Releases: sainsburys-tech/trufflehog
Releases · sainsburys-tech/trufflehog
v3.41.1-internal-0
Changelog
- e50b60f Add custom detector for Luna NPM tokens
- a103d5e Add script to publish custom builds
- 0092098 added opsgenie detector (trufflesecurity#650)
- d6375ba verify response body with expected keywords (trufflesecurity#1419)
- 8ea49de Don't return on okta credential failed verification (trufflesecurity#1432)
- 4a77688 use stringer again for now (trufflesecurity#1430)
- 11bff81 Use url redaction in git (trufflesecurity#1399)
- 06f2d3a Bump github.com/xanzy/go-gitlab from 0.85.0 to 0.86.0 (trufflesecurity#1425)
- f52946b Add Couchbase Detector (trufflesecurity#1385)
- 945c27c Fix docker source to return any chunk errors (trufflesecurity#1429)
- da5301e Exit with non-zero exit code on chunk source error (trufflesecurity#1286)
- 7cefea6 Bump cloud.google.com/go/storage from 1.29.0 to 1.30.1 (trufflesecurity#1424)
- 6e6895b Update Slack webhook error text for verification (trufflesecurity#1427)
- 146ddb3 Bump golang.org/x/sync from 0.2.0 to 0.3.0 (trufflesecurity#1426)
- ab84f1f Bump go.mongodb.org/mongo-driver from 1.11.6 to 1.12.0 (trufflesecurity#1423)
- 3ea766e Bump github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5 (trufflesecurity#1422)
- cd67f6b prevent www from being a key to prevent fp (trufflesecurity#1418)
- eeefde1 Ensure results are collected correctly when verification is off, and dedupe twilio (trufflesecurity#1420)
- f3152b6 Implement SourceUnitUnmarshaller for all sources (trufflesecurity#1416)
- 0c643bd Bump github.com/docker/distribution (trufflesecurity#1415)
- e856a68 🎉 Add Docker image scanning 🎉 (trufflesecurity#1412)
- 648ef3b fix spelling errors (trufflesecurity#1413)
- fd4b5d1 remove gorilla mux (trufflesecurity#1411)
- 0c3410c add new key pat for mailgun detector (trufflesecurity#1375)
- df353f0 Bump google.golang.org/api from 0.125.0 to 0.128.0 (trufflesecurity#1408)
- 93969f9 Bump github.com/googleapis/gax-go/v2 from 2.10.0 to 2.11.0 (trufflesecurity#1406)
- 4938d67 Custom detector name (trufflesecurity#1400)
- e9cce62 update discord invite link to one that doesn't expire (trufflesecurity#1410)
- 12cb422 Bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 (trufflesecurity#1407)
- 84f2e72 Bump github.com/getsentry/sentry-go from 0.21.0 to 0.22.0 (trufflesecurity#1404)
- e12f0f8 Setup SourceUnit interface (trufflesecurity#1393)
- 401688d Add Validator interface and example (trufflesecurity#1397)
- 6d9ae7a Make trace error message so newlines aren't escaped (trufflesecurity#1396)
- fb76eaf Use heuristic to choose the most likely UTF-16 decoded string (trufflesecurity#1381)
- 3d39549 Bump cloud.google.com/go/secretmanager from 1.10.1 to 1.11.0 (trufflesecurity#1378)
- 8d41986 Bump github.com/xanzy/go-gitlab from 0.83.0 to 0.85.0 (trufflesecurity#1391)
- 97bd11f Bump github.com/hashicorp/go-retryablehttp from 0.7.2 to 0.7.4 (trufflesecurity#1388)
- 4fbd4e3 Bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (trufflesecurity#1389)
- 74ffbd2 add a custom detector check for logging duplicate detector (trufflesecurity#1394)
- c2e3e7d Split files instead of using ReadAll (trufflesecurity#1387)
- ca19472 Update sqlserver redaction, deduplication, and URI redaction (trufflesecurity#1369)
- c28c70b fix new git file plus plus plus bug (trufflesecurity#1386)
- dfb1a0c Add DocuSign detector (trufflesecurity#1382)
- ce4a1fd [chore] - fix test (trufflesecurity#1383)
- c8b9735 Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (trufflesecurity#1377)
- 769d708 Bump github.com/mattn/go-sqlite3 from 1.14.16 to 1.14.17 (trufflesecurity#1380)
- 572cb0e Loosen up version check for git
- 183037a Check that git meets version requirements (trufflesecurity#1373)
- 8b7c508 update detector regex. (trufflesecurity#1368)
- 589a794 Bump github.com/googleapis/gax-go/v2 from 2.8.0 to 2.9.1 (trufflesecurity#1363)
- 5358ed7 fix mockaroo fps (trufflesecurity#1370)
- 9637f5e Bump cloud.google.com/go/secretmanager from 1.10.0 to 1.10.1 (trufflesecurity#1365)
- 8be6ed0 Bump github.com/envoyproxy/protoc-gen-validate from 1.0.0 to 1.0.1 (trufflesecurity#1366)
- d433bf0 Bump go.mongodb.org/mongo-driver from 1.11.4 to 1.11.6 (trufflesecurity#1367)
- c894482 Surface missing git as an error during initialization (trufflesecurity#1362)
- cbfbf53 Add Data member to ResultsMetadata struct. (trufflesecurity#1358)
- 32a351f adds linting for workflow and actions (trufflesecurity#1356)
- d11f069 Bump golang.org/x/crypto from 0.8.0 to 0.9.0 (trufflesecurity#1354)
- a9d2464 Bump github.com/getsentry/sentry-go from 0.20.0 to 0.21.0 (trufflesecurity#1351)
- 3ab864a Make OpenAI regex more specific (trufflesecurity#1345)
- 9cc3d05 Bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 (trufflesecurity#1352)
- 596639b Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (trufflesecurity#1353)
- ecffe72 Bump github.com/go-logr/zapr from 1.2.3 to 1.2.4 (trufflesecurity#1355)
- 1d9d6b6 needed perms for running workflows against forks (trufflesecurity#1348)
- 1da7720 Replace context.TODO. (trufflesecurity#1349)
- 4ba0ad4 Add message for discord server in readme (trufflesecurity#1344)
- 0c38622 [chore] - Use correct detector proto (trufflesecurity#1347)
- 1a81709 Check to see if StructuredData exists before attempting to print it (trufflesecurity#1346)
- 195f9f0 Add Base64URLSafe decoder (trufflesecurity#1292)
- f831b62 Update generic.go (trufflesecurity#1343)
- 31844b1 [oc-313] - Add GitHub metrics (trufflesecurity#1324)
- 88b4a28 Add extra data and structured data to plain output (trufflesecurity#1316)
- 4250773 GitHub basic auth (trufflesecurity#1337)
- e81b908 Add buildkitev2 detector for newer tokens. (trufflesecurity#1341)
- 6db770f use md5 hash for checking if key exists. (trufflesecurity#1257)
- 948828b [chore] - move objectManager interface (trufflesecurity#1332)
- 5546033 Bump golang.org/x/sync from 0.1.0 to 0.2.0 (trufflesecurity#1334)
- a46a183 Bump github.com/rabbitmq/amqp091-go from 1.8.0 to 1.8.1 (trufflesecurity#1335)
- b9eb34b Bump github.com/go-sql-driver/mysql from 1.7.0 to 1.7.1 (trufflesecurity#1336)
- 1df352b Bump google.golang.org/api from 0.114.0 to 0.122.0 (trufflesecurity#1342)
- 4fcea1e Bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 (trufflesecurity#1339)
- 4c04bbb added pulumi cloud Access token detector (trufflesecurity#1295)
- 584db86 Support line numbers in filesystem source (trufflesecurity#1297)
- fad34d4 git worktree scanning fix for trufflesecurity#827 (trufflesecurity#1315)
- e3213fb Do extraction after decompression (trufflesecurity#1320)
- f2924f3 Make sure context lines are properly handled (trufflesecurity#1331)
- 6699ccd Generate protos (trufflesecurity#1329)
- 87f3f27 Fix SquareApp detector type return value (trufflesecurity#1322)
- deb0f63 Update regex. (trufflesecurity#1328)
- 030c093 Fix how we scan orgs (trufflesecurity#1327)
- be4147a Output git timestamps as UTC times (trufflesecurity#1323)
- 323c093 Normalize GitHub repos during enumeration (trufflesecurity#1269)
- 9cb91a6 Extend cache interface (trufflesecurity#1318)
- 714c480 Add log to track git log size (trufflesecurity#1325)
- 21258f4 add performance test (trufflesecurity#1301)
- 65305ed Scan only for verified secrets in our CI (trufflesecurity#1310)
- 156aaac Bump github.com/lib/pq from 1.10.8 to 1.10.9 (trufflesecurity#1307)
- 531d17b Bump github.com/mholt/archiver/v4 from 4.0.0-alpha.7 to 4.0.0-alpha.8 (trufflesecurity#1305)
- c13c562 add tineswebhook detector (trufflesecurity#1304)
- 56cd1df Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.3.0 to 2.4.0 (trufflesecurity#1306)
- 6797268 [chore] - format log msg (trufflesecurity#1299)
- a2266b4 add additional logging (trufflesecurity#1298)
- b167519 Implement EndpointCustomizer (trufflesecurity#1291)
- 4086895 add scripts to benchmark and plot performance across tags (trufflesecurity#1293)
- 10902f8 Add max object size flag for s3 bucket scanning (trufflesecurity#1294)
- 2a3f894 Fixed contentfulpersonalaccesstoken regex (trufflesecurity#1199)
- d1cbc54 Updated BrowserStack detector endpoint (trufflesecurity#1290)
- 5a86c18 Fix include and exclude detector logic (trufflesecurity#1267)
- 622700b update proto to allow for ignoring projects. (trufflesecurity#1289)
- 15ed428 update jira detector. (trufflesecurity#1288)
- 6f801f6 Added a new detector for percy.io (trufflesecurity#1284)
- 3485a6d improve sqlserver detection and testing (trufflesecurity#1285)
- 34f5db6 Small optimizations for the base64 decoder (trufflesecurity#1278)
- 91bd843 Bump cloud.google.com/go/storage from 1.29.0 to 1.30.1 (trufflesecurity#1282)
- 584ab04 Bump github.com/envoyproxy/protoc-gen-validate from 0.10.1 to 1.0.0 (trufflesecurity#1280)
- 7578a3a Bump google.golang.org/api from 0.118.0 to 0.119.0 (trufflesecurity#1279)
- 800ac30 optimize base64 decoder. (trufflesecurity#1277)
- abdff53 optimize utf-8 decoder (trufflesecurity#1275)
- a002ba9 Add RawV2 Results to the JSON Output (trufflesecurity#1273)
- cec1543 Add utf16 decoder proto. (trufflesecurity#1276)
- e217e2f Ensure multipart credentials are deduplicated correctly (trufflesecurity#1271)
- 4116a24 Add utf16 decoder (trufflesecurity#1274)
- a6902ae Add configurable detectors (trufflesecurity#1139)
- 6dd24d1 Switch Endpoint Field to Client ID (trufflesecurity#1270)
- 5b2b434 Allow multipel team IDs. (trufflesecurity#1259)
- 1c1f034 Adding Google drive to MetaData proto (trufflesecurity#1264)
- 661e62f Bump github.com/xanzy/go-gitlab from 0.81.0 to 0.83.0 (trufflesecurity#1268)
- 9224401 Bump github.com/lib/pq from 1.10.7 to 1.10.8 (trufflesecurity#1260)
- dfc5a9f [chore] Log possible duplicate detectors (trufflesecurity#1266)
- f5ecbc8 Bump github.com/xanzy/go-gitlab from 0.81.0 to 0.82.0 (trufflesecurity#1262)
- 42975c6 Bump google.golang.org/api from 0.114.0 to 0.118.0 (trufflesecurity#1261)
- 0507f0e Only add detectors once (trufflesecurity#1265)
- 531e3ef Add team name to proto. (trufflesecurity#1258)
- 97ce271 []bytes were being logged as b64ed string (trufflesecurity#1255)
- 1c89e79 Remove
toLower
call on decoded chunk (trufflesecurity#1254) - 461f1a6 [chore] - use hex encode vs base64 (trufflesecurity#1256)
- 2fbf86a Use md5 hash for resuming key (trufflesecurity#1203)
- 458c791 fix extra log messages (trufflesecurity#1253)
- 1db2259 update circle test because workflows expire and need re-running (trufflesecurity#1251)
- 562f3aa Generate protos (trufflesecurity#1250)
- 2c1d8fb THOG-920/add oss proto (trufflesecurity#1240)
- f1cb933 Bump go.mongodb.org/mongo-driver from 1.11.3 to 1.11.4 (trufflesecurity#1247)
- 256ae20 Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.2.0 to 2.3.0 (trufflesecurity#1245)
- 5fce8f9 Bump golang.org/x/crypto from 0.7.0 to 0.8.0 (trufflesecurity#1244)
- 304abb9 Bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 (trufflesecurity#1243)
- a8c27b9 Bump golang.org/x/text from 0.8.0 to 0.9.0 (trufflesecurity#1246)
- c451f9d Use persistable cache for GCS progress tracking (trufflesecurity#1204)
- f107e1b Use defautl endpoints when no custom verifier provided. (trufflesecurity#1242)
- b3d917f Resolve trufflesecurity#1167 by adding support for the AWS_SESSION_TOKEN (trufflesecurity#1170)
- 20d5683 fix linting step (trufflesecurity#1235)
- 5822261 readme improvements (trufflesecurity#1234)
- 3932486 Add lint for exporting loop references (trufflesecurity#1232)
- 8f10938 forager requires direct access to gitparse.FromReader (trufflesecurity#1233)
- 90737fe Bump github.com/getsentry/sentry-go from 0.19.0 to 0.20.0 (trufflesecurity#1231)
- c8646bd Bump cloud.google.com/go/storage from 1.29.0 to 1.30.1 (trufflesecurity#1225)
- ab86c12 Bump github.com/googleapis/gax-go/v2 from 2.7.0 to 2.8.0 (trufflesecurity#1227)
- 9b941ef Bump
go
from1.18
to1.20
(trufflesecurity#1230) - 12127b0 Bump google.golang.org/api from 0.109.0 to 0.114.0 (trufflesecurity#1228)
- 9ca53d7 Bump github.com/go-logr/logr from 1.2.3 to 1.2.4 (trufflesecurity#1226)
- 6052383 Bump github.com/TheZeroSlave/zapsentry from 1.14.0 to 1.15.0 (trufflesecurity#1229)
- 9356b35 Bump github.com/envoyproxy/protoc-gen-validate from 0.9.1 to 0.10.1 (trufflesecurity#1207)
- 762641d Add DetectorName to Result (trufflesecurity#1223)
- 2cf6f83 Use OAuth2 http client with GCS (trufflesecurity#1220)
- dfc38a1 Add oauth2 cred as auth type for Teams. (trufflesecurity#1221)
- 0052f60 Allow for custom verifier (trufflesecurity#1070...