Harald Hoyer
56e0cc9ba4
chore(deps): update nix flake and go xcrypto
...
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-05-21 11:03:45 +02:00
Harald Hoyer
891e323809
chore(deps): update trufflesecurity/trufflehog action to v3.75.1 ( #68 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog )
| action | patch | `v3.75.0` -> `v3.75.1` |
---
### Release Notes
<details>
<summary>trufflesecurity/trufflehog
(trufflesecurity/trufflehog)</summary>
###
[`v3.75.1`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.75.1 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.75.0...v3.75.1 )
#### What's Changed
- Update result's extra data for Slack by
[@​abmussani](https://togithub.com/abmussani ) in
[https://github.com/trufflesecurity/trufflehog/pull/2779 ](https://togithub.com/trufflesecurity/trufflehog/pull/2779 )
- \[chore] - Update default buffer size by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2778 ](https://togithub.com/trufflesecurity/trufflehog/pull/2778 )
- fix(deps): update module cloud.google.com/go/secretmanager to v1.13.0
by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2775 ](https://togithub.com/trufflesecurity/trufflehog/pull/2775 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.52.2 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2776 ](https://togithub.com/trufflesecurity/trufflehog/pull/2776 )
- fix(deps): update module github.com/googleapis/gax-go/v2 to v2.12.4 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2781 ](https://togithub.com/trufflesecurity/trufflehog/pull/2781 )
- fix(deps): update module github.com/charmbracelet/bubbletea to v0.26.1
by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2777 ](https://togithub.com/trufflesecurity/trufflehog/pull/2777 )
- fix(deps): update module golang.org/x/oauth2 to v0.20.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2785 ](https://togithub.com/trufflesecurity/trufflehog/pull/2785 )
- fix(deps): update module golang.org/x/text to v0.15.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2786 ](https://togithub.com/trufflesecurity/trufflehog/pull/2786 )
- fix(deps): update module google.golang.org/protobuf to v1.34.1 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2790 ](https://togithub.com/trufflesecurity/trufflehog/pull/2790 )
- \[bug] - Ignore FP check for the private key detector by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2793 ](https://togithub.com/trufflesecurity/trufflehog/pull/2793 )
#### New Contributors
- [@​abmussani](https://togithub.com/abmussani ) made their first
contribution in
[https://github.com/trufflesecurity/trufflehog/pull/2779 ](https://togithub.com/trufflesecurity/trufflehog/pull/2779 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.75.0...v3.75.1
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->
2024-05-07 17:23:03 +02:00
renovate[bot]
aba0baabd2
chore(deps): update trufflesecurity/trufflehog action to v3.75.1
2024-05-07 01:12:13 +00:00
Harald Hoyer
60519cebe4
chore(deps): update trufflesecurity/trufflehog action to v3.75.0 ( #66 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog )
| action | minor | `v3.74.0` -> `v3.75.0` |
---
### Release Notes
<details>
<summary>trufflesecurity/trufflehog
(trufflesecurity/trufflehog)</summary>
###
[`v3.75.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.75.0 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.74.0...v3.75.0 )
#### What's Changed
- \[chore] - update buffer metrics by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2737 ](https://togithub.com/trufflesecurity/trufflehog/pull/2737 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.28 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2741 ](https://togithub.com/trufflesecurity/trufflehog/pull/2741 )
- chore(deps): update golangci/golangci-lint-action action to v5 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2744 ](https://togithub.com/trufflesecurity/trufflehog/pull/2744 )
- Scan commit metadata by [@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2713 ](https://togithub.com/trufflesecurity/trufflehog/pull/2713 )
- Fix SQL Server detector tests by
[@​rosecodym](https://togithub.com/rosecodym ) in
[https://github.com/trufflesecurity/trufflehog/pull/2716 ](https://togithub.com/trufflesecurity/trufflehog/pull/2716 )
- Revert "Scan commit metadata" by
[@​rosecodym](https://togithub.com/rosecodym ) in
[https://github.com/trufflesecurity/trufflehog/pull/2747 ](https://togithub.com/trufflesecurity/trufflehog/pull/2747 )
- \[bug] - Refactor newDiff constructor to avoid double initialization
of contentWriter by [@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2742 ](https://togithub.com/trufflesecurity/trufflehog/pull/2742 )
- \[chore] - update buffered file writer metric by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2740 ](https://togithub.com/trufflesecurity/trufflehog/pull/2740 )
- \[refactor] - lazy buffer retrieval by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2745 ](https://togithub.com/trufflesecurity/trufflehog/pull/2745 )
- \[chore] Remove broken test by
[@​mcastorina](https://togithub.com/mcastorina ) in
[https://github.com/trufflesecurity/trufflehog/pull/2748 ](https://togithub.com/trufflesecurity/trufflehog/pull/2748 )
- \[bug] - fix buffer size metric by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2749 ](https://togithub.com/trufflesecurity/trufflehog/pull/2749 )
- \[bug] - Fix the metric for buffered file writer writes by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2750 ](https://togithub.com/trufflesecurity/trufflehog/pull/2750 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.29 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2751 ](https://togithub.com/trufflesecurity/trufflehog/pull/2751 )
- update integration logos by
[@​dustin-decker](https://togithub.com/dustin-decker ) in
[https://github.com/trufflesecurity/trufflehog/pull/2752 ](https://togithub.com/trufflesecurity/trufflehog/pull/2752 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.30 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2756 ](https://togithub.com/trufflesecurity/trufflehog/pull/2756 )
- \[chore] - add additional binary extension by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2760 ](https://togithub.com/trufflesecurity/trufflehog/pull/2760 )
- pkg: fix function names in comment by
[@​mountcount](https://togithub.com/mountcount ) in
[https://github.com/trufflesecurity/trufflehog/pull/2761 ](https://togithub.com/trufflesecurity/trufflehog/pull/2761 )
- \[chore] - ignore pbix and vsdx files by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2762 ](https://togithub.com/trufflesecurity/trufflehog/pull/2762 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.31 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2763 ](https://togithub.com/trufflesecurity/trufflehog/pull/2763 )
- Scan commit metadata by [@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2754 ](https://togithub.com/trufflesecurity/trufflehog/pull/2754 )
- \[bug] - Correctly set metrics for enumerated orgs by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2757 ](https://togithub.com/trufflesecurity/trufflehog/pull/2757 )
- \[chore ] -Update ignore extensions by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2764 ](https://togithub.com/trufflesecurity/trufflehog/pull/2764 )
- \[chore] Add some happy path logs to GitLab by
[@​mcastorina](https://togithub.com/mcastorina ) in
[https://github.com/trufflesecurity/trufflehog/pull/2765 ](https://togithub.com/trufflesecurity/trufflehog/pull/2765 )
- Fix Git source test by [@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2767 ](https://togithub.com/trufflesecurity/trufflehog/pull/2767 )
- \[feat] - buffered file reader by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2731 ](https://togithub.com/trufflesecurity/trufflehog/pull/2731 )
- \[feat] - Add ReadFrom method to BufferedFileWriter by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2759 ](https://togithub.com/trufflesecurity/trufflehog/pull/2759 )
- fix(deps): update module google.golang.org/protobuf to v1.34.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2766 ](https://togithub.com/trufflesecurity/trufflehog/pull/2766 )
- \[bug] - Improve BufferedFileReader Close Behavior by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2768 ](https://togithub.com/trufflesecurity/trufflehog/pull/2768 )
- fixes calendly api key regex by
[@​ankushgoel27](https://togithub.com/ankushgoel27 ) in
[https://github.com/trufflesecurity/trufflehog/pull/2368 ](https://togithub.com/trufflesecurity/trufflehog/pull/2368 )
- Expose detector-specific false positive logic by
[@​rosecodym](https://togithub.com/rosecodym ) in
[https://github.com/trufflesecurity/trufflehog/pull/2743 ](https://togithub.com/trufflesecurity/trufflehog/pull/2743 )
- Detector-Fix: Reintroduce Cloudflareglobalapikey by
[@​ankushgoel27](https://togithub.com/ankushgoel27 ) in
[https://github.com/trufflesecurity/trufflehog/pull/2101 ](https://togithub.com/trufflesecurity/trufflehog/pull/2101 )
- Detector-Competition-Fix - fixed the alchemy detector regex by
[@​ankushgoel27](https://togithub.com/ankushgoel27 ) in
[https://github.com/trufflesecurity/trufflehog/pull/1821 ](https://togithub.com/trufflesecurity/trufflehog/pull/1821 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.32 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2769 ](https://togithub.com/trufflesecurity/trufflehog/pull/2769 )
- fix(deps): update module google.golang.org/api to v0.177.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2770 ](https://togithub.com/trufflesecurity/trufflehog/pull/2770 )
- \[chore] - update imports by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2772 ](https://togithub.com/trufflesecurity/trufflehog/pull/2772 )
- adds build version to finished scanning log by
[@​zricethezav](https://togithub.com/zricethezav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2773 ](https://togithub.com/trufflesecurity/trufflehog/pull/2773 )
- Update rabbitmq.go regex detect amqps protocol by
[@​NikhilPanwar](https://togithub.com/NikhilPanwar ) in
[https://github.com/trufflesecurity/trufflehog/pull/2609 ](https://togithub.com/trufflesecurity/trufflehog/pull/2609 )
- fix for infinite recursion in Postman var sub by
[@​zricethezav](https://togithub.com/zricethezav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2780 ](https://togithub.com/trufflesecurity/trufflehog/pull/2780 )
#### New Contributors
- [@​mountcount](https://togithub.com/mountcount ) made their first
contribution in
[https://github.com/trufflesecurity/trufflehog/pull/2761 ](https://togithub.com/trufflesecurity/trufflehog/pull/2761 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.74.0...v3.75.0
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMzEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjMzMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
2024-05-06 13:24:02 +02:00
renovate[bot]
df74f76190
chore(deps): update trufflesecurity/trufflehog action to v3.75.0
2024-05-02 18:35:10 +00:00
Harald Hoyer
a34beae66e
chore(deps): update actions/checkout digest to 0ad4b8f ( #63 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout ) | action |
digest | `b4ffde6` -> `0ad4b8f` |
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMyMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
2024-04-30 11:19:35 +02:00
renovate[bot]
ec9e6a5425
chore(deps): update actions/checkout digest to 0ad4b8f
2024-04-29 16:11:39 +00:00
Harald Hoyer
ff58d79ed9
chore(deps): update trufflesecurity/trufflehog action to v3.74.0 ( #64 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog )
| action | minor | `v3.73.0` -> `v3.74.0` |
---
### Release Notes
<details>
<summary>trufflesecurity/trufflehog
(trufflesecurity/trufflehog)</summary>
###
[`v3.74.0`](https://togithub.com/trufflesecurity/trufflehog/compare/v3.73.0...v3.74.0 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.73.0...v3.74.0 )
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMxMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
2024-04-29 16:27:44 +02:00
renovate[bot]
43e93fd15e
chore(deps): update trufflesecurity/trufflehog action to v3.74.0
2024-04-29 14:03:45 +00:00
Harald Hoyer
9df9307d90
chore(deps): update ( #58 )
2024-04-29 16:03:11 +02:00
Harald Hoyer
a8898ff52b
chore(deps): update
...
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-04-29 14:34:54 +02:00
Harald Hoyer
594e238b2b
ci: pin nixci version to the 23.11 release ( #65 )
2024-04-29 13:51:23 +02:00
Harald Hoyer
2c48af066f
ci: pin nixci version to the 23.11 release
...
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-04-25 09:30:01 +02:00
Harald Hoyer
b0d7bc1e2a
chore(deps): update trufflesecurity/trufflehog action to v3.73.0 ( #61 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog )
| action | minor | `v3.71.2` -> `v3.73.0` |
---
### Release Notes
<details>
<summary>trufflesecurity/trufflehog
(trufflesecurity/trufflehog)</summary>
###
[`v3.73.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.73.0 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.72.0...v3.73.0 )
#### What's Changed
- \[chore] - upgrade launchdarkly dep by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2650 ](https://togithub.com/trufflesecurity/trufflehog/pull/2650 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.14 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2659 ](https://togithub.com/trufflesecurity/trufflehog/pull/2659 )
- fix(deps): update module github.com/launchdarkly/go-server-sdk/v7 to
v7.3.0 by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2660 ](https://togithub.com/trufflesecurity/trufflehog/pull/2660 )
- fix(deps): update module github.com/google/go-github/v57 to v61 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2652 ](https://togithub.com/trufflesecurity/trufflehog/pull/2652 )
- \[chore] - update go-github dep manually by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2664 ](https://togithub.com/trufflesecurity/trufflehog/pull/2664 )
- chore: fix some typos by
[@​redismongo](https://togithub.com/redismongo ) in
[https://github.com/trufflesecurity/trufflehog/pull/2666 ](https://togithub.com/trufflesecurity/trufflehog/pull/2666 )
- fix(deps): update module golang.org/x/oauth2 to v0.19.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2670 ](https://togithub.com/trufflesecurity/trufflehog/pull/2670 )
- \[bug] - Add ASCII validation check for base64 decoding by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2671 ](https://togithub.com/trufflesecurity/trufflehog/pull/2671 )
- Handle inactive Slack account tokens by
[@​rosecodym](https://togithub.com/rosecodym ) in
[https://github.com/trufflesecurity/trufflehog/pull/2668 ](https://togithub.com/trufflesecurity/trufflehog/pull/2668 )
- fix(deps): update module golang.org/x/net to v0.24.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2662 ](https://togithub.com/trufflesecurity/trufflehog/pull/2662 )
- fix(deps): update module github.com/thezeroslave/zapsentry to v1.23.0
by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2667 ](https://togithub.com/trufflesecurity/trufflehog/pull/2667 )
- fix(deps): update module github.com/wasilibs/go-re2 to v1.5.2 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2681 ](https://togithub.com/trufflesecurity/trufflehog/pull/2681 )
- fix(deps): update golang.org/x/exp digest to
[`c0f41cb`](c0f41cbhttps://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2672 ](https://togithub.com/trufflesecurity/trufflehog/pull/2672 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.16 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2680 ](https://togithub.com/trufflesecurity/trufflehog/pull/2680 )
- Enrich Gitlab enumeration logging by
[@​rosecodym](https://togithub.com/rosecodym ) in
[https://github.com/trufflesecurity/trufflehog/pull/2678 ](https://togithub.com/trufflesecurity/trufflehog/pull/2678 )
- fix(deps): update module github.com/xanzy/go-gitlab to v0.102.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2682 ](https://togithub.com/trufflesecurity/trufflehog/pull/2682 )
- fix(deps): update testcontainers-go monorepo to v0.30.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2685 ](https://togithub.com/trufflesecurity/trufflehog/pull/2685 )
- fix(deps): update module github.com/go-ldap/ldap/v3 to v3.4.7 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2684 ](https://togithub.com/trufflesecurity/trufflehog/pull/2684 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.17 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2686 ](https://togithub.com/trufflesecurity/trufflehog/pull/2686 )
- Update README.md with Windows-specific Docker installation
instructions by [@​Jacinto27](https://togithub.com/Jacinto27 ) in
[https://github.com/trufflesecurity/trufflehog/pull/2674 ](https://togithub.com/trufflesecurity/trufflehog/pull/2674 )
- fix(deps): update golang.org/x/exp digest to
[`93d18d7`](93d18d7https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2688 ](https://togithub.com/trufflesecurity/trufflehog/pull/2688 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.18 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2690 ](https://togithub.com/trufflesecurity/trufflehog/pull/2690 )
- Add Wiz detector by
[@​shreyas-sriram](https://togithub.com/shreyas-sriram ) in
[https://github.com/trufflesecurity/trufflehog/pull/2691 ](https://togithub.com/trufflesecurity/trufflehog/pull/2691 )
#### New Contributors
- [@​redismongo](https://togithub.com/redismongo ) made their first
contribution in
[https://github.com/trufflesecurity/trufflehog/pull/2666 ](https://togithub.com/trufflesecurity/trufflehog/pull/2666 )
- [@​Jacinto27](https://togithub.com/Jacinto27 ) made their first
contribution in
[https://github.com/trufflesecurity/trufflehog/pull/2674 ](https://togithub.com/trufflesecurity/trufflehog/pull/2674 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.72.0...v3.73.0
###
[`v3.72.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.72.0 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.71.2...v3.72.0 )
#### What's Changed
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.10 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2636 ](https://togithub.com/trufflesecurity/trufflehog/pull/2636 )
- Fix 'toolchair not available' error by
[@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2642 ](https://togithub.com/trufflesecurity/trufflehog/pull/2642 )
- Fix GitHub enumeration & rate-limiting logic by
[@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2625 ](https://togithub.com/trufflesecurity/trufflehog/pull/2625 )
- fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to
v6.2.0 by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2638 ](https://togithub.com/trufflesecurity/trufflehog/pull/2638 )
- fix(deps): update module cloud.google.com/go/storage to v1.40.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2645 ](https://togithub.com/trufflesecurity/trufflehog/pull/2645 )
- Add JupiterOne detector by
[@​shreyas-sriram](https://togithub.com/shreyas-sriram ) in
[https://github.com/trufflesecurity/trufflehog/pull/2446 ](https://togithub.com/trufflesecurity/trufflehog/pull/2446 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.11 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2646 ](https://togithub.com/trufflesecurity/trufflehog/pull/2646 )
- fix(deps): update module github.com/thezeroslave/zapsentry to v1.22.0
by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2648 ](https://togithub.com/trufflesecurity/trufflehog/pull/2648 )
- fix(deps): update module github.com/go-git/go-git/v5 to v5.12.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2649 ](https://togithub.com/trufflesecurity/trufflehog/pull/2649 )
- add GCP application default credentials detector by
[@​kenzht](https://togithub.com/kenzht ) in
[https://github.com/trufflesecurity/trufflehog/pull/2530 ](https://togithub.com/trufflesecurity/trufflehog/pull/2530 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.12 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2651 ](https://togithub.com/trufflesecurity/trufflehog/pull/2651 )
- Add GitLab CI Pipeline Example in Documentation by
[@​RoseSecurity](https://togithub.com/RoseSecurity ) in
[https://github.com/trufflesecurity/trufflehog/pull/2601 ](https://togithub.com/trufflesecurity/trufflehog/pull/2601 )
- fix(deps): update module github.com/thezeroslave/zapsentry to v1.22.1
by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2654 ](https://togithub.com/trufflesecurity/trufflehog/pull/2654 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.13 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2655 ](https://togithub.com/trufflesecurity/trufflehog/pull/2655 )
- Remove duplicate JiraToken.v2 declaration in `defaults.go` by
[@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2657 ](https://togithub.com/trufflesecurity/trufflehog/pull/2657 )
#### New Contributors
- [@​kenzht](https://togithub.com/kenzht ) made their first
contribution in
[https://github.com/trufflesecurity/trufflehog/pull/2530 ](https://togithub.com/trufflesecurity/trufflehog/pull/2530 )
- [@​RoseSecurity](https://togithub.com/RoseSecurity ) made their
first contribution in
[https://github.com/trufflesecurity/trufflehog/pull/2601 ](https://togithub.com/trufflesecurity/trufflehog/pull/2601 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.71.2...v3.72.0
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
2024-04-19 14:41:33 +02:00
renovate[bot]
a07a2250fc
chore(deps): update trufflesecurity/trufflehog action to v3.73.0
2024-04-10 18:48:46 +00:00
Harald Hoyer
059a2cba53
chore(deps): update trufflesecurity/trufflehog action to v3.71.2 ( #59 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog )
| action | patch | `v3.71.1` -> `v3.71.2` |
---
### Release Notes
<details>
<summary>trufflesecurity/trufflehog
(trufflesecurity/trufflehog)</summary>
###
[`v3.71.2`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.71.2 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.71.1...v3.71.2 )
#### What's Changed
- Link to GitHub contribution guide in CONTRIBUTING by
[@​rosecodym](https://togithub.com/rosecodym ) in
[https://github.com/trufflesecurity/trufflehog/pull/2632 ](https://togithub.com/trufflesecurity/trufflehog/pull/2632 )
- Fixing nitro check by
[@​dylanTruffle](https://togithub.com/dylanTruffle ) in
[https://github.com/trufflesecurity/trufflehog/pull/2631 ](https://togithub.com/trufflesecurity/trufflehog/pull/2631 )
- fix(deps): update module google.golang.org/api to v0.172.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2634 ](https://togithub.com/trufflesecurity/trufflehog/pull/2634 )
- make postman source public by
[@​zricethezav](https://togithub.com/zricethezav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2635 ](https://togithub.com/trufflesecurity/trufflehog/pull/2635 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.71.1...v3.71.2
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
2024-03-28 22:13:38 +01:00
renovate[bot]
d9d67a1d9d
chore(deps): update trufflesecurity/trufflehog action to v3.71.2
2024-03-28 17:05:55 +00:00
Harald Hoyer
aa72f9bbba
fix(flake): follow the inputs of nixsgx ( #57 )
...
preventing any cache mismatches
2024-03-27 16:32:43 +01:00
Harald Hoyer
3d01d4315e
fix(flake): follow the inputs of nixsgx
...
preventing any cache mismatches
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-03-27 16:27:45 +01:00
Harald Hoyer
a0cd161195
chore(deps): update trufflesecurity/trufflehog action to v3.71.1 ( #54 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog )
| action | minor | `v3.69.0` -> `v3.71.1` |
---
### Release Notes
<details>
<summary>trufflesecurity/trufflehog
(trufflesecurity/trufflehog)</summary>
###
[`v3.71.1`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.71.1 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.71.0...v3.71.1 )
#### What's Changed
- Fix GitHub panic and test errors by
[@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2608 ](https://togithub.com/trufflesecurity/trufflehog/pull/2608 )
- fix(deps): update module github.com/xanzy/go-gitlab to v0.101.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2617 ](https://togithub.com/trufflesecurity/trufflehog/pull/2617 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.6 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2615 ](https://togithub.com/trufflesecurity/trufflehog/pull/2615 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.7 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2623 ](https://togithub.com/trufflesecurity/trufflehog/pull/2623 )
- Fix additional GitHub test errors by
[@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2614 ](https://togithub.com/trufflesecurity/trufflehog/pull/2614 )
- \[chore] - upgrade dep by [@​ahrav](https://togithub.com/ahrav )
in
[https://github.com/trufflesecurity/trufflehog/pull/2618 ](https://togithub.com/trufflesecurity/trufflehog/pull/2618 )
- fix(deps): update golang.org/x/exp digest to
[`a685a6e`](a685a6ehttps://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2621 ](https://togithub.com/trufflesecurity/trufflehog/pull/2621 )
- Fix incorrect regular expression with missing closing bracket by
[@​fml09](https://togithub.com/fml09 ) in
[https://github.com/trufflesecurity/trufflehog/pull/2616 ](https://togithub.com/trufflesecurity/trufflehog/pull/2616 )
- fix(deps): update module github.com/go-sql-driver/mysql to v1.8.1 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2626 ](https://togithub.com/trufflesecurity/trufflehog/pull/2626 )
- fix(deps): update module github.com/charmbracelet/glamour to v0.7.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2627 ](https://togithub.com/trufflesecurity/trufflehog/pull/2627 )
- \[bugfix] - Update the Anthropic detector by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2629 ](https://togithub.com/trufflesecurity/trufflehog/pull/2629 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.8 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2630 ](https://togithub.com/trufflesecurity/trufflehog/pull/2630 )
- Use Lstat to identify non-regular files in filesystem source by
[@​dustin-decker](https://togithub.com/dustin-decker ) in
[https://github.com/trufflesecurity/trufflehog/pull/2628 ](https://togithub.com/trufflesecurity/trufflehog/pull/2628 )
#### New Contributors
- [@​fml09](https://togithub.com/fml09 ) made their first
contribution in
[https://github.com/trufflesecurity/trufflehog/pull/2616 ](https://togithub.com/trufflesecurity/trufflehog/pull/2616 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.71.0...v3.71.1
###
[`v3.71.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.71.0 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.70.3...v3.71.0 )
#### What's Changed
- Postman Source by
[@​zricethezav](https://togithub.com/zricethezav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2579 ](https://togithub.com/trufflesecurity/trufflehog/pull/2579 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.4 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2604 ](https://togithub.com/trufflesecurity/trufflehog/pull/2604 )
- expand keyword checks, and add collection name to keyword by
[@​zricethezav](https://togithub.com/zricethezav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2602 ](https://togithub.com/trufflesecurity/trufflehog/pull/2602 )
- \[chore] Fix potential resource leak in postman source by
[@​mcastorina](https://togithub.com/mcastorina ) in
[https://github.com/trufflesecurity/trufflehog/pull/2606 ](https://togithub.com/trufflesecurity/trufflehog/pull/2606 )
- Bump github.com/docker/docker from 25.0.3+incompatible to
25.0.5+incompatible by
[@​dependabot](https://togithub.com/dependabot ) in
[https://github.com/trufflesecurity/trufflehog/pull/2603 ](https://togithub.com/trufflesecurity/trufflehog/pull/2603 )
- Refactor GitHub source by [@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2379 ](https://togithub.com/trufflesecurity/trufflehog/pull/2379 )
- Use go 1.22 by
[@​dustin-decker](https://togithub.com/dustin-decker ) in
[https://github.com/trufflesecurity/trufflehog/pull/2599 ](https://togithub.com/trufflesecurity/trufflehog/pull/2599 )
- fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to
v7 by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2590 ](https://togithub.com/trufflesecurity/trufflehog/pull/2590 )
- fix(deps): update module github.com/brianvoe/gofakeit/v6 to v7 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2524 ](https://togithub.com/trufflesecurity/trufflehog/pull/2524 )
- fix(deps): update module google.golang.org/api to v0.171.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2611 ](https://togithub.com/trufflesecurity/trufflehog/pull/2611 )
- fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to
v2.10.0 by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2607 ](https://togithub.com/trufflesecurity/trufflehog/pull/2607 )
- Avoid uneeded calls to strconv.Unquote by
[@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2605 ](https://togithub.com/trufflesecurity/trufflehog/pull/2605 )
- MaxMind detector uses the right endpoint by
[@​faktas2](https://togithub.com/faktas2 ) in
[https://github.com/trufflesecurity/trufflehog/pull/2577 ](https://togithub.com/trufflesecurity/trufflehog/pull/2577 )
- Update Snyk detector by [@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2559 ](https://togithub.com/trufflesecurity/trufflehog/pull/2559 )
- fix(deps): update module github.com/brianvoe/gofakeit/v6 to v7 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2612 ](https://togithub.com/trufflesecurity/trufflehog/pull/2612 )
- Dockerhub v2 detector by
[@​ankushgoel27](https://togithub.com/ankushgoel27 ) in
[https://github.com/trufflesecurity/trufflehog/pull/2361 ](https://togithub.com/trufflesecurity/trufflehog/pull/2361 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.70.3...v3.71.0
###
[`v3.70.3`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.70.3 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.70.2...v3.70.3 )
#### What's Changed
- \[chore] Replace "Trufflehog" with "TruffleHog" by
[@​mcastorina](https://togithub.com/mcastorina ) in
[https://github.com/trufflesecurity/trufflehog/pull/2584 ](https://togithub.com/trufflesecurity/trufflehog/pull/2584 )
- fix(deps): update golang.org/x/exp digest to
[`a85f2c6`](a85f2c6https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2592 ](https://togithub.com/trufflesecurity/trufflehog/pull/2592 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.2 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2593 ](https://togithub.com/trufflesecurity/trufflehog/pull/2593 )
- Make Git work with escaped unicode characcters by
[@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2585 ](https://togithub.com/trufflesecurity/trufflehog/pull/2585 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.3 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2594 ](https://togithub.com/trufflesecurity/trufflehog/pull/2594 )
- fix(deps): update module cloud.google.com/go/secretmanager to v1.12.0
by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2595 ](https://togithub.com/trufflesecurity/trufflehog/pull/2595 )
- fix(deps): update module github.com/wasilibs/go-re2 to v1.5.1 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2596 ](https://togithub.com/trufflesecurity/trufflehog/pull/2596 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.70.2...v3.70.3
###
[`v3.70.2`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.70.2 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.70.1...v3.70.2 )
#### What's Changed
- fix(deps): update module github.com/launchdarkly/go-server-sdk/v7 to
v7.1.1 by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2576 ](https://togithub.com/trufflesecurity/trufflehog/pull/2576 )
- fix(deps): update module cloud.google.com/go/secretmanager to v1.11.6
by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2578 ](https://togithub.com/trufflesecurity/trufflehog/pull/2578 )
- fix(deps): update module github.com/google/go-containerregistry to
v0.19.1 by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2586 ](https://togithub.com/trufflesecurity/trufflehog/pull/2586 )
- fix(deps): update module github.com/googleapis/gax-go/v2 to v2.12.3 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2587 ](https://togithub.com/trufflesecurity/trufflehog/pull/2587 )
- fix(deps): update module google.golang.org/api to v0.170.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2589 ](https://togithub.com/trufflesecurity/trufflehog/pull/2589 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.51.1 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2588 ](https://togithub.com/trufflesecurity/trufflehog/pull/2588 )
- fix(deps): update module github.com/wasilibs/go-re2 to v1.5.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2591 ](https://togithub.com/trufflesecurity/trufflehog/pull/2591 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.70.1...v3.70.2
###
[`v3.70.1`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.70.1 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.70.0...v3.70.1 )
#### What's Changed
- pull out verification logic from github detectors by
[@​0x1](https://togithub.com/0x1 ) in
[https://github.com/trufflesecurity/trufflehog/pull/2554 ](https://togithub.com/trufflesecurity/trufflehog/pull/2554 )
- Fix --results not behaving as expected. by
[@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2582 ](https://togithub.com/trufflesecurity/trufflehog/pull/2582 )
- Fix GitHub detector npe by [@​rgmz](https://togithub.com/rgmz )
in
[https://github.com/trufflesecurity/trufflehog/pull/2583 ](https://togithub.com/trufflesecurity/trufflehog/pull/2583 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.70.0...v3.70.1
###
[`v3.70.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.70.0 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.69.0...v3.70.0 )
#### What's Changed
- fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2550 ](https://togithub.com/trufflesecurity/trufflehog/pull/2550 )
- \[chore] - use custom grow method by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2555 ](https://togithub.com/trufflesecurity/trufflehog/pull/2555 )
- fix(deps): update module github.com/google/go-github/v57 to v60 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2551 ](https://togithub.com/trufflesecurity/trufflehog/pull/2551 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.50.35 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2560 ](https://togithub.com/trufflesecurity/trufflehog/pull/2560 )
- fix(deps): update module github.com/go-sql-driver/mysql to v1.8.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2561 ](https://togithub.com/trufflesecurity/trufflehog/pull/2561 )
- fix(deps): update module cloud.google.com/go/storage to v1.39.1 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2565 ](https://togithub.com/trufflesecurity/trufflehog/pull/2565 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.50.36 -
autoclosed by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2566 ](https://togithub.com/trufflesecurity/trufflehog/pull/2566 )
- \[chore] - Fix flaky test by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2564 ](https://togithub.com/trufflesecurity/trufflehog/pull/2564 )
- \[chore] - Record metrics before reset by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2556 ](https://togithub.com/trufflesecurity/trufflehog/pull/2556 )
- fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to
v7 by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2568 ](https://togithub.com/trufflesecurity/trufflehog/pull/2568 )
- fix(deps): update module github.com/xanzy/go-gitlab to v0.100.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2567 ](https://togithub.com/trufflesecurity/trufflehog/pull/2567 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.50.38 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2572 ](https://togithub.com/trufflesecurity/trufflehog/pull/2572 )
- fix(deps): update module github.com/couchbase/gocb/v2 to v2.8.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2573 ](https://togithub.com/trufflesecurity/trufflehog/pull/2573 )
- fix(deps): update golang.org/x/exp digest to
[`c7f7c64`](c7f7c64https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2575 ](https://togithub.com/trufflesecurity/trufflehog/pull/2575 )
- Add `--results` flag by [@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2372 ](https://togithub.com/trufflesecurity/trufflehog/pull/2372 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.69.0...v3.70.0
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNDUuMCIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
2024-03-27 15:20:59 +01:00
renovate[bot]
9a9ca2fe29
chore(deps): update trufflesecurity/trufflehog action to v3.71.1
2024-03-26 22:38:33 +00:00
Harald Hoyer
cbf341f65c
docs: lower warning in README.md ( #53 )
...
downgrade from `not production ready` to `use at your own risc`
2024-03-26 17:17:47 +01:00
Harald Hoyer
db00c91030
docs: lower warning in README.md
...
downgrade from `not production ready` to `use at your own risc`
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-03-26 16:04:02 +01:00
Harald Hoyer
d98bb9a17d
fix: use postFixup phase for sha256 ( #55 )
...
Stripping the plugin binary in the fixup phase of course changes the
hash.
2024-03-26 14:31:28 +01:00
Harald Hoyer
398a95314d
fix: use postFixup phase for sha256
...
Stripping the plugin binary in the fixup phase of course changes the hash.
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-03-19 09:50:47 +01:00
Harald Hoyer
aec55a2ef1
all: use errors.New() which has no param instead of fmt.Errorf() ( #47 )
...
use errors.New() which has no param instead of fmt.Errorf()
2024-03-13 17:59:06 +01:00
yzb@example.cn
f62d3e0d0f
all: use errors.New() which has no param instead of fmt.Errorf()
2024-03-10 09:03:53 +08:00
Harald Hoyer
f0ea96f2e4
chore(deps): update cachix/install-nix-action action to v26 ( #50 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[cachix/install-nix-action](https://togithub.com/cachix/install-nix-action )
| action | major | `v25` -> `v26` |
---
### Release Notes
<details>
<summary>cachix/install-nix-action (cachix/install-nix-action)</summary>
###
[`v26`](https://togithub.com/cachix/install-nix-action/releases/tag/v26 )
[Compare
Source](https://togithub.com/cachix/install-nix-action/compare/v25...v26 )
Bump to Nix 2.20.5 to address CVE-2024-27297 / GHSA-2ffj-w4mj-pg37.
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMzAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIzMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
2024-03-08 14:46:47 +01:00
renovate[bot]
05874beee4
chore(deps): update cachix/install-nix-action action to v26
2024-03-08 13:44:38 +00:00
Harald Hoyer
c9e4f6d9db
chore(deps): update trufflesecurity/trufflehog action to v3.69.0 ( #49 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog )
| action | minor | `v3.68.5` -> `v3.69.0` |
---
### Release Notes
<details>
<summary>trufflesecurity/trufflehog
(trufflesecurity/trufflehog)</summary>
###
[`v3.69.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.69.0 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.5...v3.69.0 )
#### What's Changed
- add version to extra data + moving existing versioned detectors into
subdirectory format by [@​0x1](https://togithub.com/0x1 ) in
[https://github.com/trufflesecurity/trufflehog/pull/2471 ](https://togithub.com/trufflesecurity/trufflehog/pull/2471 )
- fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to
v7 by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2499 ](https://togithub.com/trufflesecurity/trufflehog/pull/2499 )
- fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2535 ](https://togithub.com/trufflesecurity/trufflehog/pull/2535 )
- fix(deps): update module github.com/charmbracelet/lipgloss to v0.10.0
by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2542 ](https://togithub.com/trufflesecurity/trufflehog/pull/2542 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.50.34 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2541 ](https://togithub.com/trufflesecurity/trufflehog/pull/2541 )
- fix(deps): update module golang.org/x/crypto to v0.21.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2544 ](https://togithub.com/trufflesecurity/trufflehog/pull/2544 )
- fix(deps): update module github.com/xanzy/go-gitlab to v0.99.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2543 ](https://togithub.com/trufflesecurity/trufflehog/pull/2543 )
- fix(deps): update module golang.org/x/oauth2 to v0.18.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2546 ](https://togithub.com/trufflesecurity/trufflehog/pull/2546 )
- fix(deps): update module google.golang.org/api to v0.169.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2547 ](https://togithub.com/trufflesecurity/trufflehog/pull/2547 )
- Canary verification by
[@​joeleonjr](https://togithub.com/joeleonjr ) in
[https://github.com/trufflesecurity/trufflehog/pull/2531 ](https://togithub.com/trufflesecurity/trufflehog/pull/2531 )
- fix(deps): update testcontainers-go monorepo to v0.29.1 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2549 ](https://togithub.com/trufflesecurity/trufflehog/pull/2549 )
- fix(deps): update module google.golang.org/protobuf to v1.33.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2548 ](https://togithub.com/trufflesecurity/trufflehog/pull/2548 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.68.5...v3.69.0
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMzAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIzMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
2024-03-08 14:42:04 +01:00
renovate[bot]
1cb528c45a
chore(deps): update trufflesecurity/trufflehog action to v3.69.0
2024-03-08 04:44:45 +00:00
Harald Hoyer
4723b8302d
ci: only login to docker on push events ( #48 )
2024-03-07 10:30:19 +01:00
Harald Hoyer
3348b20cbd
ci: only login to docker on push events
...
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-03-07 10:24:30 +01:00
Harald Hoyer
ee1781ffc7
chore(deps): update trufflesecurity/trufflehog action to v3.68.5 ( #44 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog )
| action | patch | `v3.68.2` -> `v3.68.5` |
---
### Release Notes
<details>
<summary>trufflesecurity/trufflehog
(trufflesecurity/trufflehog)</summary>
###
[`v3.68.5`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.5 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.4...v3.68.5 )
#### What's Changed
- Create basic escaped unicode decoder by
[@​rgmz](https://togithub.com/rgmz ) in
[https://github.com/trufflesecurity/trufflehog/pull/2456 ](https://togithub.com/trufflesecurity/trufflehog/pull/2456 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.50.30 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2529 ](https://togithub.com/trufflesecurity/trufflehog/pull/2529 )
- fix(deps): update module github.com/felixge/fgprof to v0.9.4 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2532 ](https://togithub.com/trufflesecurity/trufflehog/pull/2532 )
- fix(deps): update module cloud.google.com/go/storage to v1.39.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2533 ](https://togithub.com/trufflesecurity/trufflehog/pull/2533 )
- fix(deps): update module github.com/stretchr/testify to v1.9.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2534 ](https://togithub.com/trufflesecurity/trufflehog/pull/2534 )
- Add naive S3 ignorelist by
[@​rosecodym](https://togithub.com/rosecodym ) in
[https://github.com/trufflesecurity/trufflehog/pull/2536 ](https://togithub.com/trufflesecurity/trufflehog/pull/2536 )
- Redact secret in git command output by
[@​rosecodym](https://togithub.com/rosecodym ) in
[https://github.com/trufflesecurity/trufflehog/pull/2539 ](https://togithub.com/trufflesecurity/trufflehog/pull/2539 )
- Fix timeout param, DB is not needed for ping command by
[@​dustin-decker](https://togithub.com/dustin-decker ) in
[https://github.com/trufflesecurity/trufflehog/pull/2540 ](https://togithub.com/trufflesecurity/trufflehog/pull/2540 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.68.4...v3.68.5
###
[`v3.68.4`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.4 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.3...v3.68.4 )
#### What's Changed
- Improve Gitlab default URL handling by
[@​trufflesteeeve](https://togithub.com/trufflesteeeve ) in
[https://github.com/trufflesecurity/trufflehog/pull/2491 ](https://togithub.com/trufflesecurity/trufflehog/pull/2491 )
- fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2513 ](https://togithub.com/trufflesecurity/trufflehog/pull/2513 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.50.28 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2520 ](https://togithub.com/trufflesecurity/trufflehog/pull/2520 )
- fix(deps): update module github.com/googleapis/gax-go/v2 to v2.12.2 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2521 ](https://togithub.com/trufflesecurity/trufflehog/pull/2521 )
- fix(deps): update module github.com/prometheus/client_golang to
v1.19.0 by [@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2522 ](https://togithub.com/trufflesecurity/trufflehog/pull/2522 )
- fix(deps): update module golang.org/x/crypto to v0.20.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2523 ](https://togithub.com/trufflesecurity/trufflehog/pull/2523 )
- Remove one filter word by
[@​dustin-decker](https://togithub.com/dustin-decker ) in
[https://github.com/trufflesecurity/trufflehog/pull/2525 ](https://togithub.com/trufflesecurity/trufflehog/pull/2525 )
- Fix minor typo by [@​jamesgol](https://togithub.com/jamesgol ) in
[https://github.com/trufflesecurity/trufflehog/pull/2527 ](https://togithub.com/trufflesecurity/trufflehog/pull/2527 )
- Ignore canary IDs in notifications by
[@​dxa4481](https://togithub.com/dxa4481 ) in
[https://github.com/trufflesecurity/trufflehog/pull/2526 ](https://togithub.com/trufflesecurity/trufflehog/pull/2526 )
- \[feat] - Make the client configurable by
[@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2528 ](https://togithub.com/trufflesecurity/trufflehog/pull/2528 )
#### New Contributors
- [@​jamesgol](https://togithub.com/jamesgol ) made their first
contribution in
[https://github.com/trufflesecurity/trufflehog/pull/2527 ](https://togithub.com/trufflesecurity/trufflehog/pull/2527 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.68.3...v3.68.4
###
[`v3.68.3`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.3 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.2...v3.68.3 )
#### What's Changed
- fix(deps): update module github.com/google/go-github/v57 to v59 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2464 ](https://togithub.com/trufflesecurity/trufflehog/pull/2464 )
- fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2455 ](https://togithub.com/trufflesecurity/trufflehog/pull/2455 )
- fix(deps): update golang.org/x/exp digest to
[`814bf88`](814bf88https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2508 ](https://togithub.com/trufflesecurity/trufflehog/pull/2508 )
- fix(deps): update module github.com/aws/aws-sdk-go to v1.50.25 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2509 ](https://togithub.com/trufflesecurity/trufflehog/pull/2509 )
- fix(deps): update module github.com/xanzy/go-gitlab to v0.98.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2511 ](https://togithub.com/trufflesecurity/trufflehog/pull/2511 )
- fix(deps): update module google.golang.org/api to v0.167.0 by
[@​renovate](https://togithub.com/renovate ) in
[https://github.com/trufflesecurity/trufflehog/pull/2512 ](https://togithub.com/trufflesecurity/trufflehog/pull/2512 )
- Improve monogo and snowflake detectors by
[@​dustin-decker](https://togithub.com/dustin-decker ) in
[https://github.com/trufflesecurity/trufflehog/pull/2518 ](https://togithub.com/trufflesecurity/trufflehog/pull/2518 )
- JDBC test and parsing improvements by
[@​dustin-decker](https://togithub.com/dustin-decker ) in
[https://github.com/trufflesecurity/trufflehog/pull/2516 ](https://togithub.com/trufflesecurity/trufflehog/pull/2516 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.68.2...v3.68.3
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTIuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIyNy4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
2024-03-07 10:13:23 +01:00
renovate[bot]
554eab4a60
chore(deps): update trufflesecurity/trufflehog action to v3.68.5
2024-03-07 04:16:49 +00:00
Harald Hoyer
324cabdde4
chore(deps): update trufflesecurity/trufflehog action to v3.68.2 ( #41 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog )
| action | patch | `v3.68.0` -> `v3.68.2` |
---
### Release Notes
<details>
<summary>trufflesecurity/trufflehog
(trufflesecurity/trufflehog)</summary>
###
[`v3.68.2`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.2 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.1...v3.68.2 )
#### What's Changed
- fix prefix check when returning early by
[@​dustin-decker](https://togithub.com/dustin-decker ) in
[https://github.com/trufflesecurity/trufflehog/pull/2503 ](https://togithub.com/trufflesecurity/trufflehog/pull/2503 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.68.1...v3.68.2
###
[`v3.68.1`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.1 )
[Compare
Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.0...v3.68.1 )
#### What's Changed
- Tell git to ignore directory ownership (fixes
[#​2495](https://togithub.com/trufflesecurity/trufflehog/issues/2495 ))
by [@​marksteward](https://togithub.com/marksteward ) in
[https://github.com/trufflesecurity/trufflehog/pull/2496 ](https://togithub.com/trufflesecurity/trufflehog/pull/2496 )
- Gitlab scan targets by [@​ahrav](https://togithub.com/ahrav ) in
[https://github.com/trufflesecurity/trufflehog/pull/2470 ](https://togithub.com/trufflesecurity/trufflehog/pull/2470 )
- Clean up some detectors by
[@​dustin-decker](https://togithub.com/dustin-decker ) in
[https://github.com/trufflesecurity/trufflehog/pull/2501 ](https://togithub.com/trufflesecurity/trufflehog/pull/2501 )
#### New Contributors
- [@​marksteward](https://togithub.com/marksteward ) made their
first contribution in
[https://github.com/trufflesecurity/trufflehog/pull/2496 ](https://togithub.com/trufflesecurity/trufflehog/pull/2496 )
**Full Changelog**:
https://github.com/trufflesecurity/trufflehog/compare/v3.68.0...v3.68.1
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMDAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIwMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
2024-02-27 15:29:38 +01:00
renovate[bot]
7ea1767e7f
chore(deps): update trufflesecurity/trufflehog action to v3.68.2
2024-02-27 13:27:37 +00:00
Harald Hoyer
347530ae65
fix: enable clearing the sgx_mrsigner and sgx_mrenclave field ( #43 )
...
Add the ability to clear the `sgx_mrsigner` and `sgx_mrenclave` field.
Otherwise we cannot switch from `sgx_mrenclave` to `sgx_mrsigner` based
authentication.
2024-02-27 14:27:19 +01:00
Harald Hoyer
94c86df4d5
fix: enable clearing the sgx_mrsigner and sgx_mrenclave field
...
Add the ability to clear the `sgx_mrsigner` and `sgx_mrenclave` field.
Otherwise we cannot switch from `sgx_mrenclave` to `sgx_mrsigner` based
authentication.
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-02-27 11:58:55 +01:00
Harald Hoyer
0f9a672c99
chore: add nix subpackage with shasum of plugin ( #40 )
2024-02-22 10:11:29 +01:00
Harald Hoyer
6fb44c0183
chore: add nix subpackage with shasum of plugin
...
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-02-22 09:57:39 +01:00
Harald Hoyer
cef9c48359
chore(deps): update trufflesecurity/trufflehog action to v3.68.0 ( #39 )
...
chore(deps): update trufflesecurity/trufflehog action to v3.68.0
2024-02-21 22:49:23 +01:00
renovate[bot]
5c779e1b58
chore(deps): update trufflesecurity/trufflehog action to v3.68.0
2024-02-21 18:08:31 +00:00
Harald Hoyer
b7d0a483b5
chore: use snowfall lib for nix flake ( #38 )
2024-02-15 18:25:32 +01:00
Harald Hoyer
a43f83d834
chore: use snowfall lib for nix flake
...
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-02-15 11:08:13 +01:00
Harald Hoyer
1cd15d46d0
chore(deps): update trufflesecurity/trufflehog action to v3.67.6 ( #37 )
...
chore(deps): update trufflesecurity/trufflehog action to v3.67.6
2024-02-13 18:14:15 +01:00
renovate[bot]
b93bd6540c
chore(deps): update trufflesecurity/trufflehog action to v3.67.6
2024-02-13 16:41:46 +00:00
Harald Hoyer
beeb93ed62
feat: build the container image with nix ( #36 )
2024-02-13 14:24:43 +01:00
Harald Hoyer
4fabbf8f3f
feat: build the container image with nix
...
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2024-02-13 13:21:23 +01:00
Harald Hoyer
b0653b4246
fix(deps): update module github.com/hashicorp/vault/api to v1.12.0 ( #31 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [github.com/hashicorp/vault/api](https://togithub.com/hashicorp/vault )
| `v1.11.0` -> `v1.12.0` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
---
### Release Notes
<details>
<summary>hashicorp/vault (github.com/hashicorp/vault/api)</summary>
###
[`v1.12.0`](https://togithub.com/hashicorp/vault/releases/tag/v1.12.0 )
[Compare
Source](https://togithub.com/hashicorp/vault/compare/v1.11.0...v1.12.0 )
##### 1.12.0
##### October 13, 2022
CHANGES:
- api: Exclusively use `GET /sys/plugins/catalog` endpoint for listing
plugins, and add `details` field to list responses.
\[[GH-17347](https://togithub.com/hashicorp/vault/pull/17347 )]
- auth: `GET /sys/auth/:name` endpoint now returns an additional
`deprecation_status` field in the response data for builtins.
\[[GH-16849](https://togithub.com/hashicorp/vault/pull/16849 )]
- auth: `GET /sys/auth` endpoint now returns an additional
`deprecation_status` field in the response data for builtins.
\[[GH-16849](https://togithub.com/hashicorp/vault/pull/16849 )]
- auth: `POST /sys/auth/:type` endpoint response contains a warning for
`Deprecated` auth methods.
\[[GH-17058](https://togithub.com/hashicorp/vault/pull/17058 )]
- auth: `auth enable` returns an error and `POST /sys/auth/:type`
endpoint reports an error for `Pending Removal` auth methods.
\[[GH-17005](https://togithub.com/hashicorp/vault/pull/17005 )]
- core/entities: Fixed stranding of aliases upon entity merge, and
require explicit selection of which aliases should be kept when some
must be deleted
\[[GH-16539](https://togithub.com/hashicorp/vault/pull/16539 )]
- core: Bump Go version to 1.19.2.
- core: Validate input parameters for vault operator init command. Vault
1.12 CLI version is needed to run operator init now.
\[[GH-16379](https://togithub.com/hashicorp/vault/pull/16379 )]
- identity: a request to `/identity/group` that includes
`member_group_ids` that contains a cycle will now be responded to with a
400 rather than 500
\[[GH-15912](https://togithub.com/hashicorp/vault/pull/15912 )]
- licensing (enterprise): Terminated licenses will no longer result in
shutdown. Instead, upgrades will not be allowed if the license
termination time is before the build date of the binary.
- plugins: Add plugin version to auth register, list, and mount table
\[[GH-16856](https://togithub.com/hashicorp/vault/pull/16856 )]
- plugins: `GET /sys/plugins/catalog/:type/:name` endpoint contains
deprecation status for builtin plugins.
\[[GH-17077](https://togithub.com/hashicorp/vault/pull/17077 )]
- plugins: `GET /sys/plugins/catalog/:type/:name` endpoint now returns
an additional `version` field in the response data.
\[[GH-16688](https://togithub.com/hashicorp/vault/pull/16688 )]
- plugins: `GET /sys/plugins/catalog/` endpoint contains deprecation
status in `detailed` list.
\[[GH-17077](https://togithub.com/hashicorp/vault/pull/17077 )]
- plugins: `GET /sys/plugins/catalog` endpoint now returns an additional
`detailed` field in the response data with a list of additional plugin
metadata. \[[GH-16688](https://togithub.com/hashicorp/vault/pull/16688 )]
- plugins: `plugin info` displays deprecation status for builtin
plugins. \[[GH-17077](https://togithub.com/hashicorp/vault/pull/17077 )]
- plugins: `plugin list` now accepts a `-detailed` flag, which display
deprecation status and version info.
\[[GH-17077](https://togithub.com/hashicorp/vault/pull/17077 )]
- secrets/azure: Removed deprecated AAD graph API support from the
secrets engine.
\[[GH-17180](https://togithub.com/hashicorp/vault/pull/17180 )]
- secrets: All database-specific (standalone DB) secrets engines are now
marked `Pending Removal`.
\[[GH-17038](https://togithub.com/hashicorp/vault/pull/17038 )]
- secrets: `GET /sys/mounts/:name` endpoint now returns an additional
`deprecation_status` field in the response data for builtins.
\[[GH-16849](https://togithub.com/hashicorp/vault/pull/16849 )]
- secrets: `GET /sys/mounts` endpoint now returns an additional
`deprecation_status` field in the response data for builtins.
\[[GH-16849](https://togithub.com/hashicorp/vault/pull/16849 )]
- secrets: `POST /sys/mounts/:type` endpoint response contains a warning
for `Deprecated` secrets engines.
\[[GH-17058](https://togithub.com/hashicorp/vault/pull/17058 )]
- secrets: `secrets enable` returns an error and `POST /sys/mount/:type`
endpoint reports an error for `Pending Removal` secrets engines.
\[[GH-17005](https://togithub.com/hashicorp/vault/pull/17005 )]
FEATURES:
- **GCP Cloud KMS support for managed keys**: Managed keys now support
using GCP Cloud KMS keys
- **LDAP Secrets Engine**: Adds the `ldap` secrets engine with service
account check-out functionality for all supported schemas.
\[[GH-17152](https://togithub.com/hashicorp/vault/pull/17152 )]
- **OCSP Responder**: PKI mounts now have an OCSP responder that
implements a subset of RFC6960, answering single serial number OCSP
requests for a specific cluster's revoked certificates in a mount.
\[[GH-16723](https://togithub.com/hashicorp/vault/pull/16723 )]
- **Redis DB Engine**: Adding the new Redis database engine that
supports the generation of static and dynamic user roles and root
credential rotation on a stand alone Redis server.
\[[GH-17070](https://togithub.com/hashicorp/vault/pull/17070 )]
- **Redis ElastiCache DB Plugin**: Added Redis ElastiCache as a built-in
plugin. \[[GH-17075](https://togithub.com/hashicorp/vault/pull/17075 )]
- **Secrets/auth plugin multiplexing**: manage multiple plugin
configurations with a single plugin process
\[[GH-14946](https://togithub.com/hashicorp/vault/pull/14946 )]
- **Transform Key Import (BYOK)**: The transform secrets engine now
supports importing keys for tokenization and FPE transformations
- HCP (enterprise): Adding foundational support for self-managed vault
nodes to securely communicate with [HashiCorp Cloud
Platform](https://cloud.hashicorp.com ) as an opt-in feature
- ui: UI support for Okta Number Challenge.
\[[GH-15998](https://togithub.com/hashicorp/vault/pull/15998 )]
IMPROVEMENTS:
- :core/managed-keys (enterprise): Allow operators to specify PSS
signatures and/or hash algorithm for the test/sign api
- activity (enterprise): Added new clients unit tests to test accuracy
of estimates
- agent/auto-auth: Add `exit_on_err` which when set to true, will cause
Agent to exit if any errors are encountered during authentication.
\[[GH-17091](https://togithub.com/hashicorp/vault/pull/17091 )]
- agent: Added `disable_idle_connections` configuration to disable
leaving idle connections open in auto-auth, caching and templating.
\[[GH-15986](https://togithub.com/hashicorp/vault/pull/15986 )]
- agent: Added `disable_keep_alives` configuration to disable keep
alives in auto-auth, caching and templating.
\[[GH-16479](https://togithub.com/hashicorp/vault/pull/16479 )]
- agent: JWT auto auth now supports a `remove_jwt_after_reading` config
option which defaults to true.
\[[GH-11969](https://togithub.com/hashicorp/vault/pull/11969 )]
- agent: Send notifications to systemd on start and stop.
\[[GH-9802](https://togithub.com/hashicorp/vault/pull/9802 )]
- api/mfa: Add namespace path to the MFA read/list endpoint
\[[GH-16911](https://togithub.com/hashicorp/vault/pull/16911 )]
- api: Add a sentinel error for missing KV secrets
\[[GH-16699](https://togithub.com/hashicorp/vault/pull/16699 )]
- auth/alicloud: Enables AliCloud roles to be compatible with Vault's
role based quotas.
\[[GH-17251](https://togithub.com/hashicorp/vault/pull/17251 )]
- auth/approle: SecretIDs can now be generated with an per-request
specified TTL and num_uses.
When either the ttl and num_uses fields are not specified, the role's
configuration is used.
\[[GH-14474](https://togithub.com/hashicorp/vault/pull/14474 )]
- auth/aws: PKCS7 signatures will now use SHA256 by default in prep for
Go 1.18 \[[GH-16455](https://togithub.com/hashicorp/vault/pull/16455 )]
- auth/azure: Enables Azure roles to be compatible with Vault's role
based quotas.
\[[GH-17194](https://togithub.com/hashicorp/vault/pull/17194 )]
- auth/cert: Add metadata to identity-alias
\[[GH-14751](https://togithub.com/hashicorp/vault/pull/14751 )]
- auth/cert: Operators can now specify a CRL distribution point URL, in
which case the cert auth engine will fetch and use the CRL from that
location rather than needing to push CRLs directly to auth/cert.
\[[GH-17136](https://togithub.com/hashicorp/vault/pull/17136 )]
- auth/cf: Enables CF roles to be compatible with Vault's role based
quotas. \[[GH-17196](https://togithub.com/hashicorp/vault/pull/17196 )]
- auth/gcp: Add support for GCE regional instance groups
\[[GH-16435](https://togithub.com/hashicorp/vault/pull/16435 )]
- auth/gcp: Updates dependencies: `google.golang.org/api@v0.83.0`,
`github.com/hashicorp/go-gcp-common@v0.8.0`.
\[[GH-17160](https://togithub.com/hashicorp/vault/pull/17160 )]
- auth/jwt: Adds support for Microsoft US Gov L4 to the Azure provider
for groups fetching.
\[[GH-16525](https://togithub.com/hashicorp/vault/pull/16525 )]
- auth/jwt: Improves detection of Windows Subsystem for Linux (WSL) for
CLI-based logins.
\[[GH-16525](https://togithub.com/hashicorp/vault/pull/16525 )]
- auth/kerberos: add `add_group_aliases` config to include LDAP groups
in Vault group aliases
\[[GH-16890](https://togithub.com/hashicorp/vault/pull/16890 )]
- auth/kerberos: add `remove_instance_name` parameter to the login CLI
and the Kerberos config in Vault. This removes any instance names found
in the keytab service principal name.
\[[GH-16594](https://togithub.com/hashicorp/vault/pull/16594 )]
- auth/kubernetes: Role resolution for K8S Auth
\[[GH-156](https://togithub.com/hashicorp/vault-plugin-auth-kubernetes/pull/156 )]
\[[GH-17161](https://togithub.com/hashicorp/vault/pull/17161 )]
- auth/oci: Add support for role resolution.
\[[GH-17212](https://togithub.com/hashicorp/vault/pull/17212 )]
- auth/oidc: Adds support for group membership parsing when using
SecureAuth as an OIDC provider.
\[[GH-16274](https://togithub.com/hashicorp/vault/pull/16274 )]
- cli: CLI commands will print a warning if flags will be ignored
because they are passed after positional arguments.
\[[GH-16441](https://togithub.com/hashicorp/vault/pull/16441 )]
- cli: `auth` and `secrets` list `-detailed` commands now show
Deprecation Status for builtin plugins.
\[[GH-16849](https://togithub.com/hashicorp/vault/pull/16849 )]
- cli: `vault plugin list` now has a `details` field in JSON format, and
version and type information in table format.
\[[GH-17347](https://togithub.com/hashicorp/vault/pull/17347 )]
- command/audit: Improve missing type error message
\[[GH-16409](https://togithub.com/hashicorp/vault/pull/16409 )]
- command/server: add `-dev-tls` and `-dev-tls-cert-dir` subcommands to
create a Vault dev server with generated certificates and private key.
\[[GH-16421](https://togithub.com/hashicorp/vault/pull/16421 )]
- command: Fix shell completion for KV v2 mounts
\[[GH-16553](https://togithub.com/hashicorp/vault/pull/16553 )]
- core (enterprise): Add HTTP PATCH support for namespaces with an
associated `namespace patch` CLI command
- core (enterprise): Add check to `vault server` command to ensure
configured storage backend is supported.
- core (enterprise): Add custom metadata support for namespaces
- core/activity: generate hyperloglogs containing clientIds for each
month during precomputation
\[[GH-16146](https://togithub.com/hashicorp/vault/pull/16146 )]
- core/activity: refactor activity log api to reuse partial api
functions in activity endpoint when current month is specified
\[[GH-16162](https://togithub.com/hashicorp/vault/pull/16162 )]
- core/activity: use monthly hyperloglogs to calculate new clients
approximation for current month
\[[GH-16184](https://togithub.com/hashicorp/vault/pull/16184 )]
- core/quotas (enterprise): Added ability to add path suffixes for
lease-count resource quotas
- core/quotas (enterprise): Added ability to add role information for
lease-count resource quotas, to limit login requests on auth mounts made
using that role
- core/quotas: Added ability to add path suffixes for rate-limit
resource quotas
\[[GH-15989](https://togithub.com/hashicorp/vault/pull/15989 )]
- core/quotas: Added ability to add role information for rate-limit
resource quotas, to limit login requests on auth mounts made using that
role \[[GH-16115](https://togithub.com/hashicorp/vault/pull/16115 )]
- core: Activity log goroutine management improvements to allow tests to
be more deterministic.
\[[GH-17028](https://togithub.com/hashicorp/vault/pull/17028 )]
- core: Add `sys/loggers` and `sys/loggers/:name` endpoints to provide
ability to modify logging verbosity
\[[GH-16111](https://togithub.com/hashicorp/vault/pull/16111 )]
- core: Handle and log deprecated builtin mounts. Introduces
`VAULT_ALLOW_PENDING_REMOVAL_MOUNTS` to override shutdown and error when
attempting to mount `Pending Removal` builtin plugins.
\[[GH-17005](https://togithub.com/hashicorp/vault/pull/17005 )]
- core: Limit activity log client count usage by namespaces
\[[GH-16000](https://togithub.com/hashicorp/vault/pull/16000 )]
- core: Upgrade github.com/hashicorp/raft
\[[GH-16609](https://togithub.com/hashicorp/vault/pull/16609 )]
- core: remove gox
\[[GH-16353](https://togithub.com/hashicorp/vault/pull/16353 )]
- docs: Clarify the behaviour of local mounts in the context of DR
replication
\[[GH-16218](https://togithub.com/hashicorp/vault/pull/16218 )]
- identity/oidc: Adds support for detailed listing of clients and
providers.
\[[GH-16567](https://togithub.com/hashicorp/vault/pull/16567 )]
- identity/oidc: Adds the `client_secret_post` token endpoint
authentication method.
\[[GH-16598](https://togithub.com/hashicorp/vault/pull/16598 )]
- identity/oidc: allows filtering the list providers response by an
allowed_client_id
\[[GH-16181](https://togithub.com/hashicorp/vault/pull/16181 )]
- identity: Prevent possibility of data races on entity creation.
\[[GH-16487](https://togithub.com/hashicorp/vault/pull/16487 )]
- physical/postgresql: pass context to queries to propagate timeouts and
cancellations on requests.
\[[GH-15866](https://togithub.com/hashicorp/vault/pull/15866 )]
- plugins/multiplexing: Added multiplexing support to database plugins
if run as external plugins
\[[GH-16995](https://togithub.com/hashicorp/vault/pull/16995 )]
- plugins: Add Deprecation Status method to builtinregistry.
\[[GH-16846](https://togithub.com/hashicorp/vault/pull/16846 )]
- plugins: Added environment variable flag to opt-out specific plugins
from multiplexing
\[[GH-16972](https://togithub.com/hashicorp/vault/pull/16972 )]
- plugins: Adding version to plugin GRPC interface
\[[GH-17088](https://togithub.com/hashicorp/vault/pull/17088 )]
- plugins: Plugin catalog supports registering and managing plugins with
semantic version information.
\[[GH-16688](https://togithub.com/hashicorp/vault/pull/16688 )]
- replication (enterprise): Fix race in merkle sync that can prevent
streaming by returning key value matching provided hash if found in log
shipper buffer.
- secret/nomad: allow reading CA and client auth certificate from
/nomad/config/access
\[[GH-15809](https://togithub.com/hashicorp/vault/pull/15809 )]
- secret/pki: Add RSA PSS signature support for issuing certificates,
signing CRLs
\[[GH-16519](https://togithub.com/hashicorp/vault/pull/16519 )]
- secret/pki: Add signature_bits to sign-intermediate, sign-verbatim
endpoints \[[GH-16124](https://togithub.com/hashicorp/vault/pull/16124 )]
- secret/pki: Allow issuing certificates with non-domain, non-email
Common Names from roles, sign-verbatim, and as issuers
(`cn_validations`).
\[[GH-15996](https://togithub.com/hashicorp/vault/pull/15996 )]
- secret/pki: Allow specifying SKID for cross-signed issuance from older
Vault versions.
\[[GH-16494](https://togithub.com/hashicorp/vault/pull/16494 )]
- secret/transit: Allow importing
[`Ed25519`](https://togithub.com/hashicorp/vault/commit/Ed25519 ) keys
from [PKCS#8](https://togithub.com/PKCS/vault/issues/8 ) with inner RFC
5915 ECPrivateKey blobs (NSS-wrapped keys).
\[[GH-15742](https://togithub.com/hashicorp/vault/pull/15742 )]
- secrets/ad: set config default length only if password_policy is
missing \[[GH-16140](https://togithub.com/hashicorp/vault/pull/16140 )]
- secrets/azure: Adds option to permanently delete AzureAD objects
created by Vault.
\[[GH-17045](https://togithub.com/hashicorp/vault/pull/17045 )]
- secrets/database/hana: Add ability to customize dynamic usernames
\[[GH-16631](https://togithub.com/hashicorp/vault/pull/16631 )]
- secrets/database/snowflake: Add multiplexing support
\[[GH-17159](https://togithub.com/hashicorp/vault/pull/17159 )]
- secrets/gcp: Updates dependencies: `google.golang.org/api@v0.83.0`,
`github.com/hashicorp/go-gcp-common@v0.8.0`.
\[[GH-17174](https://togithub.com/hashicorp/vault/pull/17174 )]
- secrets/gcpkms: Update dependencies: google.golang.org/api@v0.83.0.
\[[GH-17199](https://togithub.com/hashicorp/vault/pull/17199 )]
- secrets/kubernetes: upgrade to v0.2.0
\[[GH-17164](https://togithub.com/hashicorp/vault/pull/17164 )]
- secrets/pki/tidy: Add another pair of metrics counting certificates
not deleted by the tidy operation.
\[[GH-16702](https://togithub.com/hashicorp/vault/pull/16702 )]
- secrets/pki: Add a new flag to issue/sign APIs which can filter out
root CAs from the returned ca_chain field
\[[GH-16935](https://togithub.com/hashicorp/vault/pull/16935 )]
- secrets/pki: Add a warning to any successful response when the
requested TTL is overwritten by MaxTTL
\[[GH-17073](https://togithub.com/hashicorp/vault/pull/17073 )]
- secrets/pki: Add ability to cancel tidy operations, control tidy
resource usage.
\[[GH-16958](https://togithub.com/hashicorp/vault/pull/16958 )]
- secrets/pki: Add ability to periodically rebuild CRL before expiry
\[[GH-16762](https://togithub.com/hashicorp/vault/pull/16762 )]
- secrets/pki: Add ability to periodically run tidy operations to remove
expired certificates.
\[[GH-16900](https://togithub.com/hashicorp/vault/pull/16900 )]
- secrets/pki: Add support for per-issuer Authority Information Access
(AIA) URLs
\[[GH-16563](https://togithub.com/hashicorp/vault/pull/16563 )]
- secrets/pki: Add support to specify signature bits when generating
CSRs through intermediate/generate apis
\[[GH-17388](https://togithub.com/hashicorp/vault/pull/17388 )]
- secrets/pki: Added gauge metrics
"secrets.pki.total_revoked_certificates_stored" and
"secrets.pki.total_certificates_stored" to track the number of
certificates in storage.
\[[GH-16676](https://togithub.com/hashicorp/vault/pull/16676 )]
- secrets/pki: Allow revocation of certificates with explicitly provided
certificate (bring your own certificate / BYOC).
\[[GH-16564](https://togithub.com/hashicorp/vault/pull/16564 )]
- secrets/pki: Allow revocation via proving possession of certificate's
private key
\[[GH-16566](https://togithub.com/hashicorp/vault/pull/16566 )]
- secrets/pki: Allow tidy to associate revoked certs with their issuers
for OCSP performance
\[[GH-16871](https://togithub.com/hashicorp/vault/pull/16871 )]
- secrets/pki: Honor If-Modified-Since header on CA, CRL fetch; requires
passthrough_request_headers modification on the mount point.
\[[GH-16249](https://togithub.com/hashicorp/vault/pull/16249 )]
- secrets/pki: Improve stability of association of revoked cert with its
parent issuer; when an issuer loses crl-signing usage, do not place
certs on default issuer's CRL.
\[[GH-16874](https://togithub.com/hashicorp/vault/pull/16874 )]
- secrets/pki: Support generating delta CRLs for up-to-date CRLs when
auto-building is enabled.
\[[GH-16773](https://togithub.com/hashicorp/vault/pull/16773 )]
- secrets/ssh: Add allowed_domains_template to allow templating of
allowed_domains.
\[[GH-16056](https://togithub.com/hashicorp/vault/pull/16056 )]
- secrets/ssh: Allow additional text along with a template definition in
defaultExtension value fields.
\[[GH-16018](https://togithub.com/hashicorp/vault/pull/16018 )]
- secrets/ssh: Allow the use of Identity templates in the `default_user`
field \[[GH-16351](https://togithub.com/hashicorp/vault/pull/16351 )]
- secrets/transit: Add a dedicated HMAC key type, which can be used with
key import.
\[[GH-16668](https://togithub.com/hashicorp/vault/pull/16668 )]
- secrets/transit: Added a parameter to encrypt/decrypt batch operations
to allow the caller to override the HTTP response code in case of
partial user-input failures.
\[[GH-17118](https://togithub.com/hashicorp/vault/pull/17118 )]
- secrets/transit: Allow configuring the possible salt lengths for RSA
PSS signatures.
\[[GH-16549](https://togithub.com/hashicorp/vault/pull/16549 )]
- ssh: Addition of an endpoint `ssh/issue/:role` to allow the creation
of signed key pairs
\[[GH-15561](https://togithub.com/hashicorp/vault/pull/15561 )]
- storage/cassandra: tuning parameters for clustered environments
`connection_timeout`, `initial_connection_timeout`,
`simple_retry_policy_retries`.
\[[GH-10467](https://togithub.com/hashicorp/vault/pull/10467 )]
- storage/gcs: Add documentation explaining how to configure the gcs
backend using environment variables instead of options in the
configuration stanza
\[[GH-14455](https://togithub.com/hashicorp/vault/pull/14455 )]
- ui: Changed the tokenBoundCidrs tooltip content to clarify that comma
separated values are not accepted in this field.
\[[GH-15852](https://togithub.com/hashicorp/vault/pull/15852 )]
- ui: Prevents requests to /sys/internal/ui/resultant-acl endpoint when
unauthenticated
\[[GH-17139](https://togithub.com/hashicorp/vault/pull/17139 )]
- ui: Removed deprecated version of core-js 2.6.11
\[[GH-15898](https://togithub.com/hashicorp/vault/pull/15898 )]
- ui: Renamed labels under Tools for wrap, lookup, rewrap and unwrap
with description.
\[[GH-16489](https://togithub.com/hashicorp/vault/pull/16489 )]
- ui: Replaces non-inclusive terms
\[[GH-17116](https://togithub.com/hashicorp/vault/pull/17116 )]
- ui: redirect_to param forwards from auth route when authenticated
\[[GH-16821](https://togithub.com/hashicorp/vault/pull/16821 )]
- website/docs: API generate-recovery-token documentation.
\[[GH-16213](https://togithub.com/hashicorp/vault/pull/16213 )]
- website/docs: Add documentation around the expensiveness of making
lots of lease count quotas in a short period
\[[GH-16950](https://togithub.com/hashicorp/vault/pull/16950 )]
- website/docs: Removes mentions of unauthenticated from internal ui
resultant-acl doc
\[[GH-17139](https://togithub.com/hashicorp/vault/pull/17139 )]
- website/docs: Update replication docs to mention Integrated Storage
\[[GH-16063](https://togithub.com/hashicorp/vault/pull/16063 )]
- website/docs: changed to echo for all string examples instead of (<<<)
here-string.
\[[GH-9081](https://togithub.com/hashicorp/vault/pull/9081 )]
BUG FIXES:
- agent/template: Fix parsing error for the exec stanza
\[[GH-16231](https://togithub.com/hashicorp/vault/pull/16231 )]
- agent: Agent will now respect `max_retries` retry configuration even
when caching is set.
\[[GH-16970](https://togithub.com/hashicorp/vault/pull/16970 )]
- agent: Update consul-template for pkiCert bug fixes
\[[GH-16087](https://togithub.com/hashicorp/vault/pull/16087 )]
- api/sys/internal/specs/openapi: support a new "dynamic" query
parameter to generate generic mountpaths
\[[GH-15835](https://togithub.com/hashicorp/vault/pull/15835 )]
- api: Fixed erroneous warnings of unrecognized parameters when
unwrapping data.
\[[GH-16794](https://togithub.com/hashicorp/vault/pull/16794 )]
- api: Fixed issue with internal/ui/mounts and
internal/ui/mounts/(?P<path>.+) endpoints where it was not properly
handling /auth/
\[[GH-15552](https://togithub.com/hashicorp/vault/pull/15552 )]
- api: properly handle switching to/from unix domain socket when
changing client address
\[[GH-11904](https://togithub.com/hashicorp/vault/pull/11904 )]
- auth/cert: Vault does not initially load the CRLs in cert auth unless
the read/write CRL endpoint is hit.
\[[GH-17138](https://togithub.com/hashicorp/vault/pull/17138 )]
- auth/kerberos: Maintain headers set by the client
\[[GH-16636](https://togithub.com/hashicorp/vault/pull/16636 )]
- auth/kubernetes: Restore support for JWT signature algorithm ES384
\[[GH-160](https://togithub.com/hashicorp/vault-plugin-auth-kubernetes/pull/160 )]
\[[GH-17161](https://togithub.com/hashicorp/vault/pull/17161 )]
- auth/token: Fix ignored parameter warnings for valid parameters on
token create
\[[GH-16938](https://togithub.com/hashicorp/vault/pull/16938 )]
- command/debug: fix bug where monitor was not honoring configured
duration \[[GH-16834](https://togithub.com/hashicorp/vault/pull/16834 )]
- core (enterprise): Fix bug where wrapping token lookup does not work
within namespaces.
\[[GH-15583](https://togithub.com/hashicorp/vault/pull/15583 )]
- core (enterprise): Fix creation of duplicate entities via alias
metadata changes on local auth mounts.
- core/auth: Return a 403 instead of a 500 for a malformed SSCT
\[[GH-16112](https://togithub.com/hashicorp/vault/pull/16112 )]
- core/identity: Replicate member_entity_ids and policies in
identity/group across nodes identically
\[[GH-16088](https://togithub.com/hashicorp/vault/pull/16088 )]
- core/license (enterprise): Always remove stored license and allow
unseal to complete when license cleanup fails
- core/managed-keys (enterprise): fix panic when having `cache_disable`
true
- core/quotas (enterprise): Fixed issue with improper counting of leases
if lease count quota created after leases
- core/quotas: Added globbing functionality on the end of path suffix
quota paths
\[[GH-16386](https://togithub.com/hashicorp/vault/pull/16386 )]
- core/quotas: Fix goroutine leak caused by the seal process not fully
cleaning up Rate Limit Quotas.
\[[GH-17281](https://togithub.com/hashicorp/vault/pull/17281 )]
- core/replication (enterprise): Don't flush merkle tree pages to disk
after losing active duty
- core/seal: Fix possible keyring truncation when using the file
backend. \[[GH-15946](https://togithub.com/hashicorp/vault/pull/15946 )]
- core: Fix panic when the plugin catalog returns neither a plugin nor
an error. \[[GH-17204](https://togithub.com/hashicorp/vault/pull/17204 )]
- core: Fixes parsing boolean values for ha_storage backends in config
\[[GH-15900](https://togithub.com/hashicorp/vault/pull/15900 )]
- core: Increase the allowed concurrent gRPC streams over the cluster
port. \[[GH-16327](https://togithub.com/hashicorp/vault/pull/16327 )]
- core: Prevent two or more DR failovers from invalidating SSCT tokens
generated on the previous primaries.
\[[GH-16956](https://togithub.com/hashicorp/vault/pull/16956 )]
- database: Invalidate queue should cancel context first to avoid
deadlock \[[GH-15933](https://togithub.com/hashicorp/vault/pull/15933 )]
- debug: Fix panic when capturing debug bundle on Windows
\[[GH-14399](https://togithub.com/hashicorp/vault/pull/14399 )]
- debug: Remove extra empty lines from vault.log when debug command is
run \[[GH-16714](https://togithub.com/hashicorp/vault/pull/16714 )]
- identity (enterprise): Fix a data race when creating an entity for a
local alias.
- identity/oidc: Adds `claims_supported` to discovery document.
\[[GH-16992](https://togithub.com/hashicorp/vault/pull/16992 )]
- identity/oidc: Change the `state` parameter of the Authorization
Endpoint to optional.
\[[GH-16599](https://togithub.com/hashicorp/vault/pull/16599 )]
- identity/oidc: Detect invalid `redirect_uri` values sooner in
validation of the Authorization Endpoint.
\[[GH-16601](https://togithub.com/hashicorp/vault/pull/16601 )]
- identity/oidc: Fixes validation of the `request` and `request_uri`
parameters.
\[[GH-16600](https://togithub.com/hashicorp/vault/pull/16600 )]
- openapi: Fixed issue where information about /auth/token endpoints was
not present with explicit policy permissions
\[[GH-15552](https://togithub.com/hashicorp/vault/pull/15552 )]
- plugin/multiplexing: Fix panic when id doesn't exist in connection map
\[[GH-16094](https://togithub.com/hashicorp/vault/pull/16094 )]
- plugin/secrets/auth: Fix a bug with aliased backends such as aws-ec2
or generic
\[[GH-16673](https://togithub.com/hashicorp/vault/pull/16673 )]
- plugins: Corrected the path to check permissions on when the
registered plugin name does not match the plugin binary's filename.
\[[GH-17340](https://togithub.com/hashicorp/vault/pull/17340 )]
- quotas/lease-count: Fix lease-count quotas on mounts not properly
being enforced when the lease generating request is a read
\[[GH-15735](https://togithub.com/hashicorp/vault/pull/15735 )]
- replication (enterprise): Fix data race in SaveCheckpoint()
- replication (enterprise): Fix data race in saveCheckpoint.
- replication (enterprise): Fix possible data race during merkle
diff/sync
- secret/pki: Do not fail validation with a legacy key_bits default
value and key_type=any when signing CSRs
\[[GH-16246](https://togithub.com/hashicorp/vault/pull/16246 )]
- secrets/database: Fix a bug where the secret engine would queue up a
lot of WAL deletes during startup.
\[[GH-16686](https://togithub.com/hashicorp/vault/pull/16686 )]
- secrets/gcp: Fixes duplicate static account key creation from
performance secondary clusters.
\[[GH-16534](https://togithub.com/hashicorp/vault/pull/16534 )]
- secrets/kv: Fix `kv get` issue preventing the ability to read a secret
when providing a leading slash
\[[GH-16443](https://togithub.com/hashicorp/vault/pull/16443 )]
- secrets/pki: Allow import of issuers without CRLSign KeyUsage;
prohibit setting crl-signing usage on such issuers
\[[GH-16865](https://togithub.com/hashicorp/vault/pull/16865 )]
- secrets/pki: Do not ignore provided signature bits value when signing
intermediate and leaf certificates with a managed key
\[[GH-17328](https://togithub.com/hashicorp/vault/pull/17328 )]
- secrets/pki: Do not read revoked certificates from backend when CRL is
disabled \[[GH-17385](https://togithub.com/hashicorp/vault/pull/17385 )]
- secrets/pki: Fix migration to properly handle mounts that contain only
keys, no certificates
\[[GH-16813](https://togithub.com/hashicorp/vault/pull/16813 )]
- secrets/pki: Ignore EC PARAMETER PEM blocks during issuer import
(/config/ca, /issuers/import/\*, and /intermediate/set-signed)
\[[GH-16721](https://togithub.com/hashicorp/vault/pull/16721 )]
- secrets/pki: LIST issuers endpoint is now unauthenticated.
\[[GH-16830](https://togithub.com/hashicorp/vault/pull/16830 )]
- secrets/transform (enterprise): Fix an issue loading tokenization
transform configuration after a specific sequence of reconfigurations.
- secrets/transform (enterprise): Fix persistence problem with
tokenization store credentials.
- storage/raft (enterprise): Fix some storage-modifying RPCs used by
perf standbys that weren't returning the resulting WAL state.
- storage/raft (enterprise): Prevent unauthenticated voter status change
with rejoin
\[[GH-16324](https://togithub.com/hashicorp/vault/pull/16324 )]
- storage/raft: Fix retry_join initialization failure
\[[GH-16550](https://togithub.com/hashicorp/vault/pull/16550 )]
- storage/raft: Nodes no longer get demoted to nonvoter if we don't know
their version due to missing heartbeats.
\[[GH-17019](https://togithub.com/hashicorp/vault/pull/17019 )]
- ui/keymgmt: Sets the defaultValue for type when creating a key.
\[[GH-17407](https://togithub.com/hashicorp/vault/pull/17407 )]
- ui: Fix OIDC callback to accept namespace flag in different formats
\[[GH-16886](https://togithub.com/hashicorp/vault/pull/16886 )]
- ui: Fix info tooltip submitting form
\[[GH-16659](https://togithub.com/hashicorp/vault/pull/16659 )]
- ui: Fix issue logging in with JWT auth method
\[[GH-16466](https://togithub.com/hashicorp/vault/pull/16466 )]
- ui: Fix lease force revoke action
\[[GH-16930](https://togithub.com/hashicorp/vault/pull/16930 )]
- ui: Fix naming of permitted_dns_domains form parameter on CA creation
(root generation and sign intermediate).
\[[GH-16739](https://togithub.com/hashicorp/vault/pull/16739 )]
- ui: Fixed bug where red spellcheck underline appears in
sensitive/secret kv values when it should not appear
\[[GH-15681](https://togithub.com/hashicorp/vault/pull/15681 )]
- ui: Fixes secret version and status menu links transitioning to auth
screen \[[GH-16983](https://togithub.com/hashicorp/vault/pull/16983 )]
- ui: OIDC login type uses localStorage instead of sessionStorage
\[[GH-16170](https://togithub.com/hashicorp/vault/pull/16170 )]
- vault: Fix a bug where duplicate policies could be added to an
identity group.
\[[GH-15638](https://togithub.com/hashicorp/vault/pull/15638 )]
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/matter-labs/vault-auth-tee ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMzUuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE3My4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
2024-02-13 13:07:31 +01:00
