v3.63.10

What's Changed

• added azure protos by @roxanne-tampus in #2304
• [fixup ] - Allow ssh cloning with AWS Code Commit by @ahrav in #2307
• Assume unauthenticated github scans have public visibility by @mcastorina in #2308
• [chore] - Add regex and keyword for api_org tokens by @ahrav in #2240

Full Changelog: v3.63.9...v3.63.10

v3.63.9

What's Changed

• [chore] - update docs for pre-commit by @ahrav in #2280
• Ignore common false positives for Parseur Detector by @rgmz in #2229
• Ignore common Signable false positives by @rgmz in #2230
• fix(deps): update golang.org/x/exp digest to be819d1 by @renovate in #2281
• [chore] - update test by @ahrav in #2283
• adding postgres detector by @dylanTruffle in #2108
• fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.1 by @renovate in #2282
• fix(deps): update golang.org/x/exp digest to 0dcbfd6 by @renovate in #2284
• fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.3 by @renovate in #2285
• Extend memory cache by @ahrav in #2275
• fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.19 by @renovate in #2286
• chore(deps): update alpine docker tag to v3.19 by @renovate in #2287
• chore(deps): update sigstore/cosign-installer action to v3.3.0 by @renovate in #2290
• fix(deps): update module cloud.google.com/go/storage to v1.36.0 by @renovate in #2291
• fix(deps): update module github.com/aws/aws-sdk-go to v1.49.18 by @renovate in #2292
• feat(installation): Implement checksum signature verification by @hibare in #2157
• fix(deps): update module github.com/aws/aws-sdk-go to v1.49.19 by @renovate in #2294
• fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.9.0 by @renovate in #2295
• [chore] - small updates by @ahrav in #2288
• [feat] - Allow for the use of include/exclude path files for filesystem scans by @ahrav in #2297
• Individuate archive tests by @rosecodym in #2293
• [feat] - Provide CLI flag to only use custom verifiers by @ahrav in #2299
• Disable postgres detector because it it too sensitive by @dustin-decker in #2303

Full Changelog: v3.63.8...v3.63.9

v3.63.8

What's Changed

• Fix commit message single quote escaping on GitHub Action by @0x2b3bfa0 in #2259
• fix(deps): update module github.com/go-git/go-git/v5 to v5.11.0 [security] by @renovate in #2263
• Fix non-ASCII whitespace on GitHub Action by @0x2b3bfa0 in #2270
• Update GitParse logic to handle edge case. by @rgmz in #2206
• [chore] Add test to check all versioned detectors are non-zero by @mcastorina in #2272
• Update stripe detector regex by @NikhilPanwar in #2261
• Update to Sourcegraph Access token format by @shivasurya in #2254
• Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 by @dependabot in #2278
• Bump github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.6.0 by @dependabot in #2279
• Wrap temp deletion err by @rosecodym in #2277
• 1833 Fix syslog udp by @df3rry in #1835

New Contributors

• @0x2b3bfa0 made their first contribution in #2259
• @NikhilPanwar made their first contribution in #2261
• @df3rry made their first contribution in #1835

Full Changelog: v3.63.7...v3.63.8

v3.63.7

What's Changed

• Add skip archive support by @dustin-decker in #2257
• Skip all binaries by @bill-rich in #2256
• Add handlerOpts back by @bill-rich in #2258
• Use directory iterator instead of walkdir by @dustin-decker in #2260

Full Changelog: v3.63.6...v3.63.7

v3.63.6

What's Changed

• Adds basic if/else check if pid slice is empty by @codevbus in #2244
• [fixup] - move cleanup to run by @ahrav in #2245
• shallow cloning + GitHub Action by @joeleonjr in #2138
• Update GitHub extradata by @rgmz in #2219
• Avoid extraneous authentication attempts when verifying Snowflake by @rgmz in #2057
• Add missing import by @dustin-decker in #2246
• [bug] - Bug archive handler memory leak by @ahrav in #2247
• [chore] - use snake_case for naming by @ahrav in #2238
• [chore] - add additional binary extensions to skip by @ahrav in #2235
• [chore] - lower logging level by @ahrav in #2249
• [bug] - Fix Context Timeout-Induced Goroutine Leak in readInChunks by @ahrav in #2251
• Dedupe some source log keys by @rosecodym in #2250
• [fixup] - Refactor to Pass Reader for Binary Diffs and Archived Data; Optimize /tmp Directory Cleanup by @ahrav in #2253
• Use walkdir for tmp cleanup by @dustin-decker in #2255

Full Changelog: v3.63.5...v3.63.6

v3.63.5

What's Changed

• [chore] Prevent panic when ChunkError has a nil Unit by @mcastorina in #2227
• [feat] - Make skipping binaries configurable by @ahrav in #2226
• [chore] Add skip_binaries field to AzureRepos proto message by @mcastorina in #2232
• Don't run detector tests on forks by @rgmz in #2234
• Update Freshworks verification to check for valid JSON response by @rgmz in #2212
• Enhance HuggingFace extra data by @rgmz in #2222
• Convert Shortcut detector to tri-state verification by @rgmz in #2211
• add secretID to chunk by @ahrav in #2242
• fix(deps): update module golang.org/x/crypto to v0.17.0 [security] by @renovate in #2243

Full Changelog: v3.63.4...v3.63.5

v3.63.4

What's Changed

• Bump github.com/docker/docker from 24.0.0+incompatible to 24.0.7+incompatible by @dependabot in #2213
• Fix emoji in README by @rgmz in #2217
• Upgrade sevenzip to v1.4.5 by @rgmz in #2215
• Encode '%' when generating Git URLs by @rgmz in #2214
• Fix GitParse trimming whitespace from filename by @rgmz in #2201
• [fixup] - Avoid reading decompressed data into memory by @ahrav in #2196
• Update GitLab v1 verification to check for valid JSON response by @rgmz in #2218
• Check for SourceUnit support dynamically in the SourceManager by @mcastorina in #2205
• Fix GitHub source showing 0 members by @rgmz in #2202
• Don't run 'test' workflow in forks by @rgmz in #2221

Full Changelog: v3.63.3...v3.63.4

v3.63.3

What's Changed

• Use forked sevenzip by @bill-rich in #2180
• fixing how to rotate URL by @dylanTruffle in #2183
• [fixup] - Skip trying to determine MIME type for directories by @ahrav in #2178
• [feat] - Remove go-git dependency by @ahrav in #2174
• remove unnecessary Git cmd check by @ahrav in #2175
• [chore] - use https for verification endpoints by @ahrav in #2185
• allow targets for the source manager by @ahrav in #2182
• Deprecate some detectors by @dustin-decker in #2186
• [chore] - update regex by @ahrav in #2184
• [chore] - Compile regex once by @ahrav in #2176
• Remove Java archives from ignored extensions by @rosecodym in #2188
• [chore] - Refactor common code into a separate function by @ahrav in #2179
• [feat] - add metrics for gitlab by @ahrav in #2190
• [bug] - move logic to main Chunks method by @ahrav in #2194
• [fixup] - skip files in the archive handler by @ahrav in #2195
• Check private keys concurrently by @rgmz in #2139
• Propagate TruffleHog context to handlers by @rgmz in #2191
• [bug] - close file after reading by @ahrav in #2203
• Use bad json in slackwebhooks by @rosecodym in #2193
• Add disk buffer tempfile cleanup by @codevbus in #2130
• [chore] Remove omitempty tags on JobProgressMetrics and UnitMetrics by @mcastorina in #2204
• Fix azurestorage detector by @0x1 in #2207
• fix and refactor browserstack detector by @0x1 in #2208
• [chore] Remove unnecessary string conversion in tefter detector by @mcastorina in #2209
• Update metabase verification to check for a valid JSON response by @mcastorina in #2210

Full Changelog: v3.63.2...v3.63.3

v3.63.2

Changelog

• 11394ea [thog-1548] add auto redaction for verification errors (#2106)
• 692582f fix(deps): update module github.com/google/go-github/v42 to v57 (#2172)
• 16cf858 chore(deps): update google-github-actions/auth action to v2 (#2171)
• 13da76d skip files we can't scan (#2170)
• dbfd9a7 fix(deps): update module google.golang.org/api to v0.152.0 (#2169)
• 996a11d [chore] - remove deprecated types (#2168)
• 08b58aa fix(deps): update module golang.org/x/oauth2 to v0.15.0 (#2167)
• 5d00236 fix(deps): update module github.com/aws/aws-sdk-go to v1.48.12 (#2166)
• 83cd276 fix(deps): update module github.com/xanzy/go-gitlab to v0.94.0 (#2165)
• b5b8223 fix(deps): update module github.com/trufflesecurity/disk-buffer-reader to v0.2.1 (#2163)
• 5d01969 Ignore images and binaries (#2162)
• 37d9e5e [chore] - Increase pagination limit (#2154)
• 32d8150 fix(deps): update module github.com/google/go-containerregistry to v0.17.0 (#2160)
• 07dc123 update forager types (#2159)
• 1cb8538 fix(deps): update module github.com/go-logr/zapr to v1.3.0 (#2158)
• fdff3b7 fix(deps): update module github.com/fatih/color to v1.16.0 (#2155)
• a6685d7 fix(deps): update module github.com/couchbase/gocb/v2 to v2.7.0 (#2153)
• 8065b53 fix(deps): update module github.com/aws/aws-sdk-go to v1.48.11 (#2152)
• 392b07f fix(deps): update module github.com/alecthomas/kingpin/v2 to v2.4.0 (#2151)
• d81b7ea fix(deps): update module cloud.google.com/go/storage to v1.35.1 (#2150)
• c34efc3 make empty slice delcration consistent (#2144)
• 02ba66d chore(deps): update sigstore/cosign-installer action to v3.2.0 (#2149)
• 239bf92 fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.18 (#2148)
• 3c1fde1 fix(deps): update module github.com/hashicorp/go-retryablehttp to v0.7.5 (#2147)
• 79a862a fix(deps): update module github.com/go-git/go-git/v5 to v5.10.1 (#2146)
• 279f915 [chore] - fix error comparisons (#2142)
• f3d51d1 fix(deps): update module cloud.google.com/go/secretmanager to v1.11.4 (#2145)
• ed70118 fix(deps): update golang.org/x/exp digest to 6522937 (#2140)
• 52ffab1 [chore] - fix import name clashes (#2143)
• e7ccfc2 fix(deps): update module github.com/google/go-github/v42 to v56 (#2049)
• a367f9c Fix azure panic when invalid URL is constructed (#2137)
• 8880c2e fixup cleantemp (#2136)
• e498c80 Fix nil pointer dereference when checking if a unit IsFinished (#2135)
• 7ecd43a [chore] Minor cleanup of source_manager.go (#2134)
• 363ccab Simplify temp dir cleaning (#2133)
• ede0c39 Add new auth method to source (#2132)
• d552222 add extradata nil check and use make (#2129)
• 1759f09 added ci scanning info to readme (#2126)
• 78219a2 Call Finish in SourceManager after the semaphore is released (#2121)
• 024aa05 chore(github): add a newline between titles and bodies (#2124)
• 1f502fd feat(github): scan issue & pr titles (#1899)
• 0e6e1dc use camelcase var names (#2123)
• 7d10e25 Remove unused functions (#2122)
• a7a9e18 [chore] - update readme help flags (#2120)
• 11df3dc feat(signing): Sign checksum (#1894)
• a7d330a import missing detectors (#2119)
• 75e869f Fix forks and repos counter, add metric for orgs enumerated (#2118)
• 62c628f feat(telegram): add username to extradata (#2100)
• 9e88cdf add extra data to github detector (#1909)
• cd9c1ae fixed gist direct link generation (#2115)

v3.63.1

Changelog

• d69de65 fix nil map assignment (#2117)