Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SCB-Bot] Upgraded gitleaks from v8.6.1 to v8.10.2 #1300

Merged
merged 2 commits into from
Aug 31, 2022
Merged

[SCB-Bot] Upgraded gitleaks from v8.6.1 to v8.10.2 #1300

merged 2 commits into from
Aug 31, 2022

Conversation

secureCodeBoxBot
Copy link
Contributor

@secureCodeBoxBot secureCodeBoxBot commented Aug 9, 2022
edited by Ilyesbdlala
Loading

This is an automated Pull Request by the SCB-Bot. It upgrades gitleaks from v8.6.1 to v8.10.2

Release changes : v8.7.0, v8.7.1, v8.7.2, v8.8.0, v8.8.1, v8.8.2, v8.8.3, v8.8.4, v8.8.5, v8.8.6, v8.8.7, v8.8.8, v8.8.9, v8.8.10, v8.8.11, v8.8.12, v8.9.0, v8.10.0, v8.10.1, v8.10.2

@secureCodeBoxBot
Upgrading gitleaks from v8.6.1 to v8.10.2
c84afd5 
Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
@secureCodeBoxBot secureCodeBoxBot added the scanner Implement or update a security scanner label Aug 9, 2022
@github-actions
Copy link

github-actions bot commented Aug 9, 2022
edited
Loading

MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Elapsed time
✅ GIT git_diff yes no 0.16s
⚠️ JAVASCRIPT eslint 1 1 0.6s
✅ SPELL misspell 2 0 0.05s
✅ YAML prettier 1 0 0.43s
✅ YAML v8r 1 0 1.52s
✅ YAML yamllint 1 0 0.11s

See errors details in artifact MegaLinter reports on CI Job page
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

gitleaks now requires both "BEGIN" and "END" of a private key to dete…
7f5bc83 
…ct it

See https://github.com/zricethezav/gitleaks/pull/858/files
AFAIK this is to reduce false positives

Signed-off-by: Ilyes Ben Dlala <ilyes.bendlala@iteratec.com>
@Ilyesbdlala Ilyesbdlala self-assigned this Aug 11, 2022
Ilyesbdlala
Ilyesbdlala approved these changes Aug 11, 2022
View reviewed changes
Copy link
Member

@Ilyesbdlala Ilyesbdlala left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

gitleaks now requires both "BEGIN" and "END" of a private key to detect it
See https://github.com/zricethezav/gitleaks/pull/858/files
AFAIK this is to reduce false positives.

@rseedorff rseedorff added this to the v3.15.0 milestone Aug 31, 2022
@rseedorff rseedorff merged commit 587ec1c into main Aug 31, 2022
@rseedorff rseedorff deleted the dependencies/upgrading-gitleaks-to-v8.10.2 branch August 31, 2022 13:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Ilyesbdlala Ilyesbdlala

Assignees

@Ilyesbdlala Ilyesbdlala

Labels
scanner Implement or update a security scanner
Projects
secureCodeBox v4
Archived in project
Milestone
v3.15.0
Development

Successfully merging this pull request may close these issues.
3 participants
@secureCodeBoxBot @Ilyesbdlala @rseedorff