http://open-source-security-software.net/project/truffleHog/releases.atom 2024-11-15T09:54:01.201569+00:00 python-feedgen truffleHog 2.0.97 2018-11-06T16:01:16+00:00 2018-11-06T16:01:16+00:00 truffleHog v3.54.1 2023-08-30T14:19:52+00:00 ## What's Changed * add missing detectors to defaults.go by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1716 * [chore] - buffer chunksChan by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1718 * [chore] - Add jobID to chunk by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1721 * Add AvailableCapacity method to SourceManager by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1665 * Optimize read to max by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1714 * [chore] - remove fmt.Print by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1727 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.54.0...v3.54.1 2023-08-30T14:19:52+00:00 truffleHog v3.54.2 2023-09-01T16:39:26+00:00 ## What's Changed * Add the 'Cause' family of functions to the context wrapper library by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1725 * Add a cancel cause to job cancellation by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1728 * Unify S3 client creation logic by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1657 * update slack webhook with tri-state verification by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1724 * Update to Go 1.21 by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1733 * Add Sourcegraph Token Detection by @shivasurya in https://github.com/trufflesecurity/trufflehog/pull/1730 * add tri-state verification for twilio detector by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1729 * update jira detector to match new variable tokens by @codevbus in https://github.com/trufflesecurity/trufflehog/pull/1720 ## New Contributors * @shivasurya made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1730 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.54.1...v3.54.2 2023-09-01T16:39:26+00:00 truffleHog v3.54.3 2023-09-01T21:53:35+00:00 ## What's Changed * Sourcegraph Detectors Iterations by @shivasurya in https://github.com/trufflesecurity/trufflehog/pull/1742 * [chore] - fix sentry detector by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1738 * [bug] - Correctly create azure git links by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1743 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.54.2...v3.54.3 2023-09-01T21:53:35+00:00 truffleHog v3.54.4 2023-09-08T20:38:12+00:00 ## What's Changed * Validate s3 source by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1715 * updating sendbird detector to use tri-state verification by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1737 * [chore] - update Docker source by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1708 * updating jiratoken and jiratokenV2 to use tri-state verification by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1744 * Fix pagerdutyapikey Detector by @harmonherring-pro in https://github.com/trufflesecurity/trufflehog/pull/1749 * Use common chunker for archive handler by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1717 * Add optional param to Chunks by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1747 * updating sendgrid detector to use tri-state verification by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1735 * Add Tailscale detector by @marwan-at-work in https://github.com/trufflesecurity/trufflehog/pull/1719 * Always attempt to return a git link by @trufflesteeeve in https://github.com/trufflesecurity/trufflehog/pull/1756 * Retry AWS verification 403s by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1757 ## New Contributors * @harmonherring-pro made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1749 * @marwan-at-work made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1719 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.54.3...v3.54.4 2023-09-08T20:38:12+00:00 truffleHog v3.55.0 2023-09-11T19:36:09+00:00 ## What's Changed * [chore] - Sentry detector update by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1746 * Always close AWS response body by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1758 * [chore] - add test for custom providers by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1759 * cache dupes w/ different decoders by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1754 * add tri state verification to slack (not slack webhook) by @zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1731 * Improve private key detector by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1760 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.54.4...v3.55.0 2023-09-11T19:36:09+00:00 truffleHog v3.55.1 2023-09-11T20:08:27+00:00 ## What's Changed * [chore] - fix slackwebhook detector by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1761 * Add log verbosity by @codevbus in https://github.com/trufflesecurity/trufflehog/pull/1750 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.55.0...v3.55.1 2023-09-11T20:08:27+00:00 truffleHog v3.56.0 2023-09-14T18:58:07+00:00 ## What's Changed * updating sendbirdorganizationapi detector to use tri-state verification by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1763 * Refactor SourceManager to remove Enrollment by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1740 * Add a SourceType constant to all source packages by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1768 * fix: add missing error check in archive handler by @martinohmann in https://github.com/trufflesecurity/trufflehog/pull/1770 * Implement Gitlab source validation by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1765 * add buildpulse config to sources by @codevbus in https://github.com/trufflesecurity/trufflehog/pull/1764 * migrate buildpulse to integration test suite by @codevbus in https://github.com/trufflesecurity/trufflehog/pull/1775 * Update Source interface to use SourceID and JobID types by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1774 ## New Contributors * @martinohmann made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1770 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.55.1...v3.56.0 2023-09-14T18:58:07+00:00 truffleHog v3.56.1 2023-09-15T15:09:08+00:00 ## What's Changed * [chore] - replace interface{} with any by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1771 * [bug] - correclty handle nested archived directories by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1778 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.56.0...v3.56.1 2023-09-15T15:09:08+00:00 truffleHog v3.57.0 2023-09-23T00:39:08+00:00 ## What's Changed * Update sonarcloud.go by @ankushgoel27 in https://github.com/trufflesecurity/trufflehog/pull/1784 * fixed rubygems detector by @ankushgoel27 in https://github.com/trufflesecurity/trufflehog/pull/1781 * Ability to update line number in link by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1788 * [bug] - fix link line by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1793 * Add ability to dynamically scale concurrently running sources by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1790 * Bump github.com/mattn/go-isatty from 0.0.18 to 0.0.19 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1794 * Bump cloud.google.com/go/storage from 1.31.0 to 1.33.0 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1795 * Bump github.com/getsentry/sentry-go from 0.22.0 to 0.24.1 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1797 * Bump github.com/charmbracelet/bubbletea from 0.24.1 to 0.24.2 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1798 * Bump github.com/go-ldap/ldap/v3 from 3.4.5 to 3.4.6 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1796 * Bump golang.org/x/oauth2 from 0.10.0 to 0.12.0 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1799 * updating uri detector to use tri-state verification by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1791 * Adding new function SetProgressOngoing by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1802 * aggregate detector tests daily by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1800 * fix detector test action by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1805 * add line to link for azure repos by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1801 * Update protos image to use correct go version by @samdatkins in https://github.com/trufflesecurity/trufflehog/pull/1810 * examples folder by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1734 * Use real url for custom generic detector example by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1811 * adding support for new version of figma token by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1813 ## New Contributors * @samdatkins made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1810 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.56.1...v3.57.0 2023-09-23T00:39:08+00:00 truffleHog v3.58.0 2023-10-02T15:49:43+00:00 ## What's Changed * update figma to use tri-state verification by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1814 * updating myfreshworks detector to use tri-state verification by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1779 * updating microsoft teams webhook detector to use tri-state verification by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1792 * updating browserstack detector to use tri-state verification by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1785 * Implement an installation script with CheckSum Validation by @hibare in https://github.com/trufflesecurity/trufflehog/pull/1808 * Update Adding_Detectors_external.md by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1817 * added PR and Issue body scanning by @joeleonjr in https://github.com/trufflesecurity/trufflehog/pull/1816 * Github partial scan by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1804 * Update Adding_Detectors_external.md by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1822 * added Web3 Storage detector by @ankushgoel27 in https://github.com/trufflesecurity/trufflehog/pull/1789 * consolidated pr and issue descr/comment flags by @joeleonjr in https://github.com/trufflesecurity/trufflehog/pull/1827 * Use S3 credentials waterfall by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1823 * [bug] - correctly check err by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1824 * Update web3storage_test.go with detectors5 by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1828 * Update alchemy_test.go to use detectors5 by @zricethezav in https://github.com/trufflesecurity/trufflehog/pull/1829 * Cleanup pubnub detector by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1826 * cleanup myfreshworks detector by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1831 * Cleanup jiratoken detector by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1832 * [chore] add figmav2 to defaults by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1820 * Separate gitlab detectors by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1819 * chore(ReadMe): Update installation Doc by @varmakarthik12 in https://github.com/trufflesecurity/trufflehog/pull/1818 * add tristate verification to twitch by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1830 * fixing razorpay by @dxa4481 in https://github.com/trufflesecurity/trufflehog/pull/1852 * Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1842 * Bump github.com/xanzy/go-gitlab from 0.88.0 to 0.92.3 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1849 * Bump docker/login-action from 2 to 3 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1846 * Bump mikepenz/action-junit-report from 3 to 4 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1843 * Bump goreleaser/goreleaser-action from 4 to 5 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1844 * Bump docker/setup-qemu-action from 2 to 3 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1845 * Bump github.com/aws/aws-sdk-go from 1.44.83 to 1.45.19 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1847 * Bump go.mongodb.org/mongo-driver from 1.12.0 to 1.12.1 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1848 ## New Contributors * @hibare made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1808 * @varmakarthik12 made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1818 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.57.0...v3.58.0 2023-10-02T15:49:43+00:00 truffleHog v3.59.0 2023-10-02T22:18:26+00:00 ## What's Changed * Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.6.0 to 2.7.0 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1851 * Bump github.com/AzureAD/microsoft-authentication-library-for-go from 0.5.1 to 1.2.0 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1850 * Fix bug in chunker that surfaces with a flaky passed in io.Reader by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1838 * update pagerdutyapikey detector to tri-state verification by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1836 * Adding Howtorotate Guides to TruffleHog by @dxa4481 in https://github.com/trufflesecurity/trufflehog/pull/1839 * adding azure storage detector by @dxa4481 in https://github.com/trufflesecurity/trufflehog/pull/1840 * implemented planet scale creds (passwords and API keys) by @dxa4481 in https://github.com/trufflesecurity/trufflehog/pull/1841 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.58.0...v3.59.0 2023-10-02T22:18:26+00:00 truffleHog v3.60.0 2023-10-16T21:19:37+00:00 ## What's Changed * Use placeholder as default if field left empty and is required by @hxnyk in https://github.com/trufflesecurity/trufflehog/pull/1642 * add tristate verification to postman by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/1837 * support insecure TLS for Jira and Jenkins by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1856 * Add include and ignore list to Artifactory by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1857 * [bug] - use Repositories field from conn by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1860 * Detector-Competition-New: add ramp.com client id & secret detector by @lc in https://github.com/trufflesecurity/trufflehog/pull/1862 * Detector-Competition-New: add anthropic api key detector by @lc in https://github.com/trufflesecurity/trufflehog/pull/1861 * Detector-Competition-Fix: fix notion.so false negative verification by @lc in https://github.com/trufflesecurity/trufflehog/pull/1866 * Tighten up pagerduty keywords by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1874 * [chore] Fix flaky TestJobProgressElapsedTime by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1872 * Add an option to filter unverified results using shannon entropy by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1875 * Detector-Competition-Feat: Add Klaviyo API Secret Detector by @lc in https://github.com/trufflesecurity/trufflehog/pull/1870 * Bump golang.org/x/net from 0.15.0 to 0.17.0 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/1886 * added cody gateway token detection code by @shivasurya in https://github.com/trufflesecurity/trufflehog/pull/1883 * [bug] - Don't modify global client var by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1890 * Detector-Competition-Fix: Add Personal Access Tokens (API Tokens Depr… by @lc in https://github.com/trufflesecurity/trufflehog/pull/1871 * [chore] Add SourceUnitEnumChunker filesystem tests by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1873 * Add ShannonEntropy test for an empty string by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1893 ## New Contributors * @lc made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1862 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.59.0...v3.60.0 2023-10-16T21:19:37+00:00 truffleHog v3.60.1 2023-10-18T13:58:18+00:00 ## What's Changed * Fix wrong line number by @shreyas-sriram in https://github.com/trufflesecurity/trufflehog/pull/1891 * Fix GitHub `--repo` cache behaviour by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/1897 * Only append link line numbers when > 0 by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/1898 * Added Support for '-h' Option for Help Documentation by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1901 ## New Contributors * @shreyas-sriram made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1891 * @fumblehool made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1901 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.60.0...v3.60.1 2023-10-18T13:58:18+00:00 truffleHog v3.60.2 2023-10-24T14:47:41+00:00 ## What's Changed * Tighten up regex for twist detector by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1908 * Add generic glob filter by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1858 * Fix for #1526: Update Posthog detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1910 * Add Voiceflow detector by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/1900 * [chore] - update regex by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1919 * Detector-Competition-Fix: Fix plaid.com API key detection by @lc in https://github.com/trufflesecurity/trufflehog/pull/1916 * Export ChunkError fields and add ErrorsFor convenience method by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1920 * Handle secondary GitHub ratelimits by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/1912 * Move Github comments check to fix a test by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1927 * Detector-Competition-Feat: Add Privacy.com API key detector by @lc in https://github.com/trufflesecurity/trufflehog/pull/1888 * Reduce GitHub comment scanning log verbosity by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/1922 * Use the configured include repositories in the GitHub filter by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1926 * Fix README.md typo by @gabrieldonadel in https://github.com/trufflesecurity/trufflehog/pull/1942 * Detector-Competition-Feat: Add ipinfo.io API key detector by @lc in https://github.com/trufflesecurity/trufflehog/pull/1889 * Filter unique detectors by keywords in chunk by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1711 * [chore] Fix glob package name by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1931 * Detector-Competition-New: add IP2Location api key detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1915 * Add UnitHook and NoopHook implementations by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1930 * Detector-Competition-Fix: Fix SuperNotes API verification by @lc in https://github.com/trufflesecurity/trufflehog/pull/1947 * Detector-Competition-Feat: Add InstaMojo Payment Detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1905 * Detector-Competition-Fix: Fix CodeClimate verification by @lc in https://github.com/trufflesecurity/trufflehog/pull/1945 * export struct by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1954 * export ShouldVerify by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1962 ## New Contributors * @gabrieldonadel made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1942 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.60.1...v3.60.2 2023-10-24T14:47:41+00:00 truffleHog v3.60.3 2023-10-25T02:39:58+00:00 ## What's Changed * Use latest dbr by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/1955 * Revert "Fix wrong line number" by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1963 * Upgrade gocb and gocbcore by @nyanshak in https://github.com/trufflesecurity/trufflehog/pull/1952 * Detector-Competition-Fix: Fix CloudSmith verification by @lc in https://github.com/trufflesecurity/trufflehog/pull/1944 * Detector-Competition-fix: NewRelic Detector -fallback to EU Api for verification by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1932 * fix #1751: update facebookOauth Detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1921 * Dockerfiles - Alpine Linux 3.15 EoL by @nfsec in https://github.com/trufflesecurity/trufflehog/pull/1914 * Remove docker container after make protos finishes by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1964 * Configure Renovate by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1966 * fix(deps): update golang.org/x/exp digest to 7918f67 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1968 * fix(deps): update github.com/lrstanley/bubblezone digest to e3824f1 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1967 * fix(deps): update module cloud.google.com/go/secretmanager to v1.11.2 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1970 * fix(deps): update module github.com/aymanbagabas/go-osc52 to v1.2.2 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1971 * fix(deps): update module github.com/go-errors/errors to v1.5.1 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1972 * fix(deps): update module golang.org/x/oauth2 to v0.13.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1974 * Detector-Competition-Feat: Added PortainerToken Detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1938 * fix(deps): update module github.com/snowflakedb/gosnowflake to v1.6.25 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1981 * fix(deps): update module github.com/google/go-github/v42 to v56 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1975 * chore(deps): update alpine docker tag to v3.18 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1982 * fix(deps): update module github.com/mattn/go-isatty to v0.0.20 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1980 * chore(deps): update module github.com/trufflesecurity/overseer to v1.2.7 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1983 * fix(deps): update module github.com/google/go-cmp to v0.6.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1973 * fix(deps): update module github.com/azure/go-autorest/autorest/azure/auth to v0.5.12 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1977 * fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v6.1.1 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/1978 * add rpm2cpio as dependency to dockerfile by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1985 ## New Contributors * @nfsec made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1914 * @renovate made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1966 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.60.2...v3.60.3 2023-10-25T02:39:58+00:00 truffleHog v3.60.4 2023-10-26T02:27:33+00:00 ## What's Changed * loggly detector by @ankushgoel27 in https://github.com/trufflesecurity/trufflehog/pull/1782 * Detector-Competition-Feat: Added OpenVPN API Detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1940 * deprecate scan_interval field by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1984 * Detector-Competition-Feat: Added Portainer Detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1936 * Detector-Competition-Fix: Fix/Remove baseapi detector (no longer exists) by @lc in https://github.com/trufflesecurity/trufflehog/pull/1992 * remove detector by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/1993 * Detector-Competition-Feat: Added Vagrant Cloud Access Token Detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1941 * Detector-Competition-Fix : fixed monday.com regex by @ankushgoel27 in https://github.com/trufflesecurity/trufflehog/pull/1961 * Detector-Competition-Fix: Fix ScreenshotAPI Verification by @lc in https://github.com/trufflesecurity/trufflehog/pull/1949 * Detector-Competition-Fix: Fix MeaningCloud Verification by @lc in https://github.com/trufflesecurity/trufflehog/pull/1946 * Detector-Competition-Fix: Deprecate Glitterly by @lc in https://github.com/trufflesecurity/trufflehog/pull/2000 * Detector-Competition-Fix: Fix/Remove BlaBlaBus, API retired by @lc in https://github.com/trufflesecurity/trufflehog/pull/1996 * make protos for deprecating Blablabus by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/2002 * Detector-Competition-Fix: Fix/Remove QuickMetrics (shutdown) by @lc in https://github.com/trufflesecurity/trufflehog/pull/1997 * update renovate config and remove dependabot by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1994 * Detector-Competition-Fix: Fix/Remove DataFire, API retired by @lc in https://github.com/trufflesecurity/trufflehog/pull/1995 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.60.3...v3.60.4 2023-10-26T02:27:33+00:00 truffleHog v3.61.0 2023-10-27T22:57:40+00:00 ## What's Changed * Detector-Competition-Fix: Fix/Remove Happi Detection & Verification by @lc in https://github.com/trufflesecurity/trufflehog/pull/2003 * Detector-Competition-Fix: Fix/Remove Flowdock detector by @lc in https://github.com/trufflesecurity/trufflehog/pull/2004 * Add temp directory management by @codevbus in https://github.com/trufflesecurity/trufflehog/pull/1878 * Fix binary handling by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/1999 * Detector-Competition-Fix: Fix SurveyBot Verification by @lc in https://github.com/trufflesecurity/trufflehog/pull/1948 * Detector-Competition-Feat: Added BetterStack API token detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1987 * Detector-Competition-Feat: Added ZeroTier API token detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1988 * Detector-Competition-Feat: Added AppOptics API token detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1989 * Detector-Competition-Feat: Add Metabase Session Secret Detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1902 * Add Coinbase Wallet-as-a-Service detector by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/1895 * Chore(deps): Bump google.golang.org/grpc from 1.56.2 to 1.56.3 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/2009 * Update module github.com/TheZeroSlave/zapsentry to v1.19.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2012 * Update module cloud.google.com/go/secretmanager to v1.11.3 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2011 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.60.4...v3.61.0 2023-10-27T22:57:40+00:00 truffleHog v3.62.0 2023-10-30T14:29:31+00:00 ## What's Changed * Update module github.com/aws/aws-sdk-go to v1.46.6 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2013 * Update module github.com/bradleyfalzon/ghinstallation/v2 to v2.8.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2014 * Update module github.com/charmbracelet/lipgloss to v0.9.1 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2015 * Update module github.com/go-logr/logr to v1.3.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2025 * Update module github.com/getsentry/sentry-go to v0.25.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2022 * Update module github.com/google/go-containerregistry to v0.16.1 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2026 * Update module github.com/google/uuid to v1.4.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2027 * Update module github.com/hashicorp/golang-lru to v0.6.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2028 * Update module github.com/rabbitmq/amqp091-go to v1.9.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2030 * Detector-Competition-Feat: Added LemonSqueezy API token detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/2017 * Update module github.com/prometheus/client_golang to v1.17.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2029 * Detector-Competition-Feat: Added Budibase API token detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/2016 * Update github.com/bodgit/sevenzip to v1.4.3 by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2039 * Update module go.uber.org/mock to v0.3.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2038 * Update module github.com/xanzy/go-gitlab to v0.93.2 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2031 * Update module github.com/snowflakedb/gosnowflake to v1.6.25 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2042 * Update module github.com/launchdarkly/go-server-sdk/v6 to v6.1.1 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2043 * Update module go.uber.org/zap to v1.26.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2044 * Update module google.golang.org/api to v0.148.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2045 * Developed Deno Deploy Detector by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2040 * Detector-Competition-Feat: Added Stripo API token detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/2018 * fix(deps): update module sigs.k8s.io/yaml to v1.4.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2047 * Detector-Competition-Feat: Added Reply.io API token detector by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/2019 * fix(deps): update module github.com/go-git/go-git/v5 to v5.10.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2023 * adding 'token' keyword to regex for github_old by @ankushgoel27 in https://github.com/trufflesecurity/trufflehog/pull/2037 * Remove verify flag from Aho-Corasick core by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2010 * Add TravisCI source by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/1877 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.61.0...v3.62.0 2023-10-30T14:29:31+00:00 truffleHog v3.62.1 2023-10-31T14:22:43+00:00 ## What's Changed * update kingpin import by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2053 * Re-add detector version by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2060 * Detector-Competition-Fix: Fix currencycloud.com API key by @lc in https://github.com/trufflesecurity/trufflehog/pull/1917 * Detector-Competition-Fix: Fix Bitcoin Average detector by @lc in https://github.com/trufflesecurity/trufflehog/pull/1929 * Detector-Competition-Fix: Update formio regex to match Jwt token by @fumblehool in https://github.com/trufflesecurity/trufflehog/pull/1935 * Detector-Competition-Fix: Fix SalesBlink Detection & Verification by @lc in https://github.com/trufflesecurity/trufflehog/pull/1950 * Support multiple custom detectors by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2064 * [chore] Fix SourceManager flaky test by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2059 * Centralize logic for checking archive extraction tools by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2063 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.62.0...v3.62.1 2023-10-31T14:22:43+00:00 truffleHog v3.63.0 2023-11-17T17:56:11+00:00 ## Changelog * 39a603d2 [chore] Add JSON tags to job metrics (#2114) * d334b307 move all Git setup into Init method (#2105) * fd33198a add proto fields for Git (#2104) * b2042e4e extract AWS account number from ID without verification (#2091) * 737d6b76 Adding Sumo Logic how to rotate (#2103) * 76a04685 update protos so we can use the git source for CI (#2102) * d066a3fa Detector-Competition-Feat: Added Replicate API token detector (#2021) * bcde7856 Detector-Competition-Feat: Added Ngrok API token detector (#2024) * 1b93c054 Competition-Detector-New:added v2 version for fullstory (#2067) * 8e3f6e98 Add support for user:pass@host to postgres JDBC detector (#2089) * 1094190f Detector-Competition-Feat: Add Overloop detector (#2080) * da59b727 Detector-Competition-Feat: Added Request.Finance API token detector (#2020) * 703e1586 Detector-Competition-New : created grafana service account detector (#1960) * b2d541e0 Detector-Competition-Fix: fixed zulipchat detector (#1990) * 6259b179 Grafana (#2096) * aabfec4c Competition-Detector-New: added eventbrite detector (#2072) * 1371512f logz.io detector (#2076) * 06b5fc25 Coda Detector (#2075) * 50a3a82c fix (#2094) * de8889b4 Detector-Competition-Fix: Fix LiveAgent Detector & Verifier (#2001) * 0b902658 pulling short lived AWS keys into their own thing, fixes #1224 (#2088) * 7a156330 Support multiple detectors per match (#2065) * 600903f3 [chore] Speedup IsKnownFalsePositive using sets (#2090) * 3b9ecaa7 Detector-Competition-Fix: Fix ScraperSite (deprecated) (#2074) * 41e9cc59 Detector-Competition-Fix: Fix PassBase (acquired, deprecated) (#2079) * b95ed3b4 Detector-Competition-New - Created Grafana Cloud API Key detector (#1959) * 9e52e3e8 Detector-Competition-Fix: Fix/Deprecate Prospect.io (#2081) * a1d74cd8 added resource type mapping to extraData in AWS (#2087) * b5cc6c19 Detector-Competition-Fix: Fix FakeJSON (deprecated) (#2073) * ab896890 fixed helpscout detector regex and verifier (#2056) * 965a274d Detector-Competition-Fix: fixed regex for databricks domain and fixed tests (#1965) * b6469f23 modified regex (#2033) * 4106ce7b Detector-Competition-Feat: Adding Azure Container Registry Password Detector (#1958) * 07f6c84a Detector-Competition-Fix: Fix SentimentInvestor (deprecated) (#2078) * 9d6bc8c5 Refactor git source to support scanning units (#2083) * 52600a89 [chore] Replace chunks channel with ChunkReporter in git based sources (#2082) * d55cb56d update comment (#2084) * 7197e4b3 use rawv2 for pubnubpublish (#2062) * 95e0090b [chore] - correctly handle input shorter than 512 bytes (#2077) * 89b6315e [chore] - add binutils dep to dockerfile (#2061) * 74a56de8 update braintreepayments detector to tri-state verification (#1834) * 8bac2b15 Detector-Competition-Feat: Adding Azure Batch keys (#1956) * 499cb645 Detector-Competition-Fix: Fix redis to now support SSL, and look for azure redis connection strings (#1957) * a4fd17c9 Detector-Competition-Fix: Fix AppFollow Detection & Verification (#1933) 2023-11-17T17:56:11+00:00 truffleHog v3.63.1 2023-11-20T17:40:15+00:00 ## Changelog * d69de658 fix nil map assignment (#2117) 2023-11-20T17:40:15+00:00 truffleHog v3.63.2 2023-12-05T18:10:34+00:00 ## Changelog * 11394ea3 [thog-1548] add auto redaction for verification errors (#2106) * 692582fb fix(deps): update module github.com/google/go-github/v42 to v57 (#2172) * 16cf8584 chore(deps): update google-github-actions/auth action to v2 (#2171) * 13da76d3 skip files we can't scan (#2170) * dbfd9a70 fix(deps): update module google.golang.org/api to v0.152.0 (#2169) * 996a11dc [chore] - remove deprecated types (#2168) * 08b58aa5 fix(deps): update module golang.org/x/oauth2 to v0.15.0 (#2167) * 5d002360 fix(deps): update module github.com/aws/aws-sdk-go to v1.48.12 (#2166) * 83cd276c fix(deps): update module github.com/xanzy/go-gitlab to v0.94.0 (#2165) * b5b8223b fix(deps): update module github.com/trufflesecurity/disk-buffer-reader to v0.2.1 (#2163) * 5d019695 Ignore images and binaries (#2162) * 37d9e5ee [chore] - Increase pagination limit (#2154) * 32d81500 fix(deps): update module github.com/google/go-containerregistry to v0.17.0 (#2160) * 07dc1238 update forager types (#2159) * 1cb85380 fix(deps): update module github.com/go-logr/zapr to v1.3.0 (#2158) * fdff3b71 fix(deps): update module github.com/fatih/color to v1.16.0 (#2155) * a6685d7e fix(deps): update module github.com/couchbase/gocb/v2 to v2.7.0 (#2153) * 8065b53a fix(deps): update module github.com/aws/aws-sdk-go to v1.48.11 (#2152) * 392b07fe fix(deps): update module github.com/alecthomas/kingpin/v2 to v2.4.0 (#2151) * d81b7ea0 fix(deps): update module cloud.google.com/go/storage to v1.35.1 (#2150) * c34efc3c make empty slice delcration consistent (#2144) * 02ba66d2 chore(deps): update sigstore/cosign-installer action to v3.2.0 (#2149) * 239bf921 fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.18 (#2148) * 3c1fde12 fix(deps): update module github.com/hashicorp/go-retryablehttp to v0.7.5 (#2147) * 79a862ad fix(deps): update module github.com/go-git/go-git/v5 to v5.10.1 (#2146) * 279f9157 [chore] - fix error comparisons (#2142) * f3d51d17 fix(deps): update module cloud.google.com/go/secretmanager to v1.11.4 (#2145) * ed70118e fix(deps): update golang.org/x/exp digest to 6522937 (#2140) * 52ffab10 [chore] - fix import name clashes (#2143) * e7ccfc2f fix(deps): update module github.com/google/go-github/v42 to v56 (#2049) * a367f9ce Fix azure panic when invalid URL is constructed (#2137) * 8880c2e0 fixup cleantemp (#2136) * e498c80b Fix nil pointer dereference when checking if a unit IsFinished (#2135) * 7ecd43ab [chore] Minor cleanup of source_manager.go (#2134) * 363ccab3 Simplify temp dir cleaning (#2133) * ede0c395 Add new auth method to source (#2132) * d5522223 add extradata nil check and use make (#2129) * 1759f093 added ci scanning info to readme (#2126) * 78219a27 Call Finish in SourceManager after the semaphore is released (#2121) * 024aa056 chore(github): add a newline between titles and bodies (#2124) * 1f502fd4 feat(github): scan issue & pr titles (#1899) * 0e6e1dce use camelcase var names (#2123) * 7d10e254 Remove unused functions (#2122) * a7a9e187 [chore] - update readme help flags (#2120) * 11df3dc7 feat(signing): Sign checksum (#1894) * a7d330a2 import missing detectors (#2119) * 75e869fa Fix forks and repos counter, add metric for orgs enumerated (#2118) * 62c628fb feat(telegram): add username to extradata (#2100) * 9e88cdf6 add extra data to github detector (#1909) * cd9c1ae1 fixed gist direct link generation (#2115) 2023-12-05T18:10:34+00:00 truffleHog v3.63.3 2023-12-14T00:08:36+00:00 ## What's Changed * Use forked sevenzip by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/2180 * fixing how to rotate URL by @dylanTruffle in https://github.com/trufflesecurity/trufflehog/pull/2183 * [fixup] - Skip trying to determine MIME type for directories by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2178 * [feat] - Remove go-git dependency by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2174 * remove unnecessary Git cmd check by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2175 * [chore] - use https for verification endpoints by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2185 * allow targets for the source manager by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2182 * Deprecate some detectors by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2186 * [chore] - update regex by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2184 * [chore] - Compile regex once by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2176 * Remove Java archives from ignored extensions by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2188 * [chore] - Refactor common code into a separate function by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2179 * [feat] - add metrics for gitlab by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2190 * [bug] - move logic to main Chunks method by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2194 * [fixup] - skip files in the archive handler by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2195 * Check private keys concurrently by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2139 * Propagate TruffleHog context to handlers by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2191 * [bug] - close file after reading by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2203 * Use bad json in slackwebhooks by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2193 * Add disk buffer tempfile cleanup by @codevbus in https://github.com/trufflesecurity/trufflehog/pull/2130 * [chore] Remove omitempty tags on JobProgressMetrics and UnitMetrics by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2204 * Fix azurestorage detector by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/2207 * fix and refactor browserstack detector by @0x1 in https://github.com/trufflesecurity/trufflehog/pull/2208 * [chore] Remove unnecessary string conversion in tefter detector by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2209 * Update metabase verification to check for a valid JSON response by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2210 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.2...v3.63.3 2023-12-14T00:08:36+00:00 truffleHog v3.63.4 2023-12-15T17:35:20+00:00 ## What's Changed * Bump github.com/docker/docker from 24.0.0+incompatible to 24.0.7+incompatible by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/2213 * Fix emoji in README by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2217 * Upgrade sevenzip to v1.4.5 by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2215 * Encode '%' when generating Git URLs by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2214 * Fix GitParse trimming whitespace from filename by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2201 * [fixup] - Avoid reading decompressed data into memory by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2196 * Update GitLab v1 verification to check for valid JSON response by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2218 * Check for SourceUnit support dynamically in the SourceManager by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2205 * Fix GitHub source showing 0 members by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2202 * Don't run 'test' workflow in forks by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2221 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.3...v3.63.4 2023-12-15T17:35:20+00:00 truffleHog v3.63.5 2023-12-19T01:03:49+00:00 ## What's Changed * [chore] Prevent panic when ChunkError has a nil Unit by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2227 * [feat] - Make skipping binaries configurable by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2226 * [chore] Add skip_binaries field to AzureRepos proto message by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2232 * Don't run detector tests on forks by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2234 * Update Freshworks verification to check for valid JSON response by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2212 * Enhance HuggingFace extra data by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2222 * Convert Shortcut detector to tri-state verification by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2211 * add secretID to chunk by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2242 * fix(deps): update module golang.org/x/crypto to v0.17.0 [security] by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2243 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.4...v3.63.5 2023-12-19T01:03:49+00:00 truffleHog v3.63.6 2023-12-22T15:54:23+00:00 ## What's Changed * Adds basic if/else check if pid slice is empty by @codevbus in https://github.com/trufflesecurity/trufflehog/pull/2244 * [fixup] - move cleanup to run by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2245 * shallow cloning + GitHub Action by @joeleonjr in https://github.com/trufflesecurity/trufflehog/pull/2138 * Update GitHub extradata by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2219 * Avoid extraneous authentication attempts when verifying Snowflake by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2057 * Add missing import by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2246 * [bug] - Bug archive handler memory leak by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2247 * [chore] - use snake_case for naming by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2238 * [chore] - add additional binary extensions to skip by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2235 * [chore] - lower logging level by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2249 * [bug] - Fix Context Timeout-Induced Goroutine Leak in readInChunks by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2251 * Dedupe some source log keys by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2250 * [fixup] - Refactor to Pass Reader for Binary Diffs and Archived Data; Optimize /tmp Directory Cleanup by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2253 * Use walkdir for tmp cleanup by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2255 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.5...v3.63.6 2023-12-22T15:54:23+00:00 truffleHog v3.63.7 2023-12-23T06:46:17+00:00 ## What's Changed * Add skip archive support by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2257 * Skip all binaries by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/2256 * Add handlerOpts back by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/2258 * Use directory iterator instead of walkdir by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2260 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.6...v3.63.7 2023-12-23T06:46:17+00:00 truffleHog v3.63.8 2024-01-08T19:35:02+00:00 ## What's Changed * Fix commit message single quote escaping on GitHub Action by @0x2b3bfa0 in https://github.com/trufflesecurity/trufflehog/pull/2259 * fix(deps): update module github.com/go-git/go-git/v5 to v5.11.0 [security] by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2263 * Fix non-ASCII whitespace on GitHub Action by @0x2b3bfa0 in https://github.com/trufflesecurity/trufflehog/pull/2270 * Update GitParse logic to handle edge case. by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2206 * [chore] Add test to check all versioned detectors are non-zero by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2272 * Update stripe detector regex by @NikhilPanwar in https://github.com/trufflesecurity/trufflehog/pull/2261 * Update to Sourcegraph Access token format by @shivasurya in https://github.com/trufflesecurity/trufflehog/pull/2254 * Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/2278 * Bump github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.6.0 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/2279 * Wrap temp deletion err by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2277 * 1833 Fix syslog udp by @df3rry in https://github.com/trufflesecurity/trufflehog/pull/1835 ## New Contributors * @0x2b3bfa0 made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/2259 * @NikhilPanwar made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/2261 * @df3rry made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1835 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.7...v3.63.8 2024-01-08T19:35:02+00:00 truffleHog v3.63.9 2024-01-14T03:54:00+00:00 ## What's Changed * [chore] - update docs for pre-commit by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2280 * Ignore common false positives for Parseur Detector by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2229 * Ignore common Signable false positives by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2230 * fix(deps): update golang.org/x/exp digest to be819d1 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2281 * [chore] - update test by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2283 * adding postgres detector by @dylanTruffle in https://github.com/trufflesecurity/trufflehog/pull/2108 * fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.1 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2282 * fix(deps): update golang.org/x/exp digest to 0dcbfd6 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2284 * fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.3 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2285 * Extend memory cache by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2275 * fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.19 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2286 * chore(deps): update alpine docker tag to v3.19 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2287 * chore(deps): update sigstore/cosign-installer action to v3.3.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2290 * fix(deps): update module cloud.google.com/go/storage to v1.36.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2291 * fix(deps): update module github.com/aws/aws-sdk-go to v1.49.18 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2292 * feat(installation): Implement checksum signature verification by @hibare in https://github.com/trufflesecurity/trufflehog/pull/2157 * fix(deps): update module github.com/aws/aws-sdk-go to v1.49.19 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2294 * fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.9.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2295 * [chore] - small updates by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2288 * [feat] - Allow for the use of include/exclude path files for filesystem scans by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2297 * Individuate archive tests by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2293 * [feat] - Provide CLI flag to only use custom verifiers by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2299 * Disable postgres detector because it it too sensitive by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2303 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.8...v3.63.9 2024-01-14T03:54:00+00:00 truffleHog v3.63.10 2024-01-16T23:28:16+00:00 ## What's Changed * added azure protos by @roxanne-tampus in https://github.com/trufflesecurity/trufflehog/pull/2304 * [fixup ] - Allow ssh cloning with AWS Code Commit by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2307 * Assume unauthenticated github scans have public visibility by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2308 * [chore] - Add regex and keyword for api_org tokens by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2240 **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.9...v3.63.10 2024-01-16T23:28:16+00:00