Commit 9c81787
authored
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
chore(deps): bump trufflesecurity/trufflehog from 3.92.3 to 3.92.5 (#23)
Bumps
[trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog)
from 3.92.3 to 3.92.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/trufflesecurity/trufflehog/releases">trufflesecurity/trufflehog's
releases</a>.</em></p>
<blockquote>
<h2>v3.92.5</h2>
<h2>What's Changed</h2>
<ul>
<li>[INS-206] Store Gitlab Project ID in secret location metadata by <a
href="https://github.com/mustansir14"><code>@mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4601">trufflesecurity/trufflehog#4601</a></li>
<li>[INS-242] Add more validations to Custom Detector config by <a
href="https://github.com/mustansir14"><code>@mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4642">trufflesecurity/trufflehog#4642</a></li>
<li>Fix syslog test failing due to hardcoded timestamp by <a
href="https://github.com/MuneebUllahKhan222"><code>@MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4646">trufflesecurity/trufflehog#4646</a></li>
<li>[INS-120] Increase code coverage for Postman's source scanItem
function by <a
href="https://github.com/MuneebUllahKhan222"><code>@MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4648">trufflesecurity/trufflehog#4648</a></li>
<li>[INS-232] Fix S3 Source "panic: runtime error: index out of
range" bug by <a
href="https://github.com/mustansir14"><code>@mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4610">trufflesecurity/trufflehog#4610</a></li>
<li>[INS-170] Unify JDBC URL Parsing Across Detector and Analyzer
(Continued) by <a
href="https://github.com/mustansir14"><code>@mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4606">trufflesecurity/trufflehog#4606</a></li>
<li>Add exponential backoff retry logic in Twilio detector by <a
href="https://github.com/shahzadhaider1"><code>@shahzadhaider1</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4652">trufflesecurity/trufflehog#4652</a></li>
<li>Fix typo in help description for Postman API metric by <a
href="https://github.com/shahzadhaider1"><code>@shahzadhaider1</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4656">trufflesecurity/trufflehog#4656</a></li>
<li>Rework JWT detector to better block local IPs by <a
href="https://github.com/bradlarsen"><code>@bradlarsen</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4607">trufflesecurity/trufflehog#4607</a></li>
<li>Gitlab Source: Backoff from Scan2 which is experimental to legacy
pagination API call by <a
href="https://github.com/kashifkhan0771"><code>@kashifkhan0771</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4608">trufflesecurity/trufflehog#4608</a></li>
<li>fix: git commit date parsing for non-English locales by <a
href="https://github.com/GLEF1X"><code>@GLEF1X</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4653">trufflesecurity/trufflehog#4653</a></li>
<li>fix: report accurate line numbers for chunked file scanning (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1876">#1876</a>)
by <a href="https://github.com/GLEF1X"><code>@GLEF1X</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4615">trufflesecurity/trufflehog#4615</a></li>
<li>Add Postman API monthly request limit metric by <a
href="https://github.com/shahzadhaider1"><code>@shahzadhaider1</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4667">trufflesecurity/trufflehog#4667</a></li>
<li>[INS-243] Fix jdbc detector detecting incomplete connection string
and fixed invalid… by <a
href="https://github.com/MuneebUllahKhan222"><code>@MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4636">trufflesecurity/trufflehog#4636</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/GLEF1X"><code>@GLEF1X</code></a> made
their first contribution in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4653">trufflesecurity/trufflehog#4653</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/trufflesecurity/trufflehog/compare/v3.92.4...v3.92.5">https://github.com/trufflesecurity/trufflehog/compare/v3.92.4...v3.92.5</a></p>
<h2>v3.92.4</h2>
<h2>What's Changed</h2>
<ul>
<li>[INS-170] Unify JDBC URL parsing across detectors and analyzers by
<a href="https://github.com/mustansir14"><code>@mustansir14</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4574">trufflesecurity/trufflehog#4574</a></li>
<li>Pagination and Rate-Limit Handling In Docker Registry Namespace API
Calls by <a
href="https://github.com/nabeelalam"><code>@nabeelalam</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4557">trufflesecurity/trufflehog#4557</a></li>
<li>[INS-226] Use pinned image for Quay registry Integration test by <a
href="https://github.com/mustansir14"><code>@mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4602">trufflesecurity/trufflehog#4602</a></li>
<li>Update module golang.org/x/crypto to v0.45.0 [SECURITY] by <a
href="https://github.com/renovate"><code>@renovate</code></a>[bot] in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4562">trufflesecurity/trufflehog#4562</a></li>
<li>[INS-207] Add Role-Aware Resumption Support for Legacy S3 Scan by <a
href="https://github.com/MuneebUllahKhan222"><code>@MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4600">trufflesecurity/trufflehog#4600</a></li>
<li>Enable line numbers for GitHub Real-time by <a
href="https://github.com/rosecodym"><code>@rosecodym</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4611">trufflesecurity/trufflehog#4611</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/trufflesecurity/trufflehog/compare/v3.92.3...v3.92.4">https://github.com/trufflesecurity/trufflehog/compare/v3.92.3...v3.92.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/116e7171542d2f1dad8810f00dcfacbe0b809183"><code>116e717</code></a>
[INS-243] Fix jdbc detector detecting incomplete connection string and
fixed ...</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/b924c0bfbe821e54144a6172e4d4c0eb996c4cb5"><code>b924c0b</code></a>
added monthly requests limit to postman api request metrics collection
(<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4667">#4667</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/f3eff52825b46da019dc3f68d7c3efb0d12fbd25"><code>f3eff52</code></a>
fix: report accurate line numbers for chunked file scanning (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1876">#1876</a>)
(<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4615">#4615</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/6a0bc788d2cadadc82df0a0d462c2c074f203790"><code>6a0bc78</code></a>
fix(git): use <code>--iso-strict</code> git arg to prevent locale issue
(<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4653">#4653</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/fc3f35cedd93016c9458ef836c1b31f13d494fd7"><code>fc3f35c</code></a>
Gitlab Source: Backoff from Scan2 which is experimental to legacy
pagination ...</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/728d71fbb3a928e64f29ee19c823aa679b33b028"><code>728d71f</code></a>
Rework JWT detector to better block local IPs; add HTTP instrumentation
(<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4607">#4607</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/89cc34b8c42a503813ec4c15042900cf1bee0f2d"><code>89cc34b</code></a>
Fix typo in help description for Postman API metric (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4656">#4656</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/69045956f12223eecaffbae2d9c59468893dad9c"><code>6904595</code></a>
detectors/twilio: add exponential backoff retry logic (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4652">#4652</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/4e02afb0159d0de9be6ceaa2064177f1b16f5033"><code>4e02afb</code></a>
[INS-170] Unify JDBC URL Parsing Across Detector and Analyzer
(Continued) (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4">#4</a>...</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/964eab023ff111a9e4278296a5c4dc2ff083d61e"><code>964eab0</code></a>
[INS-232] Fix S3 Source "panic: runtime error: index out of
range" bug (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4610">#4610</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/trufflesecurity/trufflehog/compare/v3.92.3...116e7171542d2f1dad8810f00dcfacbe0b809183">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parent 781b3fa commit 9c81787
2 files changed
Lines changed: 2 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
18 | 18 | | |
19 | 19 | | |
20 | 20 | | |
21 | | - | |
| 21 | + | |
22 | 22 | | |
23 | 23 | | |
24 | 24 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
18 | 18 | | |
19 | 19 | | |
20 | 20 | | |
21 | | - | |
| 21 | + | |
22 | 22 | | |
23 | 23 | | |
24 | 24 | | |
| |||
0 commit comments