth
sets the recursion limit. Recursion stopswhen there are no new segments of encoded text to decode, so setting a really
high max depth doesn't mean it will make that many passes. It will only make as
many as it needs to decode the text. Overall, decoding only minimally increases
scan times.
The findings for encoded text differ from normal findings in the following
ways:
include that as well
decoded:<encoding>
anddecode-depth:<depth>
Currently supported encodings:
base64
(both standard and base64url)v8.19.3
Compare Source
Changelog
ed19c4e
fix(config): extend allowlist & handle extend when validating (#1524)989ef19
refactor(kubernetes-secret): tweak variable chars (#1520)191eb43
Revert "remove validate config test temporarily" (#1529)78f7d3f
feat: create fly.io rule (#1528)7098f6d
fix: to many false-positive for gltf files, add gltf suffix to allowlist (#1527)97dbe1e
Add support in .gitleaksignore file comment strings (#1425) (#1502)9e06824
Restrict Etsy keywords (#1491)db78260
feat(github): add entropy to rule (#1489)df126a7
feat(gcp): update api key rule (#1481)75dd70e
fix(hashicorp): ignore common fps (#1498)8510d39
fix(square): make prefix case sensitive (#1469)3698060
refactor(kubernetes-secret): collapse rules and update regex (#1462)v8.19.2
Compare Source
Changelog
128cd22
fix(rule): comment out errant validation case (#1509)1a6d2b0
remove validate config test temporarily0874ebc
Update README.mdv8.19.1
Compare Source
Changelog
9463ffa
fix flag access (#1506)v8.19.0
Compare Source
Changelog
44ad62e
Deprecatedetect
andprotect
. Addgit
,dir
,stdin
(#1504) HEY THIS IS AN IMPORTANT CHANGE. If it breaks some stuff... sorry, I'll fix it asap, just open an issue and make sure to ping me. The change is meant to be backwards compatible.e93a7c0
Update Harness rules to add _ and - in the account ID part. (#1503)4e43d11
chore: fix gl workflow error (#1487)bd81872
Make config generation utils public (#1480)3be7faa
Update Hashicorp Vault token pattern (#1483)1aae66d
feat(config): update rule validation (#1466)6dfcf5e
Update .gitleaksignoref361c5e
fix(detect): handle EOF with bytes (#1472)8a1ca9e
Added poetry.lock to default allowlist paths (#1474)525c4b4
refactor(sarif): remove |name| and change |shortDescription| (#1473)c0fda43
Use rule id for config validation error (#1463)d3c4b90
Use first non-empty group ifsecretGroup
isn't set (#1459)b4009bf
chore: remove unnecessary capture groups (#1460)80bd177
Return non-0 exit code fromDetectGit
(#1461)0334ec1
add gradle verification-metadata.xml to global allowlist (#1446)c1345e1
feat(openshift): add user token (#1449)7697b3e
(feat): Adding secret detection rule for Kubernetes secrets (#1454)26f3469
add version to defaultbc979de
Add go.work and go.work.sum to global allowlist (#1353)b899915
Add harness PAT and SAT rules (#1406)4c5195b
Update README.mdv8.18.4
Compare Source
Changelog
02808f4
Limit hashicorp-tf-password to .tf/.hcl files (#1420)07e1c30
rm printdb63fc1
reduce telegram... todo url and xml for later9a4538c
coderabbit.ai <3fe94ef9
Add NewRelic insert key detection (#1417)bb4424d
Improved Telegram bot token rule regex and added more test cases (#1404)575e923
Add intra42 client secret (#1408)Shout out to @coderabbit for their sponsorship!
v8.18.3
Compare Source
Changelog
39947b0
extend FB access token discovery (#1407)79cac73
tests: scalingo validation consistent test (#1359)247f423
add real (test) standard and restricted keys (#1375)821b232
Add Cloudflare API and Origin CA keys (#1374)57ac4b3
Update "contributing guidelines" link (#1390)db69e82
add update token from square (#1370)4b54328
feat: facebook secret, access token, and page access token rules (#1372)979f213
update mailchimp with new tokens (#1376)59c0cc7
Append ordered rules when extending (#1304)6c52f87
fix: age rule id with dashes (#1349)247a5e7
patching golang.org/x/text for CVE-2021-38561 and CVE-2022-32149 (#1342)8d23afd
Use latest base images. (#1334)v8.18.2
Compare Source
Changelog
ac4b514
removed gitleaks user from Dockerfile (#1313)76c9e31
Remove IAM identifiers for non-credential resources in the aws-access-token rule (#1307)afe046b
Update stripe rule to not alert on publishable keys (#1320)8b8920d
--max-target-megabytes flag now supported for --no-git flag as well (#1330)a59289c
add pre-commit hook gitleaks-system (#1225)870194b
fix errors when using protect and an external git diff tool (#1318)179c607
rename filesystem to directory (#1317)8de8938
Enhance Secret Descriptions (#1300)ca7aa14
Small refactordetect
andsources
(#1297)01e60c8
chore(config): refactor to go generate; simplify configRules init (#1295)54f5f04
forgot symlinks221d5c4
pretty apparent 'protect' and 'detect' should be merged into one command (#1294)128b50f
style: sort the stopwords (#1289)v8.18.1
Compare Source
Changelog
dab7d02
dont crash on 100gb files pls (#1292)e63b657
remove secretgroup from default config (#1288)20fcf50
feat: Hashicorp Terraform fields for password (#1237)b496677
perf: avoid allocations with(*regexp.Regexp).MatchString
(#1283)a3ab4e8
refactor: more explicit rules (#1280)bd9a25a
bugfix: reduce false positives for stripe tokens by using word boundaries in regex (#1278)6d0d8b5
add Infracost API rule (#1273)2959fc0
refactor: simplify test asserts (#1271)d37b38f
Update Makefile14b1ca9
refactor: change detect tests to t.Fatal instead of log.Fatal (#1270)d9f86d6
feat(rules): Add detection for Scalingo API Token (#1262)ed34259
feat(jwt): detect base64-encoded tokens (#1256)0d5e46f
feat: add --ignore-gitleaks-allow cmd flag (#1260)a82ac29
switch out libs (#1259)0b84afa
fix: no-color option should also affect zerolog output (#1242)8976539
Fixed lineEnd indexing if the match is the whole line (#1223)30c6117
feat: Add optional redaction value, default 100 (#1229)e9135cf
fix(jwt): longer segment lengths (#1214)f65f915
Added yarn.lock file to default allowlist paths (#1258)abfd0f3
Update README.md18283bb
feat(rules): make case insensitivity optional (#1215)9fb36b2
feat(rules): detect Hugging Face access tokens (#1204)db4bc0f
Resolve #1170 - Enable selection of a single rule (#1183)3cbcda2
Update authress.go to include alternate form account dash (-) (#1224)46c6272
refactor: remove unnecessary removing temp files in tests (#1255)963a697
refactor: use os.ReadFile instead of os.Open + io.ReadAll (#1254)163ec21
fix(sumologic): improve patterns (#1218)v8.18.0
Compare Source
What's Changed
New Contributors
Full Changelog: gitleaks/gitleaks@v8.17.0...v8.18.0
v8.17.0
Compare Source
What's Changed
REDACTED
to stopwords forgeneric-api-key
rule by @9999years in https://github.com/gitleaks/gitleaks/pull/1188.gitleaksignore
fingerprint lacks SHA by @rgmz in https://github.com/gitleaks/gitleaks/pull/1156--log-opts
values by @rgmz in https://github.com/gitleaks/gitleaks/pull/1160New Contributors
Full Changelog: gitleaks/gitleaks@v8.16.4...v8.17.0
v8.16.4
Compare Source
Changelog
6f75511
Added option to specify .gitleaksignore path (#1179) @pacorreia190ac97
Fix closing file in writeJson and writeSarif (#1187) @alexandear6dbb0c5
Simplify tests by using T.TempDir (#1186) @alexandear6705461
Fix typos in *.md, comments and logs (#1185) @alexandear9869eab
Update README.md16f1ec0
Update bug_report.md8d80a5a
Adding discord channel to readme146f69e
🐛 fix(sarif): update report to pass validator (#1167) @DariuszPorowskiv8.16.3
Compare Source
Changelog
51ca0f8
fix(detect): extra secret from group before checking allowlist (#1152)81cf308
Fix G307 warning: Deferring unsafe method "Close" on type "*os.File" (#1154)bd8b145
fix(detect): avoid panic with verbose flag (#1143)839f114
Fix typo (#1142)63c3076
No color (#1136)56079dc
safer out of bounds (#1135)9c6650d
Add Authress access key format: https://authress.io/knowledge-base/docs/authorization/service-clients/secrets-scanning/ (#1131)6fa63f4
Update pre-commit address and rev tag in README (#1125)9701bf1
Bufix/1100 protect stagged files (#1121)db79d81
fix README.md !? (#1123)8a31f4a
Improve rule descriptions for Stripe and Facebook access tokens (#1119)6b0c303
Add Defined Networking API Tokens (#1096)Huuuuuge thank you to all the contributors especially @rgmz
@edwardwang888 @wparad @sadikkuzu @RafaelFigueiredo @fgreinacher @jasikpark @sergiomarotco
v8.16.2
Compare Source
Changelog
63c3076
No color (#1136)56079dc
safer out of bounds (#1135) (Thank you @agmond)9c6650d
Add Authress access key format: https://authress.io/knowledge-base/docs/authorization/service-clients/secrets-scanning/ (#1131)6fa63f4
Update pre-commit address and rev tag in README (#1125)9701bf1
Bufix/1100 protect stagged files (#1121)a5b9c24
remove extra default on source optiondb79d81
fix README.md !? (#1123)8a31f4a
Improve rule descriptions for Stripe and Facebook access tokens (#1119)6b0c303
Add Defined Networking API Tokens (#1096)Thanks to @americanair for sponsoring this open source project!
Thanks to all the contributors this release: @fgreinacher @wparad @RafaelFigueiredo @sergiomarotco @jasikpark
v8.16.1
Compare Source
Changelog
1fb3a77
Update gitleaks.toml (#1116)11c2ad0
Add gradle.lockfile to allowlist (#1112)e55d397
Update pre-commit rev tag in README (#1108)2dd9946
Add pnpm-lock.yaml and Database.refactorlo (#1109)v8.16.0
Compare Source
Changelog
4b5e8e1
Feat/allowlist regex target (#1107)Allowlist Regex Targets
Let's use the generic rule to demonstrate the new
regexTarget
allowlist optionexample.txt
will be our target and contain a single line with a fake secret:Running gitleaks on this file using the generic rule will return one finding:
We can add a allowlist
regexes
entry to include part of the secret. This will cause gitleaks to ignore the finding above.Note that by default gitleaks uses the Secret to compare against allowlist regexes.
Adding the following allowlist to the generic rule will cause gitleaks to ignore the finding:
But now say you don't want to use
Secret
to compare against your allowlist regexes. Well, now you can useregexTarget
and set the value as eitherline
ormatch
to compare against the line or regex match:and
will both result in the finding being ignored because
discord
is found in the generic rule regex match andvar
is in the line where the finding was found.In addition to rule allowlists, you can set
regexTarget
in the global allowlist:Thanks @bplaxco for the review
v8.15.4
Compare Source
Changelog
343e693
ignore package-lock.json (#1076)0060ab6
Fix typos in README.md and CONTRIBUTING.md (#1090)0259088
fix: ignore baseline if path was not relative in source (#1101)088f8b8
Fix H in GitHub and update pre-commit rev tag in README (#1087)Shouts outs to @sandyydk @raffis @lawndoc @sadikkuzu
v8.15.3
Compare Source
Changelog
afdccad
Add missing GitLab token patterns (#1077)e002920
Fix rule for private keys (#1072)v8.15.2
Compare Source
Changelog
d805fb9
remove color formatting when #1042 is encountered (#1050)391d4d7
Update README.mdf774932
adding jwt tokens with padding format "=" (#1031)[
v8.15.1
](https://redirect.Configuration
📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.