Update dependency trufflesecurity/trufflehog to v3.53.0
This MR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| trufflesecurity/trufflehog | ironbank-github | minor |
v3.45.1 -> v3.53.0
|
⚠ Dependency Lookup Warnings ⚠
Warnings were logged while processing this repo. Please check the logs for more information.
Release Notes
trufflesecurity/trufflehog
v3.53.0
What's Changed
- [bug] - handle IOOR panic by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1639
- add role assumption for s3 source by @codevbus in https://github.com/trufflesecurity/trufflehog/pull/1477
- [bug] - Only scan gist comments or repo comments by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1646
- Add tri-state verification to sqlserver detector by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1624
- Wait before finishing S3 test by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1647
- add thog CLI support for GitHub config validate by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1626
- Fix reversed ordering of arguments by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1648
- Update S3 test bucket by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1649
- add rate limit and consumption metrics for GitHub by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1651
- Include the job ID in a chunk by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1652
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.52.1...v3.53.0
v3.52.1
What's Changed
- update test file by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1637
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.52.0...v3.52.1
v3.52.0
What's Changed
- [bug] - Correctly reset reader before handling archive chunk data by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1636
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.51.0...v3.52.0
v3.51.0
What's Changed
- correct logging output for github comments and add oss flags by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1632
- Add ScanChunk to allow injecting Chunks into the SourceManager's channel by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1634
- [bug] - copy chunk before sending on chunksChan by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1633
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.50.0...v3.51.0
v3.50.0
What's Changed
- add salesforce detector by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1608
- [chore] - Use custom context for archive handler of specialized archives by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1629
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.49.0...v3.50.0
v3.49.0
What's Changed
- Docker scanning by digest by @joeleonjr in https://github.com/trufflesecurity/trufflehog/pull/1615
- fix detector template test failure message by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1622
- Refactor FragmentLineOffset to match multiline secrets by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1612
- add huggingface detector by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1621
- bug fix - change verification endpoint for opsgenie scanner by @brandonjyan in https://github.com/trufflesecurity/trufflehog/pull/1611
- bump go to 1.21 by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1623
- Fix placeholder for GitHub orgs by @hxnyk in https://github.com/trufflesecurity/trufflehog/pull/1627
- Integration of SpecializedHandler for Enhanced Archive Processing by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1625
New Contributors
- @joeleonjr made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1615
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.48.0...v3.49.0
v3.48.0
What's Changed
- fix error message in alchemy test by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1617
- Add tri-state verification to pubnub publish key detector by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1616
- stop saving Alchemy URL on error by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1614
- Support indeterminate verification in Gitlab detector by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1613
- Use the common chunker for scanning the filesystem source by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1619
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.47.0...v3.48.0
v3.47.0
What's Changed
- Expand paypal regex by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/1599
- Github Oauth2 verification by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/1584
- synchronize print operations to stdout by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1597
- include scan duration in output log by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1598
- Add commits scanned to log by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/1600
- Common chunk reader by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1594
- initial support for bare repositories by @L11R in https://github.com/trufflesecurity/trufflehog/pull/1499
- Fix nil pointer dereference to git ScanOptions by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1603
- implement indeterminate LDAP verification by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1574
- Use SourceManager in engine by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1586
- Adjust regex and add tests by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/1602
- Detect API keys without app keys by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/1605
- Tweak template detector test code by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1609
- Use common chunk reader by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1596
- Move commits_scanned to ScanRepo by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/1610
- implement tri-state verification in FTP detector by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1604
- Add terminal UI by @hxnyk in https://github.com/trufflesecurity/trufflehog/pull/1593
New Contributors
- @L11R made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1499
- @hxnyk made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1593
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.46.3...v3.47.0
v3.46.3
What's Changed
- Remove CI Badge by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1590
- updating github templates by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1587
- fix broken link in issue templates by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1592
- tighten up regex pattern for timezoneapi by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1591
- Remove capturing the cancel callstack in the context package by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1595
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.46.2...v3.46.3
v3.46.2
What's Changed
- add tri-state verification to mongodb detector by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1575
- create hidden debug flag to disable overseer by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1582
- Fix VirusTotal deetector by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1585
- Refactor git source to allow ScanOptions and use source in engine by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1518
- S3 panic send on closed channel by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1589
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.46.1...v3.46.2
v3.46.1
What's Changed
- [bug] - Fix unlocking an unlocked mutex by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1583
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.46.0...v3.46.1
v3.46.0
What's Changed
- Increase log level of engine messages by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1576
- Initialize the default logger to output to stderr by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1569
- Fix runtime error when scanning Gist comments by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/1552
- Do not nest transports for Github installation client by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1564
- Identify transient AWS verification failures by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1563
- Support fatal errors in job reports by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1562
- Fix pubnub regular expression by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1565
- gitparse: Use an object for currentDiff by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1573
- Concurrent detection by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1580
- Replace magic strings with const by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1568
- [bug] - fix data races by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1577
- [bug] - fix shodan detector by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1579
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.45.3...v3.46.0
v3.45.3
What's Changed
- Initial implementation of JobReport with SourceManager usage by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1557
- Add path (location of file) to Google Drive proto by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1566
- move false positive check in alchemy detector by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1532
- Fix gitparse from panicking on a nil-pointer by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1570
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.45.2...v3.45.3
v3.45.2
What's Changed
- Pass GitHub apiEndpoint for basic or no auth by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/1454
- Bump github.com/xanzy/go-gitlab from 0.86.0 to 0.88.0 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1522
- Bump github.com/google/go-containerregistry from 0.14.0 to 0.15.2 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1504
- Add SourceManager tests for Run and Wait methods by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1530
- Improve log message when scanning GitHub comments by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/1553
- Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.4.0 to 2.6.0 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1503
- Bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1554
- [MongoDB] Detect CosmoDB access keys by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/1511
- Override broken dependency version by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1558
- Add azure repos protos by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1559
- add merge support by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1561
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.45.1...v3.45.2
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.
Edited by renovate