renovate[bot]
a7699f8c24
chore(deps): update sigstore/cosign-installer action to v3.5.0 ( #2695 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-10 17:56:46 -07:00
Dustin Decker
41d58739bd
Use go 1.22 ( #2599 )
...
* Use go 1.22
* install non-pro goreleaser
* increment go-version
* build w/ go 1.22 for codeql
2024-03-22 08:23:04 -07:00
Richard Gomez
f5025fd382
Add --results
flag ( #2372 )
...
This is a follow-up to #2107 and #2335 . It adds a new (hidden) --results flag that allows a user to show any combination of verified, unverified, and indeterminate secrets.
2024-03-15 10:19:31 -04:00
renovate[bot]
af7f81185b
chore(deps): update golangci/golangci-lint-action action to v4 ( #2445 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 19:17:05 -08:00
renovate[bot]
939aca2e69
chore(deps): update github/codeql-action action to v3 ( #2444 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 19:16:48 -08:00
renovate[bot]
774c48545e
chore(deps): update actions/setup-go action to v5 ( #2443 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 19:15:50 -08:00
renovate[bot]
2923d90bd7
chore(deps): update sigstore/cosign-installer action to v3.4.0 ( #2421 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-11 17:18:48 -08:00
Zachary Rice
adc09c0533
skip community PR (forks) secret scans for now ( #2401 )
2024-02-08 13:29:57 -06:00
Zachary Rice
02fe9e189b
Set GHA workdir ( #2393 )
...
* set workdir to tmp
* add workflow dispatch for easier on demand dogfooding
2024-02-07 08:14:33 -06:00
faktas2
76fcdae3a0
Add the new MaxMind license key format ( #2181 )
...
* Add the new MaxMind license key format
* feedback
* reorg rules
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-01-26 11:49:47 -08:00
Dustin Decker
3a6cfd9d97
Prevent print or logging in detectors ( #2341 )
...
* Prevent print or logging in detectors
* mount repo
* update job name
2024-01-26 11:39:41 -08:00
renovate[bot]
fe94986911
chore(deps): update sigstore/cosign-installer action to v3.3.0 ( #2290 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-11 11:25:29 -08:00
joeleonjr
a6364415e6
shallow cloning + GitHub Action ( #2138 )
...
* proposed shallow cloning gh action
* removing unnecessary steps
* adding back in git checkout
* removed git cloning + added backward compatibility
2023-12-19 14:56:55 -05:00
Richard Gomez
2928e2ee76
ci: don't run detector tests on forks ( #2234 )
2023-12-17 08:32:07 -08:00
Richard Gomez
b0fab16ad4
chore: don't run test workflow in forks ( #2221 )
2023-12-14 16:48:48 -08:00
renovate[bot]
16cf858495
chore(deps): update google-github-actions/auth action to v2 ( #2171 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-04 16:46:56 -08:00
renovate[bot]
02ba66d296
chore(deps): update sigstore/cosign-installer action to v3.2.0 ( #2149 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-01 10:48:34 -08:00
Shubham Hibare
11df3dc747
feat(signing): Sign checksum ( #1894 )
...
* Add checksum signing
* Update readme
2023-11-21 14:02:28 -08:00
Dustin Decker
d0653b22ee
update renovate config and remove dependabot ( #1994 )
2023-10-25 18:14:08 -07:00
dependabot[bot]
83391d31da
Bump docker/setup-qemu-action from 2 to 3 ( #1845 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 07:45:47 -07:00
dependabot[bot]
df5fa56429
Bump goreleaser/goreleaser-action from 4 to 5 ( #1844 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4 to 5.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 07:40:28 -07:00
dependabot[bot]
222a47d9f3
Bump mikepenz/action-junit-report from 3 to 4 ( #1843 )
...
Bumps [mikepenz/action-junit-report](https://github.com/mikepenz/action-junit-report ) from 3 to 4.
- [Release notes](https://github.com/mikepenz/action-junit-report/releases )
- [Commits](https://github.com/mikepenz/action-junit-report/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: mikepenz/action-junit-report
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 07:40:00 -07:00
dependabot[bot]
dd183fab83
Bump docker/login-action from 2 to 3 ( #1846 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 07:39:13 -07:00
dependabot[bot]
c7965b2df6
Bump actions/checkout from 3 to 4 ( #1842 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 07:37:57 -07:00
Dustin Decker
5afc7a32ca
fix detector test action ( #1805 )
2023-09-21 15:16:00 -07:00
Dustin Decker
b66bd9544c
aggregate detector tests daily ( #1800 )
...
* aggregate detector tests daily
* add manual dispatch
* fix test
2023-09-21 10:32:40 -07:00
Mike Vanbuskirk
bbc3be3b6c
migrate buildpulse to integration test suite ( #1775 )
2023-09-13 15:25:12 -05:00
Mike Vanbuskirk
b4329e0825
add buildpulse config to sources ( #1764 )
...
* add buildpulse config to sources
* remove tab indentation
* add correct repo ID
* wrap test command in gotestsum
* exclusion should be detectors
* fix exclusions to match community-test
* update tag to reflect comm. tests
2023-09-13 11:34:53 -05:00
Zachary Rice
eee01e0361
bump go to 1.21 ( #1623 )
2023-08-14 15:36:25 -05:00
Zachary Rice
91aa75679b
broken link ( #1592 )
2023-08-01 16:13:22 -05:00
Zachary Rice
b906a51d5c
updating github templates ( #1587 )
...
* updating github templates
* address miccahs comments
* remove community note comment
2023-08-01 15:25:33 -05:00
Zachary Rice
be68eb044a
Decrease frequency of dependabot alerts to monthly ( #1524 )
...
* Barely useful
* Update dependabot.yml
2023-07-21 11:22:03 -05:00
Cody Rose
f6aaa4924f
use go 1.20 for all github workflows ( #1508 )
2023-07-18 12:41:51 -04:00
Zachary Rice
0bbe62cec5
Update tests for forks so we don't fail on everything ( #1475 )
...
* Update gh action
2023-07-11 08:13:00 -05:00
Mike Vanbuskirk
1d9d6b6039
needed perms for running workflows against forks ( #1348 )
...
Co-authored-by: ahrav <ahravdutta02@gmail.com>
2023-05-19 15:31:20 -04:00
Zachary Rice
21258f4160
add performance test ( #1301 )
...
* add performance test
* only run on PRs, test out failure
* remove extras
2023-05-01 10:54:05 -05:00
Dustin Decker
65305ed9f6
Scan only for verified secrets in our CI ( #1310 )
2023-05-01 10:28:46 -05:00
Miccah
3932486ea9
Add lint for exporting loop references ( #1232 )
2023-04-03 09:26:32 -05:00
Batuhan Ceylan
9b941efa1a
Bump go
from 1.18
to 1.20
( #1230 )
...
* Bump `go` from `1.18` to `1.20`
* satisfy linter
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-03-31 14:37:03 -07:00
Zachary Rice
c4f08e3f17
Run golang lint on entire repo instead of patches ( #1214 )
...
* lint on all branches to catch warnings earlier
* lint entire source on PRs
* fix lint
2023-03-28 15:01:44 -05:00
Dustin Decker
cb454bfc05
Add GitHub Actions output ( #1201 )
...
* Add GitHub Actions output
Co-authored-by: Mike Vanbuskirk <mike.vanbuskirk@trufflesec.com>
2023-03-28 09:07:26 -07:00
dependabot[bot]
87c9e0db07
Bump actions/setup-go from 3 to 4 ( #1191 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-21 12:50:12 -07:00
Dustin Decker
4500ac3b10
Release should only run on tags ( #1146 )
2023-03-02 09:57:38 -08:00
Mike Vanbuskirk
57983aed4e
adds TESTING doc w. steps for local GHA tests ( #1093 )
...
make doc wording more explicit
2023-02-13 13:06:50 -05:00
Dustin Decker
ae14e4506f
add smoke test ( #1099 )
2023-02-11 11:09:36 -08:00
dependabot[bot]
705c01e5f3
Bump goreleaser/goreleaser-action from 3 to 4 ( #980 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 3 to 4.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:20:41 -08:00
dependabot[bot]
1228127d12
Bump google-github-actions/auth from 0 to 1 ( #912 )
...
Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth ) from 0 to 1.
- [Release notes](https://github.com/google-github-actions/auth/releases )
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google-github-actions/auth/compare/v0...v1 )
---
updated-dependencies:
- dependency-name: google-github-actions/auth
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-16 08:46:26 -08:00
Dustin Decker
fcd580406e
A few improvements ( #809 )
...
* Run integration tests
* Update examples
* Import mongodb
2022-09-19 13:23:25 -07:00
Dustin Decker
0eac3be94c
ci improvements
2022-05-23 21:13:32 -07:00
dependabot[bot]
3c5c2b6d28
Bump goreleaser/goreleaser-action from 2 to 3 ( #569 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 2 to 3.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-23 11:22:44 -07:00