Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

gitleaks-8.21.2-1.2 RPM for s390x

From OpenSuSE Ports Tumbleweed for s390x

Name: gitleaks Distribution: openSUSE:Factory:zSystems
Version: 8.21.2 Vendor: openSUSE
Release: 1.2 Build date: Tue Oct 29 15:00:10 2024
Group: Unspecified Build host: reproducible
Size: 8465525 Source RPM: gitleaks-8.21.2-1.2.src.rpm
Packager: https://bugs.opensuse.org
Url: https://github.com/gitleaks/gitleaks
Summary: Protect and discover secrets using Gitleaks
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like
passwords, api keys, and tokens in git repos. Gitleaks is an easy-to-use,
all-in-one solution for detecting secrets, past or present, in your code.

Provides

Requires

License

MIT

Changelog

* Tue Oct 29 2024 [email protected]
  - Update to version 8.21.2:
    * feat(rules): create Octopus Deploy api key (#1602)
    * fix(aws-access-token): only match if correct length (#1584)
    * fix(config): ignore jquery/swagger w/o version (#1607)
    * feat: add new GitLab tokens (#1560)
    * feat(generic-api-key): tune false positives (#1606)
    * Create .gitleaks.toml (#1605)
    * feat(curl): tweak tps and fps (#1603)
    * feat(config): ignore swagger-ui assets (#1604)
    * feat(generic-api-key): exclude keywords (#1587)
    * feat(okta): bump entropy to 4 (#1599)
    * feat: update global allowlist (#1597)
    * refactor(allowlist): deduplicate commits & keywords (#1596)
    * feat(config): ignore jquery static assets (#1595)
    * More rule fixes (#1586)
    * chore: log skipped symlinks (#1591)
    * feat: match left side of identifier (#1585)
    * what secrets?
    * fix(rules): add entropy (#1580)
    * feat(aws): add entropy & allowlist (#1582)
    * feat(rules): add 1password token (#1583)
    * feat(config): add curl header rule (#1576)
* Fri Oct 18 2024 [email protected]
  - Update to version 8.21.1:
    * feat: add curl basic auth rule (#1575)
    * Update spelling in README.md (#1574)
    * refactor(allowlist): use iota for condition (#1569)
    * refactor(config): temporarily switch to [rules.allowlist]
      (#1573)
* Tue Oct 15 2024 [email protected]
  - Update to version 8.21.0:
    * Define multiple allowlists per rule (#1496)
    * build: upgrade gitleaks/go-gitdiff to v0.9.1 (#1559)
    * Fix rule extension (#1556)
    * Update base config allowlist (#1555)
    * feat(azure): detect Azure AD client secrets (#1199)
    * chore: match gitleaks.toml anywhere (#1553)
* Fri Oct 11 2024 [email protected]
  - Update to version 8.20.1:
    * feat(config): add placeholder regexes to global allowlist
      (#1547)
    * feat: add PrivateAI rule (#1548)
    * Bump golang verion used in docker build to match version
      specified in go.mod (#1551)
    * feat: add cohere rule (#1549)
    * feat(generate): generate global (#1546)
    * Feat/nuget config password rule (#1540)
* Fri Oct 04 2024 [email protected]
  - Update to version 8.20.0:
    * Make private key check less greedy and include fifth dash
      (#1440)
    * print tags if they exist
    * Decode Base64 (#1488)
    * refactor(config): keyword map (#1538)
    * fix: use regexTarget for extend config (#1536)
    * feat: bump go to 1.22 (#1537)
    * fix: handle pre-commit and staged (#1533)
    * Bugfix/1352 incorrect report multiple lines (#1501)
* Fri Sep 27 2024 [email protected]
  - Update to version 8.19.3:
    * fix(config): extend allowlist & handle extend when validating
      (#1524)
    * refactor(kubernetes-secret): tweak variable chars (#1520)
    * Revert "remove validate config test temporarily" (#1529)
    * feat: create fly.io rule (#1528)
    * fix: to many false-positive for gltf files, add gltf suffix to
      allowlist (#1527)
    * Add support in .gitleaksignore file comment strings  (#1425)
      (#1502)
    * Restrict Etsy keywords (#1491)
    * feat(github): add entropy to rule (#1489)
    * feat(gcp): update api key rule (#1481)
    * fix(hashicorp): ignore common fps (#1498)
    * fix(square): make prefix case sensitive (#1469)
    * refactor(kubernetes-secret): collapse rules and update regex
      (#1462)
* Sat Sep 21 2024 [email protected]
  - Update to version 8.19.2:
    * fix(rule): comment out errant validation case (#1509)
    * remove validate config test temporarily
    * Update README.md
* Sat Sep 14 2024 [email protected]
  - Update to version 8.19.1:
    * fix flag access (#1506)
* Sat Sep 14 2024 [email protected]
  - Update to version 8.19.0:
    * Deprecate `detect` and `protect`. Add `git`, `dir`, `stdin`
      (#1504)
    * Update Harness rules to add _ and - in the account ID part.
      (#1503)
    * chore: fix gl workflow error (#1487)
    * Make config generation utils public (#1480)
    * Update Hashicorp Vault token pattern (#1483)
    * feat(config): update rule validation (#1466)
    * Update .gitleaksignore
    * fix(detect): handle EOF with bytes (#1472)
    * Added poetry.lock to default allowlist paths (#1474)
    * refactor(sarif): remove |name| and change |shortDescription|
      (#1473)
    * Use rule id for config validation error (#1463)
    * Use first non-empty group if `secretGroup` isn't set (#1459)
    * chore: remove unnecessary capture groups (#1460)
    * Return non-0 exit code  from `DetectGit` (#1461)
    * add gradle verification-metadata.xml to global allowlist
      (#1446)
    * feat(openshift): add user token (#1449)
    * (feat): Adding secret detection rule for Kubernetes secrets
      (#1454)
    * add version to default
    * Add go.work and go.work.sum to global allowlist (#1353)
    * Add harness PAT and SAT rules (#1406)
    * Update README.md
* Fri Jun 14 2024 [email protected]
  - Update to version 8.18.4:
    * Limit hashicorp-tf-password to .tf/.hcl files (#1420)
    * rm print
    * reduce telegram... todo url and xml for later
    * coderabbit.ai <3
    * Add NewRelic insert key detection (#1417)
    * Improved Telegram bot token rule regex and added more test
      cases (#1404)
    * Add intra42 client secret (#1408)
* Sat Jun 01 2024 [email protected]
  - Update to version 8.18.3:
    * extend FB access token discovery (#1407)
    * tests: scalingo validation consistent test (#1359)
    * add real (test) standard and restricted keys (#1375)
    * Add Cloudflare API and Origin CA keys (#1374)
    * Update "contributing guidelines" link (#1390)
    * add update token from square (#1370)
    * feat: facebook secret, access token, and page access token
      rules (#1372)
    * update mailchimp with new tokens (#1376)
    * Append ordered rules when extending (#1304)
    * fix: age rule id with dashes (#1349)
    * patching golang.org/x/text for CVE-2021-38561 and
      CVE-2022-32149 (#1342)
    * Use latest base images. (#1334)
* Sun May 05 2024 Andreas Stieger <[email protected]>
  - Update to version 8.18.2:
    * Remove IAM identifiers for non-credential resources in the
      aws-access-token rule
    * Update stripe rule to not alert on publishable keys
    * --max-target-megabytes flag now supported for --no-git flag as
      well
    * add pre-commit hook gitleaks-system
    * fix errors when using protect and an external git diff tool
    * rename filesystem to directory
    * Enhance Secret Descriptions
    * Small refactor `detect` and `sources`
    * chore(config): refactor to go generate; simplify configRules
      init
    * pretty apparent 'protect' and 'detect' should be merged into
      one command
    * style: sort the stopwords
* Sat Nov 25 2023 Dirk Müller <[email protected]>
  - update to 8.18.1:
    * dont crash on 100gb files pls (#1292)
    * remove secretgroup from default config (#1288)
    * feat: Hashicorp Terraform fields for password (#1237)
    * perf: avoid allocations with
      `(*regexp.Regexp).MatchString` (#1283)
    * refactor: more explicit rules (#1280)
    * bugfix: reduce false positives for stripe tokens by
      using word boundaries in regex (#1278)
    * add Infracost API rule (#1273)
    * refactor: simplify test asserts (#1271)
    * Update Makefile
    * refactor: change detect tests to t.Fatal instead of
      log.Fatal (#1270)
    * feat(rules): Add detection for Scalingo API Token
      (#1262)
    * feat(jwt): detect base64-encoded tokens (#1256)
    * feat: add --ignore-gitleaks-allow cmd flag (#1260)
    * switch out libs (#1259)
    * fix: no-color option should also affect zerolog
      (#1242)
    * Fixed lineEnd indexing if the match is the whole line
      (#1223)
    * feat: Add optional redaction value, default 100
      (#1229)
    * fix(jwt): longer segment lengths (#1214)
    * Added yarn.lock file to default allowlist paths
      (#1258)
    * Update README.md
    * feat(rules): make case insensitivity optional (#1215)
    * feat(rules): detect Hugging Face access tokens
    * Resolve #1170 - Enable selection of a single rule
      (#1183)
    * Update authress.go to include alternate form account
      dash (-) (#1224)
    * refactor: remove unnecessary removing temp files in
      tests (#1255)
    * refactor: use os.ReadFile instead of os.Open +
      io.ReadAll (#1254)
    * fix(sumologic): improve patterns (#1218)
    * Fix inconsistent generated values in config
    * feat: add JFrog API and Identity keys
    * Add entropy check to plaid client/secret ID rules
    * Update config template logic
    * Include entropy in Plaid rule file
    * refactor: fix #722 properly
    * Add `REDACTED` to stopwords for `generic-api-key` rule
    * Add detection for Snyk tokens
    * Add makefile variable detections
    * chore: update deps to fix solaris #1158
    * Add junit report format
    * Ignore all comits when `.gitleaksignore` fingerprint lacks
      SHA
    * Improved global exclusion list
    * Add detection for OpenAI API keys
    * Add warning for quoted `--log-opts` values
    * Fixed docker run command in README.md
    * add tags support for csv and sarif formats
    * Update Slack token regexes
* Sat Nov 25 2023 [email protected]
  - Update to version 8.18.1:
    * dont crash on 100gb files pls (#1292)
    * remove secretgroup from default config (#1288)
    * feat: Hashicorp Terraform fields for password (#1237)
    * perf: avoid allocations with `(*regexp.Regexp).MatchString` (#1283)
    * refactor: more explicit rules (#1280)
    * bugfix: reduce false positives for stripe tokens by using word boundaries in regex (#1278)
    * add Infracost API rule (#1273)
    * refactor: simplify test asserts (#1271)
    * Update Makefile
    * refactor: change detect tests to t.Fatal instead of log.Fatal (#1270)
    * feat(rules): Add detection for Scalingo API Token (#1262)
    * feat(jwt): detect base64-encoded tokens (#1256)
    * feat: add --ignore-gitleaks-allow cmd flag (#1260)
    * switch out libs (#1259)
    * fix: no-color option should also affect zerolog output (#1242)
    * Fixed lineEnd indexing if the match is the whole line (#1223)
    * feat: Add optional redaction value, default 100 (#1229)
    * fix(jwt): longer segment lengths (#1214)
    * Added yarn.lock file to default allowlist paths (#1258)
    * Update README.md
    * feat(rules): make case insensitivity optional (#1215)
    * feat(rules): detect Hugging Face access tokens (#1204)
    * Resolve #1170 - Enable selection of a single rule  (#1183)
    * Update authress.go to include alternate form account dash (-) (#1224)
    * refactor: remove unnecessary removing temp files in tests (#1255)
    * refactor: use os.ReadFile instead of os.Open + io.ReadAll (#1254)
    * fix(sumologic): improve patterns (#1218)
    * refactor: fix #722 properly (#1250)
    * fix(plaid): include entropy in go definition (#1252)
    * feat(config): update template logic (#1201)
    * Add entropy check to plaid client/secret ID rules (#1213)
    * feat: add JFrog API and Identity keys (#1233)
    * chore(config): fix inconsistent generated values (#1200)
    * Revert "Initial set of Azure secrets for #539 (#1079)" (#1197)
    * Initial set of Azure secrets for #539 (#1079)
    * feat(slack): update token regex (#1161)
    * add tags support for csv and sarif formats (#1176)
    * Fixed docker run command in README.md (#1194)
    * feat: add warning for quoted --log-opts values (#1160)
    * Add detection for OpenAI API keys (#1148)
    * Add some useless files (#1193)
    * add tests for commits
    * fix broken vet, format some stuff
    * add some gl ignores
    * Ignore all comits when `.gitleaksignore` fingerprint lacks SHA (#1156)
    * Add junit report format (#920)
    * chore: update deps to fix solaris link (#1159)
    * Add makefile variable detections (#1191)
    * Add detection for Snyk tokens (#1190)
    * Add `REDACTED` to stopwords for `generic-api-key` rule (#1188)
    * Added option to specify .gitleaksignore path (#1179)
    * Fix closing file in writeJson and writeSarif (#1187)
    * Simplify tests by using T.TempDir (#1186)
    * Fix typos in *.md, comments and logs (#1185)
    * Update README.md
    * Update bug_report.md
    * Adding discord channel to readme
    * 🐛 fix(sarif): update report to pass validator (#1167)
    * fix(detect): extra secret from group before checking allowlist (#1152)
    * Fix G307 warning:  Deferring unsafe method "Close" on type "*os.File" (#1154)
    * fix(detect): avoid panic with verbose flag (#1143)
    * Fix typo (#1142)
    * No color (#1136)
    * Update README.md
    * safer out of bounds (#1135)
    * Add Authress access key format: https://authress.io/knowledge-base/docs/authorization/service-clients/secrets-scanning/ (#1131)
    * Update pre-commit address and rev tag in README (#1125)
    * Update gitleaks.yml
    * Update README.md
    * Update README.md
    * Update .gitleaksignore
    * Bufix/1100 protect stagged files (#1121)
    * remove extra default on source option
    * fix README.md !? (#1123)
    * Improve rule descriptions for Stripe and Facebook access tokens (#1119)
    * Add Defined Networking API Tokens (#1096)
    * Update gitleaks.toml (#1116)
    * Update gitleaks.yml (#1117)
    * Add gradle.lockfile to allowlist (#1112)
    * Update pre-commit rev tag in README (#1108)
    * Add pnpm-lock.yaml and Database.refactorlo (#1109)
* Mon Mar 13 2023 Johannes Kastl <[email protected]>
  - BuildRequire go1.19; fix wrong URL and Summary
* Mon Mar 13 2023 [email protected]
  - Update to version 8.16.0:
    * Feat/allowlist regex target (#1107)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.15.4:
    * ignore package-lock.json (#1076)
    * Fix typos in README.md and CONTRIBUTING.md (#1090)
    * fix: ignore baseline if path was not relative in source (#1101)
    * Fix H in GitHub and update pre-commit rev tag in README (#1087)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.15.3:
    * Add missing GitLab token patterns (#1077)
    * Fix rule for private keys (#1072)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.15.2:
    * remove color formatting when #1042 is encountered (#1050)
    * Update README.md
    * adding jwt tokens with padding format "=" (#1031)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.15.1:
    * include default newline pairs when calculating location (#1038)
    * Add rule for fine-grained GitHub PAT (#1026)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.15.0:
    * Add scanning from a pipe with --pipe (#1012)
    * add a few fingerprints for test data
    * Add support for following symlinks (#1010)
    * fix bug in readme (#1011)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.14.1:
    * define log-opts, odd that this wasn't failing before... (#1009)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.14.0:
    * add --max-target-megabytes : maximum size for a file/blob to be
      scanned (#1003)
    * Update USERS.md
    * Update .gitleaksignore
    * Update README.md
    * Add detection rules for DigitalOcean tokens (#1002)
    * docs: add Trendyol to users (#998)
    * docs: added goreleaser to user list (#997)
    * Update USERS.md (#996)
    * Create USERS.md
    * Exclude dacpac refactorlogs (#990)
    * Output number of commits at info-level. (#991)
    * Detect Slack Workflow Webhook URLs (#989)
    * Upgrade go version to 1.19 (#987)
    * Minor cleanup to error handling and logging (#985)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.13.0:
    * Update README.md
    * Update .gitleaksignore
    * Update README.md
    * Adding quiet mode to silence banner (#852)
    * Issue #980: Add support for Telegram Bot API Token (#981)
    * add rule for microsoft teams webhooks (#970)
    * Add baseline (#975)
    * Add pre-commit autoupdate command to README.md (#978)
    * refactor: more precise rule for private keys (#930)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.12.0:
    * update gitleaksignore
    * add fingerprint to output
    * Pretty output (#973)
    * Update version in readme file (#972)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.11.2:
    * ignore empty files (#965)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.11.1:
    * Add grafana tokens rules (#959)
    * add prefect and readme rules (#961)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.11.0:
    * draft: bump gitdiff, add git.Err state, better log messages
      (#954)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.10.3:
    * Feat/add fingerprint no git (#952)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.10.2:
    * safe file checking (#946)
    * Update README.md
* Mon Mar 13 2023 [email protected]
  - Update to version 8.10.1:
    * Explicit fingerprint (#944)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.10.0:
    * add two test findings to gitleaksignore
    * Feat/ignore finding (#938)
    * add jwt rule (#943)
    * bump golang test version (#942)
    * gitleaks allow docs (#941)
    * Add new rules for vault tokens (#919)
    * Feature/add sidekiq rules (#933)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.9.0:
    * update readme
    * add url for config
    * Feature: Adding the ability to extend configuration files (#926)
    * Add fix for issue #915 (#916)
    * Update README.md
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.12:
    * Update README.md
    * Update README.md
    * adding access to generic rule keywords and identifiers
    * Fix proper names capitalization (#907)
    * Add multi platform build (#897)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.11:
    * update twitter rule generation description and id
    * capitilze twitter description
    * adding travis ci
    * Fix id and description for twitter tokens (#905)
    * Adding okta, codecov, zendesk, and updating Atlassian's rule to
      include `jira` keyword (#904)
    * Fix Plaid, add Plaid access token (#903)
    * adding airtable and adafruit (#902)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.10:
    * Fixes accidental type typos while translating rules from
      validation spreadsheet, adds bittrex rule
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.9:
    * Remove ssn allowlist (#898)
    * Adding a bunch of new rules, update allowlist to include
      node_modules… (#896)
    * contributing guidelines first draft (#895)
    * Lint python commit script to satisfy PEP8 (#893)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.8:
    * Update generate (#892)
    * maintain parity with recent changes... need to create rule
      contributing guidelines (#891)
    * Fix duplicate TOML Rules and IDs  (#889)
    * Update README.md
    * Update gitleaks.yml
    * Update README.md
    * user accounts don't need gitleaks license
    * Update README.md
    * Add gitleaks badge
    * Create gitleaks.yml (#884)
    * add link to gitleaks.io
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.7:
    * fix git unsafe directory (#883)
    * Limit newlines regex (#881)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.6:
    * add combo to stopwords, update cmd/generate
    * Fix generic-api-key detected erroneously
      (zricethezav#877) (#878)
    * ignore end line when comparing generic rules (#879)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.5:
    * updating generic regex and algoia regex (#875)
    * feat: add algolia key support (#866)
    * Improve PlanetScale token detection (#874)
    * Update README.md
    * Adding JIT Security messages
    * Update README.md
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.4:
    * fix no-git bug (#859)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.3:
    * Removing private keyword from private key rule (#858)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.2:
    * nasty little bug (#853)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.1:
    * adding a ton of stopwords to the generic rule only as that is
      the loudest rule (#851)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.8.0:
    * adding stopwords (#849)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.7.2:
    * Update dockerfile (#848)
    * fix EOL in secret suffix (#847)
    * unpin docker version in pre-commit hook (#832)
    * Generate tps (#845)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.7.1:
    * maybe fix out of bounds (#843)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.7.0:
    * optimize keywords (#841)
    * Update detect.go (#839)
    * Standardize/alphabetize rules, add cmd/generate/config package
      (#840)
    * fix ghcr.io typo in README.md (#835)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.6.1:
    * normalize keyword check (#830)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.6.0:
    * Keyword (#825)
    * doc gitleaks-docker pre-commit hook (#819)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.5.3:
    * skip content checks for path only rules
    * use official docker image as pre-commit hook (#818)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.5.2:
    * remove stopwords from global allowlist
* Mon Mar 13 2023 [email protected]
  - Update to version 8.5.1:
    * detect: skip binary files with --no-git (#810)
    * fixing a location off by one edge case for --no-git (#812)
    * Update README.md
* Mon Mar 13 2023 [email protected]
  - Update to version 8.5.0:
    * Allow tag (#809)
    * Stop words (#808)
    * Refactor `detect`, add `entropy` to all findings (#804)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.4.0:
    * commenting out git tests, will need to revisit eventually
    * commenting out flaky test for now
    * go mod tidying
    * more comments
    * adding git test again
    * handle goimports/go vet warnings
    * more tests
    * more cleaningup
    * maintaining parity between current master
    * more bug
    * cleanup
    * more cleaning up
    * getting some tests working
    * regular git scan parity
    * init
    * Escape - character in regex character groups (#802)
    * adding go mod/sum to ignore (#797)
    * GitLab pats may contain underscores as well as dashes (#794)
* Mon Mar 13 2023 [email protected]
  - Update to version 8.3.0:
    * ignore k8s apiVersion in generic-api-key pattern (#760)
    * build: updates for go1.17 (#769)
    * allow non-last-element secret groups (#792)
    * fixing segfault when using a rule with only a path (#791)
    * Fix: Typo in LinkedIn id (#789)
    * Fix vendor name casing, Flutterwave typo (#785)
    * Sarif results with empty rules now represents as [] instead of
      null/nil (#786)
    * Fix typos in README.md (#780)
* Sun Feb 13 2022 Johannes Kastl <[email protected]>
  - first version of package gitleaks at 8.2.7

Files

/usr/bin/gitleaks
/usr/share/doc/packages/gitleaks
/usr/share/doc/packages/gitleaks/README.md
/usr/share/licenses/gitleaks
/usr/share/licenses/gitleaks/LICENSE


Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Dec 4 00:10:59 2024