v1.18.1-f

What's Changed

• add settlemint identifiers in #8

v1.18.1-e

Full Changelog: v1.18.1-d...v1.18.1-e

v1.18.1-go-gitdiff

Release with updated go-gitdiff

v1.18.1-d

Full Changelog: v1.18.1-c...v1.18.1-d

v1.18.1-c

Full Changelog: v1.18.1-b...v1.18.1-c

v1.18.1-b

Changelog

• ba01b72 go syntax
• c7b2646 go syntax
• bfee0f4 clip long string (eg entire files)

v8.18.1-a

Changelog

• 458acfa set env variable
• 84de55e disable cgo during build
• e4fc803 trim space from values
• 823e21d make fulline appear in json
• af33c0f report both the Line and the FullLine

v1.0

Changelog

• eb1e393 update workflow
• 328c1fd update release github action
• a3630ab update release github action
• 8b10d85 report the whole line on which the finding was found
• 870194b fix errors when using protect and an external git diff tool (gitleaks#1318)
• 179c607 rename filesystem to directory (gitleaks#1317)
• 8de8938 Enhance Secret Descriptions (gitleaks#1300)
• ca7aa14 Small refactor detect and sources (gitleaks#1297)
• 01e60c8 chore(config): refactor to go generate; simplify configRules init (gitleaks#1295)
• 54f5f04 forgot symlinks
• 221d5c4 pretty apparent 'protect' and 'detect' should be merged into one command (gitleaks#1294)
• 128b50f style: sort the stopwords (gitleaks#1289)
• dab7d02 dont crash on 100gb files pls (gitleaks#1292)
• e63b657 remove secretgroup from default config (gitleaks#1288)
• 20fcf50 feat: Hashicorp Terraform fields for password (gitleaks#1237)
• b496677 perf: avoid allocations with (*regexp.Regexp).MatchString (gitleaks#1283)
• a3ab4e8 refactor: more explicit rules (gitleaks#1280)
• bd9a25a bugfix: reduce false positives for stripe tokens by using word boundaries in regex (gitleaks#1278)
• 6d0d8b5 add Infracost API rule (gitleaks#1273)
• 2959fc0 refactor: simplify test asserts (gitleaks#1271)
• d37b38f Update Makefile
• 14b1ca9 refactor: change detect tests to t.Fatal instead of log.Fatal (gitleaks#1270)
• d9f86d6 feat(rules): Add detection for Scalingo API Token (gitleaks#1262)
• ed34259 feat(jwt): detect base64-encoded tokens (gitleaks#1256)
• 0d5e46f feat: add --ignore-gitleaks-allow cmd flag (gitleaks#1260)
• a82ac29 switch out libs (gitleaks#1259)
• 0b84afa fix: no-color option should also affect zerolog output (gitleaks#1242)
• 8976539 Fixed lineEnd indexing if the match is the whole line (gitleaks#1223)
• 30c6117 feat: Add optional redaction value, default 100 (gitleaks#1229)
• e9135cf fix(jwt): longer segment lengths (gitleaks#1214)
• f65f915 Added yarn.lock file to default allowlist paths (gitleaks#1258)
• abfd0f3 Update README.md
• 18283bb feat(rules): make case insensitivity optional (gitleaks#1215)
• 9fb36b2 feat(rules): detect Hugging Face access tokens (gitleaks#1204)
• db4bc0f Resolve gitleaks#1170 - Enable selection of a single rule (gitleaks#1183)
• 3cbcda2 Update authress.go to include alternate form account dash (-) (gitleaks#1224)
• 46c6272 refactor: remove unnecessary removing temp files in tests (gitleaks#1255)
• 963a697 refactor: use os.ReadFile instead of os.Open + io.ReadAll (gitleaks#1254)
• 163ec21 fix(sumologic): improve patterns (gitleaks#1218)
• 4526655 refactor: fix gitleaks#722 properly (gitleaks#1250)
• b1a2ce7 fix(plaid): include entropy in go definition (gitleaks#1252)
• 34e6722 feat(config): update template logic (gitleaks#1201)
• 61513d6 Add entropy check to plaid client/secret ID rules (gitleaks#1213)
• f0dcd4d feat: add JFrog API and Identity keys (gitleaks#1233)
• 06db3b9 chore(config): fix inconsistent generated values (gitleaks#1200)
• 7804d65 Revert "Initial set of Azure secrets for gitleaks#539 (gitleaks#1079)" (gitleaks#1197)
• 7911ac6 Initial set of Azure secrets for gitleaks#539 (gitleaks#1079)
• 463d246 feat(slack): update token regex (gitleaks#1161)
• 86197b0 add tags support for csv and sarif formats (gitleaks#1176)
• 3f894cb Fixed docker run command in README.md (gitleaks#1194)
• 7f53b03 feat: add warning for quoted --log-opts values (gitleaks#1160)
• 7dc9ba4 Add detection for OpenAI API keys (gitleaks#1148)
• c101fa8 Add some useless files (gitleaks#1193)
• 257c703 add tests for commits
• b1d59bf fix broken vet, format some stuff
• fab4f4e Merge branch 'master' of github.com:gitleaks/gitleaks
• 289062a add some gl ignores
• 91ff8f9 Ignore all comits when .gitleaksignore fingerprint lacks SHA (gitleaks#1156)
• 0dbdde8 Add junit report format (gitleaks#920)
• bc59944 chore: update deps to fix solaris link (gitleaks#1159)
• a685551 Add makefile variable detections (gitleaks#1191)
• ab5fc21 Add detection for Snyk tokens (gitleaks#1190)
• d6fccc8 Add REDACTED to stopwords for generic-api-key rule (gitleaks#1188)
• 6f75511 Added option to specify .gitleaksignore path (gitleaks#1179)
• 190ac97 Fix closing file in writeJson and writeSarif (gitleaks#1187)
• 6dbb0c5 Simplify tests by using T.TempDir (gitleaks#1186)
• 6705461 Fix typos in *.md, comments and logs (gitleaks#1185)
• 9869eab Update README.md
• 16f1ec0 Update bug_report.md
• 8d80a5a Adding discord channel to readme
• 146f69e 🐛 fix(sarif): update report to pass validator (gitleaks#1167)
• 51ca0f8 fix(detect): extra secret from group before checking allowlist (gitleaks#1152)
• 81cf308 Fix G307 warning: Deferring unsafe method "Close" on type "*os.File" (gitleaks#1154)
• bd8b145 fix(detect): avoid panic with verbose flag (gitleaks#1143)
• 839f114 Fix typo (gitleaks#1142)
• 63c3076 No color (gitleaks#1136)
• b5a726e Update README.md
• 56079dc safer out of bounds (gitleaks#1135)
• 9c6650d Add Authress access key format: https://authress.io/knowledge-base/docs/authorization/service-clients/secrets-scanning/ (gitleaks#1131)
• 6fa63f4 Update pre-commit address and rev tag in README (gitleaks#1125)
• fe9fb37 Update gitleaks.yml
• c3b7a98 Update README.md
• 6c4a88c Update README.md
• 27481a9 Update .gitleaksignore
• 9701bf1 Bufix/1100 protect stagged files (gitleaks#1121)
• a5b9c24 remove extra default on source option
• db79d81 fix README.md !? (gitleaks#1123)
• 8a31f4a Improve rule descriptions for Stripe and Facebook access tokens (gitleaks#1119)
• 6b0c303 Add Defined Networking API Tokens (gitleaks#1096)
• 1fb3a77 Update gitleaks.toml (gitleaks#1116)
• 765bcd5 Update gitleaks.yml (gitleaks#1117)
• 11c2ad0 Add gradle.lockfile to allowlist (gitleaks#1112)
• e55d397 Update pre-commit rev tag in README (gitleaks#1108)
• 2dd9946 Add pnpm-lock.yaml and Database.refactorlo (gitleaks#1109)
• 4b5e8e1 Feat/allowlist regex target (gitleaks#1107)
• 343e693 ignore package-lock.json (gitleaks#1076)
• 0060ab6 Fix typos in README.md and CONTRIBUTING.md (gitleaks#1090)
• 0259088 fix: ignore baseline if path was not relative in source (gitleaks#1101)
• 088f8b8 Fix H in GitHub and update pre-commit rev tag in README (gitleaks#1087)
• afdccad Add missing GitLab token patterns (gitleaks#1077)
• e002920 Fix rule for private keys (gitleaks#1072)
• d805fb9 remove color formatting when gitleaks#1042 is encountered (gitleaks#1050)
• 391d4d7 Update README.md
• f774932 adding jwt tokens with padding format "=" (gitleaks#1031)
• 7f229fa include default newline pairs when calculating location (gitleaks#1038)
• d0733f9 Add rule for fine-grained GitHub PAT (gitleaks#1026)
• 6ef704f Add scanning from a pipe with --pipe (gitleaks#1012)
• 7cfebca add a few fingerprints for test data
• 6d801ed Add support for following symlinks (gitleaks#1010)
• e15ab0d fix bug in readme (gitleaks#1011)
• c39e764 define log-opts, odd that this wasn't failing before... (gitleaks#1009)
• c0caab0 add --max-target-megabytes : maximum size for a file/blob to be scanned (gitleaks#1003)
• 81c92c7 Update USERS.md
• bf03159 Update .gitleaksignore
• acce01f Update README.md
• 2678a54 Add detection rules for DigitalOcean tokens (gitleaks#1002)
• 289b757 docs: add Trendyol to users (gitleaks#998)
• c02d830 docs: added goreleaser to user list (gitleaks#997)
• 67b0a29 Update USERS.md (gitleaks#996)
• f710d68 Create USERS.md
• eb2bfe5 Exclude dacpac refactorlogs (gitleaks#990)
• 55d1da1 Output number of commits at info-level. (gitleaks#991)
• 177e9f4 Detect Slack Workflow Webhook URLs (gitleaks#989)
• e93d8cb Upgrade go version to 1.19 (gitleaks#987)
• db43f9a Minor cleanup to error handling and logging (gitleaks#985)
• 9b15f0d Update README.md
• 817aa7b Update .gitleaksignore
• 33082a9 Update README.md
• 7dbfe8d Adding quiet mode to silence banner (gitleaks#852)
• fc98cbf Issue gitleaks#980: Add support for Telegram Bot API Token (gitleaks#981)
• 3f0293d add rule for microsoft teams webhooks (gitleaks#970)
• 4f6ee2b Add baseline (gitleaks#975)
• 6202053 Add pre-commit autoupdate command to README.md (gitleaks#978)
• c8681e4 refactor: more precise rule for private keys (gitleaks#930)
• b934591 update gitleaksignore
• 8622c39 add fingerprint to output
• 96eed6a Pretty output (gitleaks#973)
• 7d9dd26 Update version in readme file (gitleaks#972)
• e47867d ignore empty files (gitleaks#965)
• adf512e Add grafana tokens rules (gitleaks#959)
• e35cb67 add prefect and readme rules (gitleaks#961)
• b6b7cfb draft: bump gitdiff, add git.Err state, better log messages (gitleaks#954)
• 1b3f10c Feat/add fingerprint no git (gitleaks#952)
• 6748a89 safe file checking (gitleaks#946)
• 6f6e057 Update README.md
• b8f236c Explicit fingerprint (gitleaks#944)
• c5fc080 add two test findings to gitleaksignore
• 3bace4c Feat/ignore finding (gitleaks#938)
• e890a8e add jwt rule (gitleaks#943)
• 49b0b09 bump golang test version (gitleaks#942)
• 31a8e9d gitleaks allow docs (gitleaks#941)
• b1853bd Add new rules for vault tokens (gitleaks#919)
• cd52267 Feature/add sidekiq rules (gitleaks#933)
• afc89f9 update readme
• 5ae1023 add url for config
• 31650f0 Feature: Adding the ability to extend configuration files (gitleaks#926)
• 0d47165 Add fix for issue gitleaks#915 (gitleaks#916)
• f615d03 Update README.md
• 40e9172 Update README.md
• 9033132 Update README.md
• 1fc27ee adding access to generic rule keywords and identifiers
• f4ddeda Fix proper names capitalization (gitleaks#907)
• 6210a7e Add multi platform build (gitleaks#897)
• e300b31 update twitter rule generation description and id
• 3073e45 capitilze twitter description
• d401bd3 Merge branch 'master' of github.com:zricethezav/gitleaks
• 1297b41 adding travis ci
• d44cb91 Fix id and description for twitter tokens (gitleaks#905)
• efdc774 Adding okta, codecov, zendesk, and updating Atlassian's rule to include jira keyword (gitleaks#904)
• e78a22e Fix Plaid, add Plaid access token (gitleaks#903)
• 9cc19ec adding airtable and adafruit (gitleaks#902)
• 05c165d Fixes accidental type typos while translating rules from validation spreadsheet, adds bittrex rule
• f6a87ca Remove ssn allowlist (gitleaks#898)
• 73a3cf8 Adding a bunch of new rules, update allowlist to include node_modules… (gitleaks#896)
• d196b83 contributing guidelines first draft (gitleaks#895)
• 35f2ea5 Lint python commit script to satisfy PEP8 (gitleaks#893)
• 7002807 Update generate (gitleaks#892)
• c14af5f maintain parity with recent changes... need to create rule contributing guidelines (gitleaks#891)
• 06b1396 Fix duplicate TOML Rules and IDs (gitleaks#889)
• 5d3f247 Update README.md
• 404dd8e Update gitleaks.yml
• 3a1ab48 Update README.md
• f5c2b63 user accounts don't need gitleaks license
• b5ed7ff Update README.md
• 09007da Add gitleaks badge
• d51ce47 Create gitleaks.yml (gitleaks#884)
• 6919447 add link to gitleaks.io
• c3b7932 fix git unsafe directory (gitleaks#883)
• 82e409a Limit newlines regex (gitleaks#881)
• 0eb57cb add combo to stopwords, update cmd/generate
• 3531887 Fix generic-api-key detected erroneously (zricethezav#877) (gitleaks#878)
• e9ebde7 ignore end line when comparing generic rules (gitleaks#879)
• 469cd22 updating generic regex and algoia regex (gitleaks#875)
• 93e7...