Bump trufflesecurity/trufflehog from 3.63.7 to 3.63.10

dependabot[bot] commented 7 months ago

Bumps trufflesecurity/trufflehog from 3.63.7 to 3.63.10.

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.63.10

What's Changed

added azure protos by @roxanne-tampus in trufflesecurity/trufflehog#2304

[fixup ] - Allow ssh cloning with AWS Code Commit by @ahrav in trufflesecurity/trufflehog#2307

Assume unauthenticated github scans have public visibility by @mcastorina in trufflesecurity/trufflehog#2308

[chore] - Add regex and keyword for api_org tokens by @ahrav in trufflesecurity/trufflehog#2240

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.63.9...v3.63.10

v3.63.9

What's Changed

[chore] - update docs for pre-commit by @ahrav in trufflesecurity/trufflehog#2280

Ignore common false positives for Parseur Detector by @rgmz in trufflesecurity/trufflehog#2229

Ignore common Signable false positives by @rgmz in trufflesecurity/trufflehog#2230

fix(deps): update golang.org/x/exp digest to be819d1 by @renovate in trufflesecurity/trufflehog#2281

[chore] - update test by @ahrav in trufflesecurity/trufflehog#2283

adding postgres detector by @dylanTruffle in trufflesecurity/trufflehog#2108

fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.1 by @renovate in trufflesecurity/trufflehog#2282

fix(deps): update golang.org/x/exp digest to 0dcbfd6 by @renovate in trufflesecurity/trufflehog#2284

fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.3 by @renovate in trufflesecurity/trufflehog#2285

Extend memory cache by @ahrav in trufflesecurity/trufflehog#2275

fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.19 by @renovate in trufflesecurity/trufflehog#2286

chore(deps): update alpine docker tag to v3.19 by @renovate in trufflesecurity/trufflehog#2287

chore(deps): update sigstore/cosign-installer action to v3.3.0 by @renovate in trufflesecurity/trufflehog#2290

fix(deps): update module cloud.google.com/go/storage to v1.36.0 by @renovate in trufflesecurity/trufflehog#2291

fix(deps): update module github.com/aws/aws-sdk-go to v1.49.18 by @renovate in trufflesecurity/trufflehog#2292

feat(installation): Implement checksum signature verification by @hibare in trufflesecurity/trufflehog#2157

fix(deps): update module github.com/aws/aws-sdk-go to v1.49.19 by @renovate in trufflesecurity/trufflehog#2294

fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.9.0 by @renovate in trufflesecurity/trufflehog#2295

[chore] - small updates by @ahrav in trufflesecurity/trufflehog#2288

[feat] - Allow for the use of include/exclude path files for filesystem scans by @ahrav in trufflesecurity/trufflehog#2297

Individuate archive tests by @rosecodym in trufflesecurity/trufflehog#2293

[feat] - Provide CLI flag to only use custom verifiers by @ahrav in trufflesecurity/trufflehog#2299

Disable postgres detector because it it too sensitive by @dustin-decker in trufflesecurity/trufflehog#2303

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.63.8...v3.63.9

v3.63.8

What's Changed

Fix commit message single quote escaping on GitHub Action by @0x2b3bfa0 in trufflesecurity/trufflehog#2259

fix(deps): update module github.com/go-git/go-git/v5 to v5.11.0 [security] by @renovate in trufflesecurity/trufflehog#2263

Fix non-ASCII whitespace on GitHub Action by @0x2b3bfa0 in trufflesecurity/trufflehog#2270

Update GitParse logic to handle edge case. by @rgmz in trufflesecurity/trufflehog#2206

[chore] Add test to check all versioned detectors are non-zero by @mcastorina in trufflesecurity/trufflehog#2272

Update stripe detector regex by @NikhilPanwar in trufflesecurity/trufflehog#2261

Update to Sourcegraph Access token format by @shivasurya in trufflesecurity/trufflehog#2254

Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 by @dependabot in trufflesecurity/trufflehog#2278

Bump github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.6.0 by @dependabot in trufflesecurity/trufflehog#2279

... (truncated)

Commits

b0fd951 [chore] - Add regex and keyword for api_org tokens (#2240)
c5af979 Assume unauthenticated github scans have public visibility (#2308)
a1dc660 [fixup ] - Allow ssh cloning with AWS Code Commit (#2307)
d6419a8 added azure protos (#2304)
2596331 Disable recently added postgres detector because it it too sensitive (#2303)
d0c0ba4 [feat] - Provide CLI flag to only use custom verifiers (#2299)
b03cc30 Individuate archive tests #2293
651beff [feat] - Allow for the use of include/exclude path files for filesystem scans...
9408425 [chore] - small updates (#2288)
aa40654 fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.9.0...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)