Update dependency trufflesecurity/trufflehog to v3.45.3

This MR contains the following updates:

Package	Type	Update	Change
trufflesecurity/trufflehog	ironbank-github	minor	v3.41.1 -> v3.45.3

---

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the logs for more information.

---

Release Notes

trufflesecurity/trufflehog

v3.45.3

Compare Source

What's Changed

• Initial implementation of JobReport with SourceManager usage by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1557
• Add path (location of file) to Google Drive proto by @​zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1566
• move false positive check in alchemy detector by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1532
• Fix gitparse from panicking on a nil-pointer by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1570

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.45.2...v3.45.3

v3.45.2

Compare Source

What's Changed

• Pass GitHub apiEndpoint for basic or no auth by @​rgmz in https://github.com/trufflesecurity/trufflehog/pull/1454
• Bump github.com/xanzy/go-gitlab from 0.86.0 to 0.88.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1522
• Bump github.com/google/go-containerregistry from 0.14.0 to 0.15.2 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1504
• Add SourceManager tests for Run and Wait methods by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1530
• Improve log message when scanning GitHub comments by @​rgmz in https://github.com/trufflesecurity/trufflehog/pull/1553
• Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.4.0 to 2.6.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1503
• Bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1554
• [MongoDB] Detect CosmoDB access keys by @​rgmz in https://github.com/trufflesecurity/trufflehog/pull/1511
• Override broken dependency version by @​dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1558
• Add azure repos protos by @​ahrav in https://github.com/trufflesecurity/trufflehog/pull/1559
• add merge support by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1561

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.45.1...v3.45.2

v3.45.1

Compare Source

What's Changed

• [chore] - optimize chunker by @​ahrav in https://github.com/trufflesecurity/trufflehog/pull/1535
• Add commitsScanned metrics by @​bill-rich in https://github.com/trufflesecurity/trufflehog/pull/1533
• Make Ahocorasick matching case insensitive by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1547
• Fix data race in context wrapper library by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1546
• Update gitparse logic by @​rgmz in https://github.com/trufflesecurity/trufflehog/pull/1486

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.45.0...v3.45.1

v3.45.0

Compare Source

What's Changed

• [chore] - Update loop to switch. by @​ahrav in https://github.com/trufflesecurity/trufflehog/pull/1487
• Rewrite SourceUnitEnumerator to use UnitReporter instead of a channel by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1485
• Define SourceUnit chunking interface by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1484
• fix twilio verification side effect by @​brandonjyan in https://github.com/trufflesecurity/trufflehog/pull/1494
• Fix URI detector false positives when the redacted password has been URL encoded by @​trufflesteeeve in https://github.com/trufflesecurity/trufflehog/pull/1489
• add envoy api key scanner by @​brandonjyan in https://github.com/trufflesecurity/trufflehog/pull/1482
• add couchbase scanner to defaults by @​brandonjyan in https://github.com/trufflesecurity/trufflehog/pull/1497
• tweak jdbc redaction by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1490
• add launch_darkly keyword to launchdarkly scanner by @​brandonjyan in https://github.com/trufflesecurity/trufflehog/pull/1495
• [chore] - update detector template file by @​ahrav in https://github.com/trufflesecurity/trufflehog/pull/1500
• add thog enterprise detector for web keys by @​zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1448
• use Go 1.20 for all github workflows by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1508
• unify JDBC detector ping logic by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1506
• add dockerhub scanner by @​brandonjyan in https://github.com/trufflesecurity/trufflehog/pull/1496
• JDBC indeterminacy by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1507
• [chore] Remove parent setting / getting in Context wrapper by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1516
• Revert "[chore] Remove parent setting / getting in Context wrapper (#… by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1519
• Bump github.com/googleapis/gax-go/v2 from 2.11.0 to 2.12.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1501
• Bump google.golang.org/api from 0.130.0 to 0.131.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1502
• Bump github.com/go-git/go-git/v5 from 5.7.0 to 5.8.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1523
• capture JSON error in AWS detector by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1509
• Decrease frequency of dependabot alerts to monthly by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1524
• Support indeterminacy in alchemy and update detector docs by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1510
• [chore] Remove parent manipulation in context package by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1525
• Implement SourceManager basics by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1515
• Correctly route pprof endpoint by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1527
• [chore] - Remove password info from log by @​ahrav in https://github.com/trufflesecurity/trufflehog/pull/1528
• continue scanning on detector / decoder panic by @​dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/863
• Add match boundary to okta regular expressions by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1531
• Replace aho-corasick library by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1538

New Contributors

• @​brandonjyan made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1494

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.44.0...v3.45.0

v3.44.0

Compare Source

What's Changed

• fix typo by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1452
• Remove additional apk clean up in Dockerfile by @​PeterDaveHello in https://github.com/trufflesecurity/trufflehog/pull/1440
• Remove the Image4 detector by @​rgmz in https://github.com/trufflesecurity/trufflehog/pull/1461
• tighten up Shortcut API detector by @​zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1438
• additional similarity check for base64 and plain by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1462
• Add new verification error message field by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1463
• Bump golang.org/x/crypto from 0.10.0 to 0.11.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1473
• Bump github.com/jlaffaye/ftp from 0.1.0 to 0.2.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1471
• Bump github.com/TheZeroSlave/zapsentry from 1.15.0 to 1.17.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1470
• remove old detector by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1474
• Bump google.golang.org/api from 0.129.0 to 0.130.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1472
• Define SourceUnit enumeration interface by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1428
• Update tests for forks so we don't fail on everything by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1475
• scan GitHub MR and issue comments by @​zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1435
• Report indeterminacy in AWS verifier by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1480
• do not report AWS 403s as indeterminate by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1481
• Dedupe results by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1479
• Include the line number GitHub & Gitlab links by @​rgmz in https://github.com/trufflesecurity/trufflehog/pull/1466

New Contributors

• @​PeterDaveHello made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1440
• @​rgmz made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1461
• @​rosecodym made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1463

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.43.0...v3.44.0

v3.43.0

Compare Source

What's Changed

• Introduce trufflehog:ignore tag feature by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1433
• remove HEAD from git diff command, rename unstaged to staged by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1439
• Bump github.com/envoyproxy/protoc-gen-validate from 1.0.1 to 1.0.2 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1445
• Bump cloud.google.com/go/secretmanager from 1.11.0 to 1.11.1 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1443
• Bump google.golang.org/protobuf from 1.30.0 to 1.31.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1444
• Add missing keywords for sqlserver by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1449
• Bump google.golang.org/api from 0.128.0 to 0.129.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1441
• Bump cloud.google.com/go/storage from 1.30.1 to 1.31.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1442

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.42.0...v3.43.0

v3.42.0

Compare Source

What's Changed

• Exit with non-zero exit code on chunk source error by @​nyanshak in https://github.com/trufflesecurity/trufflehog/pull/1286
• Fix docker source to return any chunk errors by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1429
• Add Couchbase Detector by @​zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1385
• Bump github.com/xanzy/go-gitlab from 0.85.0 to 0.86.0 by @​dependabot in https://github.com/trufflesecurity/trufflehog/pull/1425
• Use url redaction in git by @​trufflesteeeve in https://github.com/trufflesecurity/trufflehog/pull/1399
• Fix stripPassword by @​zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1430
• Don't return on okta credential failed verification by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1432
• verify response body with expected keywords by @​zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1419
• added opsgenie detector by @​roxanne-tampus in https://github.com/trufflesecurity/trufflehog/pull/650

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.41.1...v3.42.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.