Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bump trufflesecurity/trufflehog from 3.44.0 to 3.45.3 (#225)
Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.44.0 to 3.45.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/trufflesecurity/trufflehog/releases">trufflesecurity/trufflehog's releases</a>.</em></p> <blockquote> <h2>v3.45.3</h2> <h2>What's Changed</h2> <ul> <li>Initial implementation of JobReport with SourceManager usage by <a href="https://github.com/mcastorina"><code>@mcastorina</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1557">trufflesecurity/trufflehog#1557</a></li> <li>Add path (location of file) to Google Drive proto by <a href="https://github.com/zubairk14"><code>@zubairk14</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1566">trufflesecurity/trufflehog#1566</a></li> <li>move false positive check in alchemy detector by <a href="https://github.com/rosecodym"><code>@rosecodym</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1532">trufflesecurity/trufflehog#1532</a></li> <li>Fix gitparse from panicking on a nil-pointer by <a href="https://github.com/mcastorina"><code>@mcastorina</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1570">trufflesecurity/trufflehog#1570</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/trufflesecurity/trufflehog/compare/v3.45.2...v3.45.3">https://github.com/trufflesecurity/trufflehog/compare/v3.45.2...v3.45.3</a></p> <h2>v3.45.2</h2> <h2>What's Changed</h2> <ul> <li>Pass GitHub apiEndpoint for basic or no auth by <a href="https://github.com/rgmz"><code>@rgmz</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1454">trufflesecurity/trufflehog#1454</a></li> <li>Bump github.com/xanzy/go-gitlab from 0.86.0 to 0.88.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1522">trufflesecurity/trufflehog#1522</a></li> <li>Bump github.com/google/go-containerregistry from 0.14.0 to 0.15.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1504">trufflesecurity/trufflehog#1504</a></li> <li>Add SourceManager tests for Run and Wait methods by <a href="https://github.com/mcastorina"><code>@mcastorina</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1530">trufflesecurity/trufflehog#1530</a></li> <li>Improve log message when scanning GitHub comments by <a href="https://github.com/rgmz"><code>@rgmz</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1553">trufflesecurity/trufflehog#1553</a></li> <li>Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.4.0 to 2.6.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1503">trufflesecurity/trufflehog#1503</a></li> <li>Bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1554">trufflesecurity/trufflehog#1554</a></li> <li>[MongoDB] Detect CosmoDB access keys by <a href="https://github.com/rgmz"><code>@rgmz</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1511">trufflesecurity/trufflehog#1511</a></li> <li>Override broken dependency version by <a href="https://github.com/dustin-decker"><code>@dustin-decker</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1558">trufflesecurity/trufflehog#1558</a></li> <li>Add azure repos protos by <a href="https://github.com/ahrav"><code>@ahrav</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1559">trufflesecurity/trufflehog#1559</a></li> <li>add merge support by <a href="https://github.com/zricethezav"><code>@zricethezav</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1561">trufflesecurity/trufflehog#1561</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/trufflesecurity/trufflehog/compare/v3.45.1...v3.45.2">https://github.com/trufflesecurity/trufflehog/compare/v3.45.1...v3.45.2</a></p> <h2>v3.45.1</h2> <h2>What's Changed</h2> <ul> <li>[chore] - optimize chunker by <a href="https://github.com/ahrav"><code>@ahrav</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1535">trufflesecurity/trufflehog#1535</a></li> <li>Add commitsScanned metrics by <a href="https://github.com/bill-rich"><code>@bill-rich</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1533">trufflesecurity/trufflehog#1533</a></li> <li>Make Ahocorasick matching case insensitive by <a href="https://github.com/zricethezav"><code>@zricethezav</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1547">trufflesecurity/trufflehog#1547</a></li> <li>Fix data race in context wrapper library by <a href="https://github.com/mcastorina"><code>@mcastorina</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1546">trufflesecurity/trufflehog#1546</a></li> <li>Update gitparse logic by <a href="https://github.com/rgmz"><code>@rgmz</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1486">trufflesecurity/trufflehog#1486</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/trufflesecurity/trufflehog/compare/v3.45.0...v3.45.1">https://github.com/trufflesecurity/trufflehog/compare/v3.45.0...v3.45.1</a></p> <h2>v3.45.0</h2> <h2>What's Changed</h2> <ul> <li>[chore] - Update loop to switch. by <a href="https://github.com/ahrav"><code>@ahrav</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1487">trufflesecurity/trufflehog#1487</a></li> <li>Rewrite SourceUnitEnumerator to use UnitReporter instead of a channel by <a href="https://github.com/mcastorina"><code>@mcastorina</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1485">trufflesecurity/trufflehog#1485</a></li> <li>Define SourceUnit chunking interface by <a href="https://github.com/mcastorina"><code>@mcastorina</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1484">trufflesecurity/trufflehog#1484</a></li> <li>fix twilio verification side effect by <a href="https://github.com/brandonjyan"><code>@brandonjyan</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1494">trufflesecurity/trufflehog#1494</a></li> <li>Fix URI detector false positives when the redacted password has been URL encoded by <a href="https://github.com/trufflesteeeve"><code>@trufflesteeeve</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1489">trufflesecurity/trufflehog#1489</a></li> <li>add envoy api key scanner by <a href="https://github.com/brandonjyan"><code>@brandonjyan</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1482">trufflesecurity/trufflehog#1482</a></li> <li>add couchbase scanner to defaults by <a href="https://github.com/brandonjyan"><code>@brandonjyan</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1497">trufflesecurity/trufflehog#1497</a></li> <li>tweak jdbc redaction by <a href="https://github.com/rosecodym"><code>@rosecodym</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1490">trufflesecurity/trufflehog#1490</a></li> <li>add launch_darkly keyword to launchdarkly scanner by <a href="https://github.com/brandonjyan"><code>@brandonjyan</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1495">trufflesecurity/trufflehog#1495</a></li> <li>[chore] - update detector template file by <a href="https://github.com/ahrav"><code>@ahrav</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/1500">trufflesecurity/trufflehog#1500</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/6bd48583ae960fe2208e031d06860b62509eb3ca"><code>6bd4858</code></a> Fix gitparse from panicking on a nil-pointer (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1570">#1570</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/431d26f5fa9e4afca9ba3c65b1adbeb75cef8fe6"><code>431d26f</code></a> move false positive check in alchemy detector (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1532">#1532</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/9f3809f19e4d7ceb9cb9a17d46d15abe7efef27c"><code>9f3809f</code></a> gdrive proto change (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1566">#1566</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/e391e89f3e13ffba7463a3c536a9ddd96cb9f4f8"><code>e391e89</code></a> Initial implementation of JobReport with SourceManager usage (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1557">#1557</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/3897454dbb4c0ead36324b09f61967ca0fe1da56"><code>3897454</code></a> add merge support (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1561">#1561</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/ade5d91d5ca94e996377b1909a802dd9dbc51b6b"><code>ade5d91</code></a> Add azure repos protos. (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1559">#1559</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/84d4bf0d510da7c7ebe1556c9f3d2979caaac5c4"><code>84d4bf0</code></a> Override broken dependency version (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1558">#1558</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/f925da7ceae1d08cc7da2bce03c4348379eae562"><code>f925da7</code></a> fix(mongodb): detect CosmoDB access keys (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1511">#1511</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/e0011ac08e81ec18cfeaf30ee441865767298c2c"><code>e0011ac</code></a> Bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1554">#1554</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/7a29f8a514635164e7610fd1f343ffd34601c756"><code>7a29f8a</code></a> Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.4.0 to 2.6.0 (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1503">#1503</a>)</li> <li>Additional commits viewable in <a href="https://github.com/trufflesecurity/trufflehog/compare/v3.44.0...v3.45.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=trufflesecurity/trufflehog&package-manager=github_actions&previous-version=3.44.0&new-version=3.45.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
- Loading branch information