commit trufflehog for openSUSE:Factory

Source-Sync Wed, 07 Feb 2024 09:54:38 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package trufflehog for openSUSE:Factory 
checked in at 2024-02-07 18:51:02
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/trufflehog (Old)
 and      /work/SRC/openSUSE:Factory/.trufflehog.new.1815 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "trufflehog"

Wed Feb  7 18:51:02 2024 rev:14 rq:1144948 version:3.67.4

Changes:
--------
--- /work/SRC/openSUSE:Factory/trufflehog/trufflehog.changes    2024-02-06 
16:34:53.511795593 +0100
+++ /work/SRC/openSUSE:Factory/.trufflehog.new.1815/trufflehog.changes  
2024-02-07 18:53:46.878357497 +0100
@@ -1,0 +2,116 @@
+Wed Feb 07 09:23:59 UTC 2024 - felix.niederwan...@suse.de
+
+- Update to version 3.67.4:
+  * [feat] - use diff chan (#2387)
+  * [not-fixup] - Reduce memory consumption for Buffered File Writer (#2377)
+  * fix: case-insensitive ext check (#2383)
+  * tightening opsgenie detection and verification (#2389)
+  * Fix binary file hanging bug in git sources (#2388)
+  * Disable GitHub wiki scanning by default (#2386)
+  * [fixup] - correctly use the buffered file writer (#2373)
+  * custom detector dogs (#2376)
+  * use only the DetectorKey as a map field (#2374)
+  * [feat] - concurently scan the filesystem source (#2364)
+  * [chore] Cleanup GitLab source errors (#2345)
+  * [bug] - use DetectorKey as the key in the detectorKeysWithResults map 
(#2366)
+  * Add s3 credential validation (#2362)
+  * Polite Verification (#2356)
+  * Make AzureDevopsPersonalAccessToken verification more robust (#2359)
+  * fix (#2360)
+  * update azure test files to check rawV2 (#2353)
+  * [chore] Add filesystem integration test (#2358)
+  * Scan GitHub wikis #2233
+  * added flyio protos (#2357)
+  * Allow for configuring the buffered file writer (#2319)
+  * [feat] - tmp file diffs (#2306)
+  * Fix filesystem enumeration ignore paths bug (#2355)
+  * Detectors Updates 1 for Tristate Verification (#2187)
+  * feat(detectors): update template (#2342)
+  * Azure function key is throwing FPs (#2352)
+  * Improve fp ignore logic (#2351)
+  * added azuresearchquerykey detector (#2349)
+  * added azuresearchadminkey detector (#2348)
+  * added azurefunctionkey detector (#2337)
+  * updates to plain and json printing to include verification error (#2335)
+  * Add the new MaxMind license key format (#2181)
+  * Prevent print or logging in detectors (#2341)
+  * make sure to close connections after testing (#2343)
+  * Fix test (#2339)
+  * add tri-state verification to yelp (#1736)
+  * Improve GitHub scan logging (#2220)
+  * Update DockerHub detector logic (#2266)
+  * Add Google oauth2 token detector (#2274)
+  * add priority semaphore (#2336)
+  * updating doppler logic (#2329)
+  * added azuredevopspersonalaccesstoken detector (#2315)
+  * Walk directories in filesystem source enumeration (#2313)
+  * [feat] - Replace regexp pkg w/ go-re2 in detectors (#2324)
+  * Update Gitlab repo count in tests #2333
+  * Narrow Postgres detector to only look for URIs (#2314)
+  * fixing incorrect acct num id for some aws keys (#2332)
+  * updating detector logic for zenscrape (#2316)
+  * Add prometheus metrics to measure hook execution time (#2312)
+  * [chore] - reduce test time (#2321)
+  * fix(deps): update module github.com/aws/aws-sdk-go to v1.50.0 (#2325)
+  * fix(deps): update module github.com/envoyproxy/protoc-gen-validate to 
v1.0.4 (#2322)
+  * fix(deps): update module github.com/couchbase/gocb/v2 to v2.7.1 (#2320)
+  * fix(deps): update golang.org/x/exp digest to 1b97071 (#2318)
+  * [chore] - Update Chunk struct comment (#2317)
+  * fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2054)
+  * save 8 bytes per chunk (#2310)
+  * [chore] - Add regex and keyword for api_org tokens (#2240)
+  * Assume unauthenticated github scans have public visibility (#2308)
+  * [fixup ] - Allow ssh cloning with AWS Code Commit (#2307)
+  * added azure protos (#2304)
+  * Disable recently added postgres detector because it it too sensitive 
(#2303)
+  * [feat] - Provide CLI flag to only use custom verifiers (#2299)
+  * Individuate archive tests #2293
+  * [feat] - Allow for the use of include/exclude path files for filesystem 
scans (#2297)
+  * [chore] - small updates (#2288)
+  * fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to 
v2.9.0 (#2295)
+  * fix(deps): update module github.com/aws/aws-sdk-go to v1.49.19 (#2294)
+  * feat(installation): Implement checksum signature verification (#2157)
+  * fix(deps): update module github.com/aws/aws-sdk-go to v1.49.18 (#2292)
+  * fix(deps): update module cloud.google.com/go/storage to v1.36.0 (#2291)
+  * chore(deps): update sigstore/cosign-installer action to v3.3.0 (#2290)
+  * chore(deps): update alpine docker tag to v3.19 (#2287)
+  * fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.19 (#2286)
+  * Extend memory cache (#2275)
+  * fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.3 
(#2285)
+  * fix(deps): update golang.org/x/exp digest to 0dcbfd6 (#2284)
+  * fix(deps): update module 
github.com/azuread/microsoft-authentication-library-for-go to v1.2.1 (#2282)
+  * adding postgres detector (#2108)
+  * update test (#2283)
+  * fix(deps): update golang.org/x/exp digest to be819d1 (#2281)
+  * fix(signable): ignore common false positives (#2230)
+  * fix(parseur): ignore false positives (#2229)
+  * [chore] - update docs for pre-commit (#2280)
+  * 1833 Fix syslog udp (#1835)
+  * Wrap temp deletion err #2277
+  * Bump github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.6.0 (#2279)
+  * Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 (#2278)
+  * Updated trufflehog sourcegraph secret format (#2254)
+  * Update stripe detector regex (#2261)
+  * [chore] Add test to check all versioned detectors are non-zero (#2272)
+  * fix(gitparse): handle fromFileLine edge case (#2206)
+  * Fix non-ASCII whitespace on GitHub Action (#2270)
+  * fix(deps): update module github.com/go-git/go-git/v5 to v5.11.0 [security] 
(#2263)
+  * Fix commit message single quote escaping on GitHub Action (#2259)
+  * Use directory iterator instead of walkdir (#2260)
+  * Add handlerOpts back (#2258)
+  * Skip all binaries (#2256)
+  * Add skip archive support (#2257)
+  * use walk dir for tmp cleanup (#2255)
+  * [fixup] -  Refactor to Pass Reader for Binary Diffs and Archived Data; 
Optimize /tmp Directory Cleanup (#2253)
+  * Dedupe some source log keys (#2250)
+  * Fix goroutine leak (#2251)
+  * [chore] - lower logging level (#2249)
+  * [chore] - add additional binary extensions to skip (#2235)
+  * use snake_case for naming (#2238)
+  * [bug] - Bug archive handler memory leak (#2247)
+  * Add missing import (#2246)
+  * fix(snowflake): avoid extraneous attempts (#2057)
+  * feat(github): update extradata (#2219)
+  * shallow cloning + GitHub Action (#2138)
+
+-------------------------------------------------------------------

Old:
----
  trufflehog-3.67.2.obscpio

New:
----
  trufflehog-3.67.4.obscpio

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ trufflehog.spec ++++++
--- /var/tmp/diff_new_pack.Z10xdl/_old  2024-02-07 18:53:51.106511178 +0100
+++ /var/tmp/diff_new_pack.Z10xdl/_new  2024-02-07 18:53:51.110511323 +0100
@@ -17,7 +17,7 @@
 
 
 Name:           trufflehog
-Version:        3.67.2
+Version:        3.67.4
 Release:        0
 Summary:        CLI tool to find exposed secrets in source and archives
 License:        AGPL-3.0-or-later

++++++ _service ++++++
--- /var/tmp/diff_new_pack.Z10xdl/_old  2024-02-07 18:53:51.134512196 +0100
+++ /var/tmp/diff_new_pack.Z10xdl/_new  2024-02-07 18:53:51.138512341 +0100
@@ -3,7 +3,7 @@
     <param name="url">https://github.com/trufflesecurity/trufflehog.git</param>
     <param name="scm">git</param>
     <param name="revision">main</param>
-    <param name="version">v3.67.2</param>
+    <param name="version">v3.67.4</param>
        <param name="versionrewrite-pattern">v(.*)</param>
        <param name="changesgenerate">enable</param>
   </service>

++++++ trufflehog-3.67.2.obscpio -> trufflehog-3.67.4.obscpio ++++++
/work/SRC/openSUSE:Factory/trufflehog/trufflehog-3.67.2.obscpio 
/work/SRC/openSUSE:Factory/.trufflehog.new.1815/trufflehog-3.67.4.obscpio 
differ: char 50, line 1

++++++ trufflehog.obsinfo ++++++
--- /var/tmp/diff_new_pack.Z10xdl/_old  2024-02-07 18:53:51.174513649 +0100
+++ /var/tmp/diff_new_pack.Z10xdl/_new  2024-02-07 18:53:51.174513649 +0100
@@ -1,5 +1,5 @@
 name: trufflehog
-version: 3.67.2
-mtime: 1707158635
-commit: 135cc3eb6945d4ca56c432328490b4860462a08a
+version: 3.67.4
+mtime: 1707242770
+commit: 7b492a690a89d2b8c59de75cb9acf6f06ab45458
 

++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/trufflehog/vendor.tar.gz 
/work/SRC/openSUSE:Factory/.trufflehog.new.1815/vendor.tar.gz differ: char 5, 
line 1

commit trufflehog for openSUSE:Factory

Reply via email to