Commit graph

97 commits

Author SHA1 Message Date
Dustin Decker
b66c167074
Revert "Compress release with UPX (#3445)" (#3455)
This reverts commit c46d52b11a.
2024-10-17 09:12:46 -07:00
Dustin Decker
c46d52b11a
Compress release with UPX (#3445) 2024-10-17 08:04:37 -07:00
JonZeolla
02d17cae25
fix: pr template link to golangci-lint (#3392) 2024-10-10 10:57:41 -07:00
Dustin Decker
59c615a5e9
Fix git binary handling and add a smoke test (#3379)
* Fix git binary handling and add a smoke test

* hide stdout

* add failure case to smoke test

* run again with deadlock fix

* Add logic to drain reader in the event of an error

* add tests

* be picky

* set author identity

* suppress linter

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-10-07 13:55:07 -07:00
renovate[bot]
d590129c83
chore(deps): update sigstore/cosign-installer action to v3.7.0 (#3368)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-05 09:28:03 -07:00
ahrav
5f3b4521d7
[chore] - update Go version to 1.23.0 (#3340)
* update Go version to 1.23.0

* update go version across the rest of the project
2024-09-27 09:55:15 -07:00
Zachary Rice
8cb5e98804
disable secret scans for community PRs (#3343)
* disable secret scans for community PRs

* check if fork too
2024-09-27 11:55:04 -05:00
Dustin Decker
9089fb7df1
Include all detector tests for captain (#3329)
* Use captain for test aggregation

* no retries

* include all detector tests
2024-09-24 12:04:56 -07:00
Dustin Decker
3b0f2fcf39
Use captain for test aggregation (#3328)
* Use captain for test aggregation

* no retries
2024-09-24 11:51:52 -07:00
Miccah
bc2d00710a
[chore] Skip analyzer tests in CI (#3270) 2024-09-06 14:09:13 -07:00
renovate[bot]
0ba37dbbd1
chore(deps): update sigstore/cosign-installer action to v3.6.0 (#3211)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-13 11:17:40 -07:00
Dustin Decker
25b01019b3
Add permissions lookup tables (#3125)
* OpenAI LUT

* github LUT

* cleanup

* add test

* update

* update

* update openai

* update

* Add Analyze interface to Twilio (#3128)

* Add Analyze interface to Twilio

* add readme
2024-07-31 13:01:29 -07:00
Shunsuke Suzuki
68ec7a28a2
chore: fix .goreleaser.yml and goreleaser usage for goreleaser v2 (#3073) 2024-07-18 07:23:59 -07:00
renovate[bot]
72e9e9a3b4
chore(deps): update goreleaser/goreleaser-action action to v6 (#3051)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-08 08:52:44 -07:00
Richard Gomez
f210767394
ci(detector-tests): test detectors if integration fails (#2994) 2024-06-24 13:19:43 -05:00
Richard Gomez
9176e25a26
ci(detector-tests): disambiguate step names (#2989) 2024-06-20 11:43:11 -05:00
Dustin Decker
d8e7fa983d
Go should be installed before codeql initializes (#2919) 2024-06-05 16:46:58 -04:00
Zachary Rice
8d1fa42360
switch to filesystem and specific tag when performance testing (#2846)
* switch to filesystem and specific tag when performance testing

* good ol gha debugging

* Update performance.yml
2024-05-14 11:57:01 -05:00
Zachary Rice
806c06406a
Bump up performance test threshold to 50% (#2839) 2024-05-13 16:53:08 -05:00
renovate[bot]
8ef15e9cdc
chore(deps): update golangci/golangci-lint-action action to v6 (#2801)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-07 20:23:52 -07:00
renovate[bot]
a5f04e65f7
chore(deps): update golangci/golangci-lint-action action to v5 (#2744)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-24 20:25:49 -07:00
renovate[bot]
a7699f8c24
chore(deps): update sigstore/cosign-installer action to v3.5.0 (#2695)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-10 17:56:46 -07:00
Dustin Decker
41d58739bd
Use go 1.22 (#2599)
* Use go 1.22

* install non-pro goreleaser

* increment go-version

* build w/ go 1.22 for codeql
2024-03-22 08:23:04 -07:00
Richard Gomez
f5025fd382
Add --results flag (#2372)
This is a follow-up to #2107 and #2335. It adds a new (hidden) --results flag that allows a user to show any combination of verified, unverified, and indeterminate secrets.
2024-03-15 10:19:31 -04:00
renovate[bot]
af7f81185b
chore(deps): update golangci/golangci-lint-action action to v4 (#2445)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 19:17:05 -08:00
renovate[bot]
939aca2e69
chore(deps): update github/codeql-action action to v3 (#2444)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 19:16:48 -08:00
renovate[bot]
774c48545e
chore(deps): update actions/setup-go action to v5 (#2443)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 19:15:50 -08:00
renovate[bot]
2923d90bd7
chore(deps): update sigstore/cosign-installer action to v3.4.0 (#2421)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-11 17:18:48 -08:00
Zachary Rice
adc09c0533
skip community PR (forks) secret scans for now (#2401) 2024-02-08 13:29:57 -06:00
Zachary Rice
02fe9e189b
Set GHA workdir (#2393)
* set workdir to tmp

* add workflow dispatch for easier on demand dogfooding
2024-02-07 08:14:33 -06:00
faktas2
76fcdae3a0
Add the new MaxMind license key format (#2181)
* Add the new MaxMind license key format

* feedback

* reorg rules

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-01-26 11:49:47 -08:00
Dustin Decker
3a6cfd9d97
Prevent print or logging in detectors (#2341)
* Prevent print or logging in detectors

* mount repo

* update job name
2024-01-26 11:39:41 -08:00
renovate[bot]
fe94986911
chore(deps): update sigstore/cosign-installer action to v3.3.0 (#2290)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-11 11:25:29 -08:00
joeleonjr
a6364415e6
shallow cloning + GitHub Action (#2138)
* proposed shallow cloning gh action

* removing unnecessary steps

* adding back in git checkout

* removed git cloning + added backward compatibility
2023-12-19 14:56:55 -05:00
Richard Gomez
2928e2ee76
ci: don't run detector tests on forks (#2234) 2023-12-17 08:32:07 -08:00
Richard Gomez
b0fab16ad4
chore: don't run test workflow in forks (#2221) 2023-12-14 16:48:48 -08:00
renovate[bot]
16cf858495
chore(deps): update google-github-actions/auth action to v2 (#2171)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-04 16:46:56 -08:00
renovate[bot]
02ba66d296
chore(deps): update sigstore/cosign-installer action to v3.2.0 (#2149)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-01 10:48:34 -08:00
Shubham Hibare
11df3dc747
feat(signing): Sign checksum (#1894)
* Add checksum signing

* Update readme
2023-11-21 14:02:28 -08:00
Dustin Decker
d0653b22ee
update renovate config and remove dependabot (#1994) 2023-10-25 18:14:08 -07:00
dependabot[bot]
83391d31da
Bump docker/setup-qemu-action from 2 to 3 (#1845)
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 07:45:47 -07:00
dependabot[bot]
df5fa56429
Bump goreleaser/goreleaser-action from 4 to 5 (#1844)
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4 to 5.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 07:40:28 -07:00
dependabot[bot]
222a47d9f3
Bump mikepenz/action-junit-report from 3 to 4 (#1843)
Bumps [mikepenz/action-junit-report](https://github.com/mikepenz/action-junit-report) from 3 to 4.
- [Release notes](https://github.com/mikepenz/action-junit-report/releases)
- [Commits](https://github.com/mikepenz/action-junit-report/compare/v3...v4)

---
updated-dependencies:
- dependency-name: mikepenz/action-junit-report
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 07:40:00 -07:00
dependabot[bot]
dd183fab83
Bump docker/login-action from 2 to 3 (#1846)
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 07:39:13 -07:00
dependabot[bot]
c7965b2df6
Bump actions/checkout from 3 to 4 (#1842)
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 07:37:57 -07:00
Dustin Decker
5afc7a32ca
fix detector test action (#1805) 2023-09-21 15:16:00 -07:00
Dustin Decker
b66bd9544c
aggregate detector tests daily (#1800)
* aggregate detector tests daily

* add manual dispatch

* fix test
2023-09-21 10:32:40 -07:00
Mike Vanbuskirk
bbc3be3b6c
migrate buildpulse to integration test suite (#1775) 2023-09-13 15:25:12 -05:00
Mike Vanbuskirk
b4329e0825
add buildpulse config to sources (#1764)
* add buildpulse config to sources

* remove tab indentation

* add correct repo ID

* wrap test command in gotestsum

* exclusion should be detectors

* fix exclusions to match community-test

* update tag to reflect comm. tests
2023-09-13 11:34:53 -05:00
Zachary Rice
eee01e0361
bump go to 1.21 (#1623) 2023-08-14 15:36:25 -05:00