From b6d4f6cb905867070a67acdd3a722a105d03fb72 Mon Sep 17 00:00:00 2001 From: renovate Date: Sun, 6 Jun 2021 01:02:25 +0000 Subject: [PATCH 1/3] Update dependency truffleHog3 to v2.0.6 --- hardening_manifest.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index ff07253..7a9e1b2 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "opensource/trufflehog/trufflehog3" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "2.0.5" +- "2.0.6" - "latest" # Build args passed to Dockerfile ARGs @@ -27,7 +27,7 @@ labels: org.opencontainers.image.url: "https://github.com/feeltheajf/trufflehog3" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "opensource" - org.opencontainers.image.version: "2.0.5" + org.opencontainers.image.version: "2.0.6" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "trufflehog3,secrets" ## This value can be "opensource" or "commercial" -- GitLab From 0bbb78ea1134d2ea64fc14625f661ebf4f96c536 Mon Sep 17 00:00:00 2001 From: Adam Martin Date: Mon, 7 Jun 2021 08:14:01 -0400 Subject: [PATCH 2/3] update trufflehog3 v2.0.6 deps --- hardening_manifest.yaml | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 7a9e1b2..362c9f8 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -37,41 +37,41 @@ labels: # List of resources to make available to the offline build context resources: -- filename: truffleHog3-2.0.5-py2.py3-none-any.whl - url: https://files.pythonhosted.org/packages/f4/83/7b145927deaf5a546d074c46f3bf9c77306c0e936eddb1427ed42fb000eb/truffleHog3-2.0.5-py2.py3-none-any.whl +- filename: truffleHog3-2.0.6-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/e4/2a/82c51f799b1828cd89b06f46435301e91086ea320e812199fb7ac758a03b/truffleHog3-2.0.6-py2.py3-none-any.whl validation: type: sha256 - value: f08e6a764879895bd7992eaca8aeaee7c8d22b42bd11526bbbe9c474afc8518f -- filename: Jinja2-2.11.3-py2.py3-none-any.whl - url: https://files.pythonhosted.org/packages/7e/c2/1eece8c95ddbc9b1aeb64f5783a9e07a286de42191b7204d67b7496ddf35/Jinja2-2.11.3-py2.py3-none-any.whl + value: 0d7f5282b3bb0df0497cf927b098ba60fd3bcb2f93f1a9eebe5fd9a401913ed9 +- filename: PyYAML-5.4-cp39-cp39-macosx_10_9_x86_64.whl + url: https://files.pythonhosted.org/packages/86/cf/892fb8177b0eb25e118f761eeed5a94df16ad2a82a78a43647c106a11e5f/PyYAML-5.4-cp39-cp39-macosx_10_9_x86_64.whl validation: type: sha256 - value: 03e47ad063331dd6a3f04a43eddca8a966a26ba0c5b7207a9a9e4e08f1b29419 -- filename: GitPython-3.1.0-py3-none-any.whl - url: https://files.pythonhosted.org/packages/d3/2f/6a366d56c9b1355b0880be9ea66b166cb3536392638d8d91413ec66305ad/GitPython-3.1.0-py3-none-any.whl + value: 31ba07c54ef4a897758563e3a0fcc60077698df10180abe4b8165d9895c00ebf +- filename: smmap-4.0.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/68/ee/d540eb5e5996eb81c26ceffac6ee49041d473bc5125f2aa995cf51ec1cf1/smmap-4.0.0-py2.py3-none-any.whl validation: type: sha256 - value: 43da89427bdf18bf07f1164c6d415750693b4d50e28fc9b68de706245147b9dd -- filename: PyYAML-5.4-cp39-cp39-manylinux1_x86_64.whl - url: https://files.pythonhosted.org/packages/43/e8/31007862b01580c507e24b88aeedb71bb81d6125a71c651a26370e6e0648/PyYAML-5.4-cp39-cp39-manylinux1_x86_64.whl + value: a9a7479e4c572e2e775c404dcd3080c8dc49f39918c2cf74913d30c4c478e3c2 +- filename: MarkupSafe-2.0.1-cp39-cp39-macosx_10_9_x86_64.whl + url: https://files.pythonhosted.org/packages/ce/a7/835a636047f4bb4fea31a682c18affad9795e864d800892bd7248485425e/MarkupSafe-2.0.1-cp39-cp39-macosx_10_9_x86_64.whl validation: type: sha256 - value: 02c78d77281d8f8d07a255e57abdbf43b02257f59f50cc6b636937d68efa5dd0 + value: 3c112550557578c26af18a1ccc9e090bfe03832ae994343cfdacd287db6a6ae7 - filename: gitdb-4.0.7-py3-none-any.whl url: https://files.pythonhosted.org/packages/ea/e8/f414d1a4f0bbc668ed441f74f44c116d9816833a48bf81d22b697090dba8/gitdb-4.0.7-py3-none-any.whl validation: type: sha256 value: 6c4cc71933456991da20917998acbe6cf4fb41eeaab7d6d67fbc05ecd4c865b0 -- filename: MarkupSafe-1.1.1-cp39-cp39-manylinux2010_x86_64.whl - url: https://files.pythonhosted.org/packages/be/2e/ad118ca191e44dc6f87182310e5be51da71d4b81ac659e5f8d5f18251806/MarkupSafe-1.1.1-cp39-cp39-manylinux2010_x86_64.whl +- filename: GitPython-3.1.0-py3-none-any.whl + url: https://files.pythonhosted.org/packages/d3/2f/6a366d56c9b1355b0880be9ea66b166cb3536392638d8d91413ec66305ad/GitPython-3.1.0-py3-none-any.whl validation: type: sha256 - value: 6f1e273a344928347c1290119b493a1f0303c52f5a5eae5f16d74f48c15d4a85 -- filename: smmap-4.0.0-py2.py3-none-any.whl - url: https://files.pythonhosted.org/packages/68/ee/d540eb5e5996eb81c26ceffac6ee49041d473bc5125f2aa995cf51ec1cf1/smmap-4.0.0-py2.py3-none-any.whl + value: 43da89427bdf18bf07f1164c6d415750693b4d50e28fc9b68de706245147b9dd +- filename: Jinja2-3.0.1-py3-none-any.whl + url: https://files.pythonhosted.org/packages/80/21/ae597efc7ed8caaa43fb35062288baaf99a7d43ff0cf66452ddf47604ee6/Jinja2-3.0.1-py3-none-any.whl validation: type: sha256 - value: a9a7479e4c572e2e775c404dcd3080c8dc49f39918c2cf74913d30c4c478e3c2 + value: 1f06f2da51e7b56b8f238affdd6b4e2c61e39598a378cc49345bc1bd42a978a4 # List of project maintainers maintainers: -- GitLab From da49355b35acd6701128c574328f72dddf688b27 Mon Sep 17 00:00:00 2001 From: Adam Martin Date: Mon, 7 Jun 2021 08:22:44 -0400 Subject: [PATCH 3/3] adjust for correct hashes on dep updates --- hardening_manifest.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 362c9f8..682c64a 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -42,21 +42,21 @@ resources: validation: type: sha256 value: 0d7f5282b3bb0df0497cf927b098ba60fd3bcb2f93f1a9eebe5fd9a401913ed9 -- filename: PyYAML-5.4-cp39-cp39-macosx_10_9_x86_64.whl - url: https://files.pythonhosted.org/packages/86/cf/892fb8177b0eb25e118f761eeed5a94df16ad2a82a78a43647c106a11e5f/PyYAML-5.4-cp39-cp39-macosx_10_9_x86_64.whl +- filename: PyYAML-5.4-cp39-cp39-manylinux1_x86_64.whl + url: https://files.pythonhosted.org/packages/43/e8/31007862b01580c507e24b88aeedb71bb81d6125a71c651a26370e6e0648/PyYAML-5.4-cp39-cp39-manylinux1_x86_64.whl validation: type: sha256 - value: 31ba07c54ef4a897758563e3a0fcc60077698df10180abe4b8165d9895c00ebf + value: 02c78d77281d8f8d07a255e57abdbf43b02257f59f50cc6b636937d68efa5dd0 - filename: smmap-4.0.0-py2.py3-none-any.whl url: https://files.pythonhosted.org/packages/68/ee/d540eb5e5996eb81c26ceffac6ee49041d473bc5125f2aa995cf51ec1cf1/smmap-4.0.0-py2.py3-none-any.whl validation: type: sha256 value: a9a7479e4c572e2e775c404dcd3080c8dc49f39918c2cf74913d30c4c478e3c2 -- filename: MarkupSafe-2.0.1-cp39-cp39-macosx_10_9_x86_64.whl - url: https://files.pythonhosted.org/packages/ce/a7/835a636047f4bb4fea31a682c18affad9795e864d800892bd7248485425e/MarkupSafe-2.0.1-cp39-cp39-macosx_10_9_x86_64.whl +- filename: MarkupSafe-2.0.1-cp39-cp39-manylinux2010_x86_64.whl + url: https://files.pythonhosted.org/packages/6f/83/eabfb8c6d60b096dc9ada378cf935809289c4d0327b74a60789bde77e1db/MarkupSafe-2.0.1-cp39-cp39-manylinux2010_x86_64.whl validation: type: sha256 - value: 3c112550557578c26af18a1ccc9e090bfe03832ae994343cfdacd287db6a6ae7 + value: ab3ef638ace319fa26553db0624c4699e31a28bb2a835c5faca8f8acf6a5a902 - filename: gitdb-4.0.7-py3-none-any.whl url: https://files.pythonhosted.org/packages/ea/e8/f414d1a4f0bbc668ed441f74f44c116d9816833a48bf81d22b697090dba8/gitdb-4.0.7-py3-none-any.whl validation: -- GitLab