Renovate Bot
8811ab705c
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [zricethezav/gitleaks](https://github.com/gitleaks/gitleaks) | patch | `v8.18.0` -> `v8.18.1` | --- ### Release Notes <details> <summary>gitleaks/gitleaks (zricethezav/gitleaks)</summary> ### [`v8.18.1`](https://github.com/gitleaks/gitleaks/releases/tag/v8.18.1) [Compare Source](https://github.com/gitleaks/gitleaks/compare/v8.18.0...v8.18.1) #### Changelog - [`dab7d02`](https://github.com/gitleaks/gitleaks/commit/dab7d02) dont crash on 100gb files pls ([#​1292](https://github.com/gitleaks/gitleaks/issues/1292)) - [`e63b657`](https://github.com/gitleaks/gitleaks/commit/e63b657) remove secretgroup from default config ([#​1288](https://github.com/gitleaks/gitleaks/issues/1288)) - [`20fcf50`](https://github.com/gitleaks/gitleaks/commit/20fcf50) feat: Hashicorp Terraform fields for password ([#​1237](https://github.com/gitleaks/gitleaks/issues/1237)) - [`b496677`](https://github.com/gitleaks/gitleaks/commit/b496677) perf: avoid allocations with `(*regexp.Regexp).MatchString` ([#​1283](https://github.com/gitleaks/gitleaks/issues/1283)) - [`a3ab4e8`](https://github.com/gitleaks/gitleaks/commit/a3ab4e8) refactor: more explicit rules ([#​1280](https://github.com/gitleaks/gitleaks/issues/1280)) - [`bd9a25a`](https://github.com/gitleaks/gitleaks/commit/bd9a25a) bugfix: reduce false positives for stripe tokens by using word boundaries in regex ([#​1278](https://github.com/gitleaks/gitleaks/issues/1278)) - [`6d0d8b5`](https://github.com/gitleaks/gitleaks/commit/6d0d8b5) add Infracost API rule ([#​1273](https://github.com/gitleaks/gitleaks/issues/1273)) - [`2959fc0`](https://github.com/gitleaks/gitleaks/commit/2959fc0) refactor: simplify test asserts ([#​1271](https://github.com/gitleaks/gitleaks/issues/1271)) - [`d37b38f`](https://github.com/gitleaks/gitleaks/commit/d37b38f) Update Makefile - [`14b1ca9`](https://github.com/gitleaks/gitleaks/commit/14b1ca9) refactor: change detect tests to t.Fatal instead of log.Fatal ([#​1270](https://github.com/gitleaks/gitleaks/issues/1270)) - [`d9f86d6`](https://github.com/gitleaks/gitleaks/commit/d9f86d6) feat(rules): Add detection for Scalingo API Token ([#​1262](https://github.com/gitleaks/gitleaks/issues/1262)) - [`ed34259`](https://github.com/gitleaks/gitleaks/commit/ed34259) feat(jwt): detect base64-encoded tokens ([#​1256](https://github.com/gitleaks/gitleaks/issues/1256)) - [`0d5e46f`](https://github.com/gitleaks/gitleaks/commit/0d5e46f) feat: add --ignore-gitleaks-allow cmd flag ([#​1260](https://github.com/gitleaks/gitleaks/issues/1260)) - [`a82ac29`](https://github.com/gitleaks/gitleaks/commit/a82ac29) switch out libs ([#​1259](https://github.com/gitleaks/gitleaks/issues/1259)) - [`0b84afa`](https://github.com/gitleaks/gitleaks/commit/0b84afa) fix: no-color option should also affect zerolog output ([#​1242](https://github.com/gitleaks/gitleaks/issues/1242)) - [`8976539`](https://github.com/gitleaks/gitleaks/commit/8976539) Fixed lineEnd indexing if the match is the whole line ([#​1223](https://github.com/gitleaks/gitleaks/issues/1223)) - [`30c6117`](https://github.com/gitleaks/gitleaks/commit/30c6117) feat: Add optional redaction value, default 100 ([#​1229](https://github.com/gitleaks/gitleaks/issues/1229)) - [`e9135cf`](https://github.com/gitleaks/gitleaks/commit/e9135cf) fix(jwt): longer segment lengths ([#​1214](https://github.com/gitleaks/gitleaks/issues/1214)) - [`f65f915`](https://github.com/gitleaks/gitleaks/commit/f65f915) Added yarn.lock file to default allowlist paths ([#​1258](https://github.com/gitleaks/gitleaks/issues/1258)) - [`abfd0f3`](https://github.com/gitleaks/gitleaks/commit/abfd0f3) Update README.md - [`18283bb`](https://github.com/gitleaks/gitleaks/commit/18283bb) feat(rules): make case insensitivity optional ([#​1215](https://github.com/gitleaks/gitleaks/issues/1215)) - [`9fb36b2`](https://github.com/gitleaks/gitleaks/commit/9fb36b2) feat(rules): detect Hugging Face access tokens ([#​1204](https://github.com/gitleaks/gitleaks/issues/1204)) - [`db4bc0f`](https://github.com/gitleaks/gitleaks/commit/db4bc0f) Resolve [#​1170](https://github.com/gitleaks/gitleaks/issues/1170) - Enable selection of a single rule ([#​1183](https://github.com/gitleaks/gitleaks/issues/1183)) - [`3cbcda2`](https://github.com/gitleaks/gitleaks/commit/3cbcda2) Update authress.go to include alternate form account dash (-) ([#​1224](https://github.com/gitleaks/gitleaks/issues/1224)) - [`46c6272`](https://github.com/gitleaks/gitleaks/commit/46c6272) refactor: remove unnecessary removing temp files in tests ([#​1255](https://github.com/gitleaks/gitleaks/issues/1255)) - [`963a697`](https://github.com/gitleaks/gitleaks/commit/963a697) refactor: use os.ReadFile instead of os.Open + io.ReadAll ([#​1254](https://github.com/gitleaks/gitleaks/issues/1254)) - [`163ec21`](https://github.com/gitleaks/gitleaks/commit/163ec21) fix(sumologic): improve patterns ([#​1218](https://github.com/gitleaks/gitleaks/issues/1218)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTIuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE1Mi4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=--> Reviewed-on: #3 Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net>
18 lines
499 B
YAML
18 lines
499 B
YAML
---
|
|
steps:
|
|
gitleaks:
|
|
image: zricethezav/gitleaks:v8.18.1@sha256:6945c62ca019ead32bc337ab0c9fd055e98d82961765d38b7ccccc84dae95d0f
|
|
commands:
|
|
- gitleaks detect --no-git --verbose --source $CI_WORKSPACE
|
|
when:
|
|
event:
|
|
exclude:
|
|
- tag
|
|
hadolint:
|
|
image: pipelinecomponents/hadolint:0.25.9@sha256:430e949e6554d56ffc2dd08898ee609c71822d7fa1033f7c4dc240e90f2aac23
|
|
commands:
|
|
- hadolint Dockerfile
|
|
when:
|
|
event:
|
|
exclude:
|
|
- tag
|