Update dependency trufflesecurity/trufflehog to v3.63.6 (!413) · Merge requests · Iron Bank Containers / Iron Bank Pipeline Images / Pipelines Runner · GitLab

UNCLASSIFIED - NO CUI

This is an archived project. Repository and other project resources are read-only.

Ghost User requested to merge renovate/all into development Dec 22, 2023

This MR contains the following updates:

Package	Type	Update	Change
trufflesecurity/trufflehog	ironbank-github	patch	`v3.63.3` -> `v3.63.6`

⚠ Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

trufflesecurity/trufflehog (trufflesecurity/trufflehog)

`v3.63.6`

What's Changed

Adds basic if/else check if pid slice is empty by @codevbus in https://github.com/trufflesecurity/trufflehog/pull/2244
[fixup] - move cleanup to run by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2245
shallow cloning + GitHub Action by @joeleonjr in https://github.com/trufflesecurity/trufflehog/pull/2138
Update GitHub extradata by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2219
Avoid extraneous authentication attempts when verifying Snowflake by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2057
Add missing import by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2246
[bug] - Bug archive handler memory leak by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2247
[chore] - use snake_case for naming by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2238
[chore] - add additional binary extensions to skip by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2235
[chore] - lower logging level by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2249
[bug] - Fix Context Timeout-Induced Goroutine Leak in readInChunks by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2251
Dedupe some source log keys by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2250
[fixup] - Refactor to Pass Reader for Binary Diffs and Archived Data; Optimize /tmp Directory Cleanup by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2253
Use walkdir for tmp cleanup by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2255

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.63.5...v3.63.6

`v3.63.5`

What's Changed

[chore] Prevent panic when ChunkError has a nil Unit by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2227
[feat] - Make skipping binaries configurable by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2226
[chore] Add skip_binaries field to AzureRepos proto message by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2232
Don't run detector tests on forks by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2234
Update Freshworks verification to check for valid JSON response by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2212
Enhance HuggingFace extra data by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2222
Convert Shortcut detector to tri-state verification by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2211
add secretID to chunk by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2242
fix(deps): update module golang.org/x/crypto to v0.17.0 [security] by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2243

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.63.4...v3.63.5

`v3.63.4`

What's Changed

Bump github.com/docker/docker from 24.0.0+incompatible to 24.0.7+incompatible by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/2213
Fix emoji in README by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2217
Upgrade sevenzip to v1.4.5 by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2215
Encode '%' when generating Git URLs by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2214
Fix GitParse trimming whitespace from filename by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2201
[fixup] - Avoid reading decompressed data into memory by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2196
Update GitLab v1 verification to check for valid JSON response by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2218
Check for SourceUnit support dynamically in the SourceManager by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2205
Fix GitHub source showing 0 members by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2202
Don't run 'test' workflow in forks by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2221

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.63.3...v3.63.4

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

UNCLASSIFIED - NO CUI