Bill Rich
7273dc9058
Archive decoder ( #683 )
...
* Archive decoder
* Fix reader handling
* Seek error handling
* Add tests
* Fix extra empty chunk
* Sync chunk size
2022-08-02 20:36:21 -07:00
Dustin Decker
047e2b4607
Copy entrypoint changes into goreleaser Dockerfile build to fix github action ( #686 )
2022-08-02 12:50:26 -07:00
dependabot[bot]
29f12d2d35
Bump google.golang.org/protobuf from 1.28.0 to 1.28.1 ( #681 )
...
Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go ) from 1.28.0 to 1.28.1.
- [Release notes](https://github.com/protocolbuffers/protobuf-go/releases )
- [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash )
- [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.28.0...v1.28.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 11:53:33 -07:00
Jeff Wenzbauer
4a3bba78cc
Update github action to support generic cli command input ( #670 )
...
* Update github action to support generic cli command input
* revert removal of inputs
* echo in entrypoint
* test custom docker image
* revert docker image reference
2022-08-01 15:05:08 -07:00
dependabot[bot]
dc516933f3
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 ( #669 )
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-28 16:26:13 -07:00
dependabot[bot]
ff8cf8fa09
Bump github.com/aws/aws-sdk-go from 1.44.56 to 1.44.61 ( #668 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.56 to 1.44.61.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.56...v1.44.61 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-28 16:15:42 -07:00
Dustin Decker
5b7eff5c57
Improve test filtering in Makefile ( #673 )
2022-07-28 13:27:57 -07:00
ahrav
21e1ff4a8a
Fix the order to correctly match the params in NewGit. ( #676 )
2022-07-28 13:23:45 -07:00
Adrian Gąsior
0752503872
refactor: improved Dockerfile ( #672 )
2022-07-26 13:43:42 -07:00
Ariel Ril
4b0315c90a
added support for gitlab subgroups ( #664 )
2022-07-26 13:37:37 -07:00
trufflesteeeve
176552b07a
Fix commit attribution, git tests, and run make protos ( #667 )
...
* Update dependency to fix commit attribution, fix git tests
* Run make protos to match code with current proto definitions
2022-07-25 11:44:15 -04:00
Ariel Ril
2515fbeebe
added http protocol support for gitlab repositories ( #662 )
2022-07-20 10:35:24 -07:00
trufflesteeeve
3b655870c4
Update gitleaks to custom8 ( #663 )
2022-07-20 13:31:01 -04:00
dependabot[bot]
910072d89f
Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.0.4 to 2.1.0 ( #661 )
...
Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation ) from 2.0.4 to 2.1.0.
- [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases )
- [Commits](https://github.com/bradleyfalzon/ghinstallation/compare/v2.0.4...v2.1.0 )
---
updated-dependencies:
- dependency-name: github.com/bradleyfalzon/ghinstallation/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 17:04:12 -07:00
dependabot[bot]
33a7ccbb91
Bump github.com/xanzy/go-gitlab from 0.65.0 to 0.69.0 ( #660 )
...
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.65.0 to 0.69.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases )
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.65.0...v0.69.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 17:02:27 -07:00
dependabot[bot]
175306d88d
Bump github.com/aws/aws-sdk-go from 1.44.51 to 1.44.56 ( #659 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.51 to 1.44.56.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.51...v1.44.56 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 17:01:37 -07:00
trufflesteeeve
20051e7ec1
Add SlackTokens option for slack credentials ( #647 )
2022-07-18 14:51:27 -04:00
trufflesteeeve
96106563a9
Remove git fragment trace ( #656 )
...
The fragment trace was a bit too verbose even at the trace level. We may
want to trace the file being chunked or something like that, but not the
entire diff.
2022-07-14 13:13:23 -04:00
Dustin Decker
2741fd8387
Add codeowners file ( #653 )
2022-07-12 18:06:35 -07:00
Dustin Decker
2d3ddad076
Pr/589 ( #654 )
...
* added common regex patterns for detectors
* For HexPattern
* enhancements
* used parseInt
* enhancement
* enhanced regex for email and subdomain
* enhancement for email pattern
* update pattern and detector
Co-authored-by: Roxanne Tampus <roxannetampus02@gmail.com>
2022-07-12 08:34:02 -07:00
dependabot[bot]
3053169a0d
Bump github.com/aws/aws-sdk-go from 1.44.49 to 1.44.51 ( #648 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.49 to 1.44.51.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.49...v1.44.51 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-11 09:03:51 -07:00
roxanne-tampus
e9f503a083
added new detectors ( #639 )
...
* added new detectors
* added gemini
2022-07-08 08:19:03 -07:00
Dustin Decker
c2426df4d6
Disable sentiment verifier and update teams webhook to avoid being stateful ( #646 )
2022-07-07 16:55:45 -07:00
Miccah
c4ca7d7c8b
Mark detector tests with a build flag ( #613 )
2022-07-07 10:27:21 -07:00
dependabot[bot]
721a33ee09
Bump github.com/rs/zerolog from 1.26.1 to 1.27.0 ( #621 )
...
Bumps [github.com/rs/zerolog](https://github.com/rs/zerolog ) from 1.26.1 to 1.27.0.
- [Release notes](https://github.com/rs/zerolog/releases )
- [Commits](https://github.com/rs/zerolog/compare/v1.26.1...v1.27.0 )
---
updated-dependencies:
- dependency-name: github.com/rs/zerolog
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-07 10:19:48 -07:00
dependabot[bot]
d1cb7e6f83
Bump github.com/aws/aws-sdk-go from 1.44.20 to 1.44.49 ( #645 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.20 to 1.44.49.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.20...v1.44.49 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-07 10:19:30 -07:00
dependabot[bot]
7d97119bae
Bump cloud.google.com/go/secretmanager from 1.4.0 to 1.5.0 ( #641 )
...
Bumps [cloud.google.com/go/secretmanager](https://github.com/googleapis/google-cloud-go ) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/dlp/v1.4.0...redis/v1.5.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/secretmanager
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-07 10:16:27 -07:00
dependabot[bot]
2bbc264891
Bump github.com/stretchr/testify from 1.7.2 to 1.8.0 ( #642 )
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.7.2 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.7.2...v1.8.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-07 10:15:47 -07:00
Miccah
8e6289e70c
Test numeric password redaction ( #644 )
2022-07-07 10:13:50 -07:00
ahrav
5ac54ac107
[THOG-531] - remove ending word boundary AWS detector ( #637 )
...
* Remove the ending word boundary for the AWS dectector. This will prevent missing secrets that end with / due to it not being ASCII.
* Update regex to be more strict.
2022-07-07 10:10:33 -07:00
Dustin Decker
db7045acb1
Update go-gitdiff dependency to fix hanging issue ( #632 )
2022-06-24 14:11:35 -07:00
Dustin Decker
85ed11519f
fix npd for incompatible sources on json legacy output ( #623 )
2022-06-21 09:50:55 -07:00
trufflesteeeve
d1a81afbb5
Only include one result per AWS Key ID, preferably verified ( #619 )
...
Also ignore unverified results that match hashes, because they are
probably just hashes.
2022-06-17 16:22:36 -04:00
trufflesteeeve
e793f4a5e6
Properly count the number of repos after a github scan resume ( #625 )
2022-06-17 16:21:22 -04:00
trufflesteeeve
10f4d02c31
Allow gitlab to resume from encoded resume info ( #611 )
2022-06-17 11:45:17 -04:00
Dustin Decker
ffacaa1816
replace dependency with patched version
2022-06-14 21:17:26 -07:00
Dustin Decker
2527ee26e6
improve zombie fix
2022-06-14 20:21:39 -07:00
Dustin Decker
423040f80b
upgrade dependency
2022-06-13 23:48:22 -07:00
Dustin Decker
2f006f5590
fix dockerfiles
2022-06-13 19:45:24 -07:00
Dustin Decker
0570e0fea4
bump dependency
2022-06-13 18:56:22 -07:00
Dustin Decker
2178f1f42e
reword and fix error logging
2022-06-13 16:14:22 -07:00
trufflesteeeve
e123e9f177
Cleanup individual repositories after scanning ( #614 )
2022-06-10 14:00:50 -04:00
Dustin Decker
9bcddbc45a
Change GHE org enum to use since ID instead of pages ( #618 )
...
* Change GHE org enum to use since ID instead of pages
* fix logging
2022-06-09 15:09:13 -07:00
trufflesteeeve
26bf1664eb
Move aws detector back to ID checking against secrets, make ID the redacted secret ( #617 )
2022-06-09 15:06:08 -07:00
Dustin Decker
8051b03bbf
improve debug logging for GHE enum ( #615 )
2022-06-08 13:56:07 -07:00
Dustin Decker
1a12a25f4d
Enumerate all visible orgs in GHE ( #612 )
2022-06-07 09:24:31 -07:00
Dustin Decker
e3bbf293e2
Fix NPD on mutex ( #609 )
...
* Fix NPD on mutex
* fix test
2022-06-06 17:20:27 -07:00
Miccah
9074006695
Fix bug in GitHub unit test mocking ( #608 )
2022-06-06 16:58:34 -07:00
dependabot[bot]
56c8717e2f
Bump github.com/stretchr/testify from 1.7.1 to 1.7.2 ( #606 )
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-06 15:19:47 -07:00
trufflesteeeve
fd79a367f1
Allow github to resume from encoded resume info ( #601 )
2022-06-06 12:08:57 -04:00