dependabot[bot]
86f80fc5a8
Bump github.com/sergi/go-diff from 1.2.0 to 1.3.1 ( #1023 )
...
Bumps [github.com/sergi/go-diff](https://github.com/sergi/go-diff ) from 1.2.0 to 1.3.1.
- [Release notes](https://github.com/sergi/go-diff/releases )
- [Commits](https://github.com/sergi/go-diff/compare/v1.2.0...v1.3.1 )
---
updated-dependencies:
- dependency-name: github.com/sergi/go-diff
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 15:26:29 -06:00
dependabot[bot]
c62eb18e6d
Bump github.com/xanzy/go-gitlab from 0.77.0 to 0.78.0 ( #1024 )
...
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.77.0 to 0.78.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases )
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.77.0...v0.78.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 15:25:04 -06:00
dependabot[bot]
8acd9fdd3b
Bump github.com/getsentry/sentry-go from 0.16.0 to 0.17.0 ( #1022 )
...
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go ) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases )
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.16.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 15:20:01 -06:00
ahrav
1621403e11
Add concurrency to CircleCi source ( #1029 )
...
* Small cleanup of CircleCi source.
* Add concurrency to circleci.
* merge w/ cleanup branch.
* Rdefine loop var.
* Delete github.go
* reverge file delete.
* Add debug log for scan errors.
* make collecting scanned errors thread safe.
* pre-allocate errors slice.
2023-01-17 12:24:49 -08:00
ahrav
319ae64a02
[chore] - Small cleanup of CircleCi source ( #1028 )
...
* Small cleanup of CircleCi source.
* address comments.
* Add context to methods as first param.
2023-01-17 09:36:18 -08:00
Dustin Decker
bc27fef7bc
remove logger from retryable client, it is not respecting loglevels ( #1020 )
2023-01-13 15:28:00 -08:00
Miccah
45b02f46d9
Record timestamp when a context was cancelled ( #1018 )
2023-01-13 12:21:09 -06:00
Cameron Lonsdale
0aa8e1cd98
Use access-token endpoint for validity check ( #991 )
2023-01-11 19:19:51 -08:00
ahrav
477e2a1332
Update entrypoint ( #1013 )
...
* Update entrypoint.
* update comment.
* Call each extra arg on its own.
* Update loop.
* Update extra args.
* Use miccah's magic script.
* Fix path to bash.
* update entrypoint.
* Add bash to Dockerfile.
* update goreleaser dockerfile.
2023-01-11 18:58:05 -08:00
Bill Rich
430d5c764c
Rename and export isGitSource ( #1016 )
2023-01-10 12:51:58 -08:00
Bill Rich
8b2e1d36cf
Copy metadata for line number aware sources ( #1011 )
...
* Copy metadata for line number aware sources
* Improve style
2023-01-10 09:35:44 -08:00
Clark Brown
864cf00337
Revert "Allow for default value to be used. ( #999 )" ( #1004 )
...
This reverts commit ee6817ad85
.
2023-01-09 18:09:58 -06:00
Miccah
e5ede17c77
Validate custom regular expressions on detector initialization ( #1010 )
...
* Validate custom regular expressions on detector initialization
* Add regex name to error message
2023-01-09 17:30:47 -06:00
Miccah
74831f63d5
Capture callstack of canceled contexts ( #979 )
2023-01-09 17:27:06 -06:00
ahrav
09d4422cdb
Handle invalid regex for custom detector. ( #1005 )
...
* Handle invalid regex for custom detector.
* Add comment highlighting invalid regex.
2023-01-09 09:45:30 -08:00
dependabot[bot]
7de0178842
Bump golang.org/x/crypto from 0.4.0 to 0.5.0 ( #1009 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:32:29 -08:00
dependabot[bot]
6d384ce3e8
Bump github.com/hashicorp/go-retryablehttp from 0.7.1 to 0.7.2 ( #1008 )
...
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp ) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/hashicorp/go-retryablehttp/releases )
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.1...v0.7.2 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-retryablehttp
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:31:23 -08:00
dependabot[bot]
0e24d406d5
Bump github.com/go-git/go-git/v5 from 5.5.1 to 5.5.2 ( #1007 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.5.1 to 5.5.2.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.5.1...v5.5.2 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:30:56 -08:00
dependabot[bot]
d72c31b8b6
Bump cloud.google.com/go/secretmanager from 1.9.0 to 1.10.0 ( #1006 )
...
Bumps [cloud.google.com/go/secretmanager](https://github.com/googleapis/google-cloud-go ) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/dlp/v1.9.0...asset/v1.10.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/secretmanager
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:29:26 -08:00
Yassine Ilmi
d720c0c0f3
Switch to retryableHttpClient for GitHub AuthN API Client + More Logs ( #995 )
...
* Adding missing flags to Readme
* Use retryableHttpClient by default for GitHub
* Adding repoUrl for scanning time log
* Use WithField instead of WithFields
* Updating README with lasted --help output
2023-01-09 09:21:56 -08:00
dependabot[bot]
705c01e5f3
Bump goreleaser/goreleaser-action from 3 to 4 ( #980 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 3 to 4.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:20:41 -08:00
Pulkit Aggarwal
fc6fd29f3f
Fix GitUrl Return ( #987 )
...
Co-authored-by: ahrav <ahravdutta02@gmail.com>
2023-01-09 09:17:30 -08:00
ahrav
ee6817ad85
Allow for default value to be used. ( #999 )
2023-01-06 16:05:02 -08:00
Dustin Decker
5f6143f09a
Add Circle CI source ( #997 )
...
* Add Circle CI source
* remove SHA1 line
* remove trim
2023-01-05 21:44:37 -08:00
ahrav
3fadec950e
Make GA action default base an empty string. ( #996 )
2023-01-05 16:48:07 -08:00
Yassine Ilmi
330a6f7cdc
Removing Debug version Println to logrus debug ( #993 )
2023-01-03 10:36:27 -06:00
ahrav
009756dce6
add proto that was missing. ( #986 )
2022-12-23 13:27:07 -08:00
Miccah
8859771a2a
Remove custom log leveler ( #985 )
...
Instead of manually using a log leveler, rely on the global one defined
in the `log` package.
2022-12-20 19:03:53 -06:00
Miccah
130d5ae3ad
Add custom regex detector docs ( #983 )
2022-12-20 18:24:41 -06:00
Miccah
f5b83ee2a5
Add configuration parsing and custom detectors to engine ( #968 )
...
* Add configuration parsing for custom detectors
* Error on empty filename
2022-12-20 10:14:49 -06:00
dependabot[bot]
cc6bd31586
Bump golang.org/x/crypto from 0.3.0 to 0.4.0 ( #982 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 15:45:21 -08:00
dependabot[bot]
e3b6de0fdc
Bump github.com/xanzy/go-gitlab from 0.76.0 to 0.77.0 ( #981 )
...
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.76.0 to 0.77.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases )
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.76.0...v0.77.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 15:32:16 -08:00
ahrav
936a139596
Allow using a glob for include list. ( #977 )
...
* Allow using a glob for include list.
* Update command flag.
* Make comment more clear.
* update comment.
* Allow scanning repo and org at the same time.
2022-12-16 13:28:16 -08:00
Gonçalo Silva
e091fab94f
Use Todoist's REST API v2 ( #978 )
...
v1 was deprecated on December 5, 2022.
2022-12-14 16:52:19 -08:00
Miccah
861ad057c7
Implement CustomRegex detector ( #950 )
...
* Remove verifying successRanges because it is unused in webhook
* Move custom_detectors validation code into its own file
* Initial implementation of custom regex detector
Secret verification is done via webhook.
* Add CustomRegex detector type
* Add upper bound to permutation
* Return early if the context is canceled
* Add headers from configuration
* Add detector name as a key in the JSON body
* Implement faster algorithm for productIndices
2022-12-14 10:26:53 -06:00
Bill Rich
36ca2601e0
Add s3 object count to trace logs ( #975 )
...
* Add s3 object count to trace logs
* fix debug level
2022-12-13 16:46:09 -08:00
Miccah
7ac7fdae44
Add more logging for git sources ( #974 )
2022-12-13 17:51:57 -06:00
dependabot[bot]
6dd0441f6c
Bump github.com/envoyproxy/protoc-gen-validate from 0.6.13 to 0.9.1 ( #963 )
...
Bumps [github.com/envoyproxy/protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate ) from 0.6.13 to 0.9.1.
- [Release notes](https://github.com/envoyproxy/protoc-gen-validate/releases )
- [Changelog](https://github.com/bufbuild/protoc-gen-validate/blob/main/.goreleaser.yaml )
- [Commits](https://github.com/envoyproxy/protoc-gen-validate/compare/v0.6.13...v0.9.1 )
---
updated-dependencies:
- dependency-name: github.com/envoyproxy/protoc-gen-validate
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-12 16:02:35 -08:00
dependabot[bot]
a0b8edd987
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.5.1 ( #972 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.4.2 to 5.5.1.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.4.2...v5.5.1 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-12 15:56:26 -08:00
ahrav
26befdd1ec
[bug] - Handle error when scanning s3 bucket. ( #969 )
...
* Handle error when scanning s# bucket.
* move wait outside loop.
* Add logging.
* revert changes.
* remove.
* revert.
2022-12-12 10:10:06 -08:00
dependabot[bot]
4020c4002b
Bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0 ( #973 )
...
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go ) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases )
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.15.0...v0.16.0 )
---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-12 10:09:44 -08:00
dependabot[bot]
aada296ddc
Bump go.mongodb.org/mongo-driver from 1.11.0 to 1.11.1 ( #971 )
...
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver ) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases )
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.11.0...v1.11.1 )
---
updated-dependencies:
- dependency-name: go.mongodb.org/mongo-driver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-12 10:08:52 -08:00
Bill Rich
f3249009f7
Bump github.com/bill-rich/disk-buffer-reader from v0.1.6 to v0.1.7 ( #970 )
2022-12-09 15:52:41 -08:00
dependabot[bot]
544359eee6
Bump github.com/xanzy/go-gitlab from 0.74.0 to 0.76.0 ( #934 )
...
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.74.0 to 0.76.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases )
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.74.0...v0.76.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-09 17:01:27 -06:00
Dustin Decker
7de9bdd12d
Support globbing with ignore repos ( #967 )
2022-12-09 12:10:42 -08:00
ahrav
a72b9feb35
Only scan org with --org flag. ( #931 )
2022-12-06 16:18:48 -08:00
dependabot[bot]
f008d4bead
Bump go.uber.org/zap from 1.23.0 to 1.24.0 ( #955 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.23.0 to 1.24.0.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.23.0...v1.24.0 )
---
updated-dependencies:
- dependency-name: go.uber.org/zap
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 15:38:28 -08:00
dependabot[bot]
6ee3000e53
Bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 ( #954 )
...
Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/go-sql-driver/mysql/releases )
- [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md )
- [Commits](https://github.com/go-sql-driver/mysql/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-sql-driver/mysql
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 15:37:32 -08:00
Pulkit Aggarwal
d96b7f8468
Update Adding_Detectors_external.md ( #957 )
2022-12-06 15:36:55 -08:00
Bill Rich
335ce85ce4
Export line number code ( #962 )
2022-12-06 15:31:15 -08:00