| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: gitleaks | Distribution: openSUSE Tumbleweed |
| Version: 8.27.0 | Vendor: openSUSE |
| Release: 1.1 | Build date: Sun Jun 1 21:05:53 2025 |
| Group: Unspecified | Build host: reproducible |
| Size: 16315255 | Source RPM: gitleaks-8.27.0-1.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://github.com/gitleaks/gitleaks | |
| Summary: Protect and discover secrets using Gitleaks | |
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos. Gitleaks is an easy-to-use, all-in-one solution for detecting secrets, past or present, in your code.
MIT
* Sun Jun 01 2025 Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 8.27.0:
* Archive Scanning
Sometimes secrets are packaged within archive files like zip
files or tarballs, making them difficult to discover. Now you can
tell gitleaks to automatically extract and scan the contents of
archives. The flag --max-archive-depth enables this feature for
both dir and git scan types. The default value of "0" means this
feature is disabled by default.
Recursive scanning is supported since archives can also contain
other archives. The --max-archive-depth flag sets the recursion
limit. Recursion stops when there are no new archives to extract,
so setting a very high max depth just sets the potential to go
that deep. It will only go as deep as it needs to.
The findings for secrets located within an archive will include
the path to the file inside the archive. Inner paths are
separated with !. This means a secret was detected on line 4 of
files/.env.prod. which is in archives/files.tar which is in
testdata/archives/nested.tar.gz.
Currently supported formats:
The compression and archive formats supported by mholt's
archives package are supported.
* Changelog
- Archive support (#1872)
- Update README.md
- Reduce aws-access-token false positives (#1876)
- Set `pass_filenames` to `false` for Docker hook (#1850)
- unicode decoding (#1854)
- Diagnostics (#1856)
- chore: include decoder in debug log (#1853)
* Tue May 13 2025 Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 8.26.0:
Changelog
- 78eebac Percent/URL Decoding Support (#1831)
- 6f967ca fix(kubernetes): remove slow element from pat (#1848)
- 88f56d3 feat: identify slow file (#1479)
- 9609928 rm 1password detect test since we test it in cfg gen
- 23cb69f feat(rules): Add 1Password secret key detection (#1834)
Calling this one @bplaxco's release as he introduced a really
clever method for mixed decoding without sacrificing too much
performance. As I stated in his PR, I think he's either a wizard
or some time traveling AI. Dude is wicked smaht
Anyways, Gitleaks now supports the following decoders: hex,
percent(url enconding), and b64. It's relatively straight forward
to add a new decoder so if you're motivated, community
contributions are welcomed!
Here's an example:
https://github.com/gitleaks/gitleaks/releases/tag/v8.26.0
* Wed Apr 30 2025 Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 8.25.1:
* fix(detect): test all allowlists (#1845)
* Tue Apr 29 2025 Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 8.25.0:
* feat(config): define multiple global allowlists (#1777)
* feat(rules): Add Perplexity AI API key detection (#1825)
* feat(gcp): increase rule entropy (#1840)
* Adding clickhouse scanner (#1826)
* fix(baseline): work with --redact (#1741)
* feat(rule): validate & sort rule when generating (#1817)
* Fri Apr 11 2025 Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 8.24.3:
* Add support for GitLab Runner Tokens (Routable) (#1820)
* bump repo version in pre-commit example (#1815)
* Fix currentLine out of bounds error (#1810)
* add support for Azure DevOps platform in SCM detection and link
(#1807)
* Add MaxMind license key rule (#1771)
* implement new openai regex pattern (#1780)
* A first attempt adding hooks.slack.com/triggers/ (#1792)
* feat(generic): tweak false-positives (#1803)
* chore: tweak logging and readme for GITLEAKS_CONFIG_TOML
feature (#1802)
* feat: add option to set config from env var with toml content
(#1662)
* Sat Mar 22 2025 opensuse_buildservice@ojkastl.de
- Update to version 8.24.2 (8.24.1 was not released):
* Fix platform flag being ignored with gitleaks detect by @rgmz
in #1765
* Make AddFinding public by @bplaxco in #1767
* FIX upgrade x/crypto to 0.31.0 to get rid of CVE-2024-45337 by
@cgoessen in #1768
* Upgrade rs/zerolog, spf13/cobra, and spf13/viper by @rgmz in
[#1769]
* Infer report-format from report-path extension if no value is
provided by @rgmz in #1776
* generic-api-key: ignore csrf-tokens by @rgmz in #1779
* Prevent Yocto/BitBake false positives with generic-api-key rule
by @Okeanos in #1783
* Fix decoded line allowlist by @zricethezav in #1788
* Readme badge revisions by @jessp01 in #1744
* feat(regexp): use standard regexp by default, make go-re2
opt-in by @twpayne in #1798
* gore2 release tags by @zricethezav in #1801
* Thu Feb 20 2025 opensuse_buildservice@ojkastl.de
- Update to version 8.24.0:
* Make paths and fingerprints platform-agnostic (#1622)
* Add Sonar rule (#1756)
* Minor false positive improvements (#1758)
* Add support for streaming DetectReader (#1760)
* chore: Update github.com/wasilibs/go-re2 to v1.9.0 (#1763)
* docs: describe extended rules take precedence over base rules
(#1563)
* feat(git): disable link generation (#1748)
* added sourcegraph token rule (#1736)
* feat(config): add rule for .p12 files (#1738)
* add deno.lock to default exclusions (#1740)
* Thu Jan 30 2025 opensuse_buildservice@ojkastl.de
- Update to version 8.23.3:
* Don't exit with error if git repacking is required (#1711)
* refactor(config): use non-capture groups for allowlists (#1735)
* chore: Enhance `curl-auth-user` to detect empty usernames or
passwords (#1726)
* fix(cmd): read log-opts before GitLogCmd (#1730)
* Sat Jan 25 2025 opensuse_buildservice@ojkastl.de
- Update to version 8.23.2:
* facebook keyword
* fix(meraki): restrict keyword case (#1722)
* feat(generic-api-key): detect base64 (#1598)
* great branch name (#1721)
* fix(git): remove .git suffix for links (#1716)
* chore: refine generic-api-key fps + trace logging (#1720)
* fix(generate): move newline out of char range (#1719)
* newline literal (#1718)
* build: support either stdlib or 3rd-party regexp (#1706)
* chore(detect): update trace logging (#1713)
* feat(git): redact passwords from remote URL (#1709)
* feat(git): include link in report (#1698)
* chore: reduce generic-api-key fps (#1707)
* blorp
* added new rule for cisco meraki api key (#1700)
* feat: general fp tweaks (#1703)
* chore(generate): use \x60 instead of literal (#1702)
* chore(regex): simplify secretPrefix, suffix (#1620)
* update version for pre-commit in README.md (#1699)
* Wed Jan 15 2025 opensuse_buildservice@ojkastl.de
- Update to version 8.23.1:
* chore(gcp): add firebase example keys to the gcp-api-key
allowlists (#1635)
* fix: unaligned 64-bit atomic operation panic (#1696)
* force push to master everyday
* feat(config): disable extended rule (#1535)
* style: prevent globbing and word splitting (#1543)
* refactor(generic-api-key): remove hard-coded 'magic' (#1600)
* chore(generate): add failing test case (#1690)
* Mon Jan 13 2025 opensuse_buildservice@ojkastl.de
- Update to version 8.23.0:
* feat(generate): use multiple allowlists (#1691)
* chore(rules): include fps in reference (#1471)
* Add comma as operator for GenerateSemiGenericRegex (#1679)
* refactor: central logger (#1692)
* friendship ended with tines
* Tue Dec 31 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.22.1:
* Entropy trace (#1659)
* build: add 'toolchain' to go.mod (#1682)
* refactor(detect): create readUntilSafeBoundary + add tests
(#1676)
* twitter really does suck ass now
* chore(tests): test cases for generate.go (#1623)
* fix: only use non-empty secret groups (#1632)
* build: upgrade sprig v2->v3 (#1674)
* fix: generate report file even if no findings (#1673)
* Sat Dec 21 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.22.0:
* replace std library regex engine with go-re2 (#1669)
* Sat Dec 21 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.21.4:
* Update golang version to 1.23 (#1672)
* bump go in dockerfile
* log bytes (#1670)
* Fri Dec 20 2024 Johannes Kastl <opensuse_buildservice@ojkastl.de>
- add completion subpackages
* Fri Dec 20 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.21.3:
* go mod 1.23
* Ensure keywords are downcased (#1633)
* feat: add settlemint api keys detection (#1663)
* feat(dir): better chunking (#1665)
* feat(report): allow user-defined templates (#1650)
* Add support for GitLab routable tokens (#1656)
* Add freemius secret key detection (#1611)
* fix(kubernetes): only match 'kind: secret' (#1649)
* feat: use STDOUT when report file not specified (#1642)
* fix(dir): skip opening file&dir if allowlist matches (#1653)
* fix: increase chunk size 10kb -> 100kb (#1652)
* feat: detect sentry.io tokens in the new format (#1640)
* refactor: pre-commit hooks (#1627)
* fix(easypost): only detect tokens of correct length (#1628)
* feat(dir): continue on permission error (#1621)
* Add human readable description for curl rules (#1625)
* Add option to include `Line` field in report (#1616)
* hm
* Update README.md
* nop for stupid build
* Add new jira api token pattern (#1601)
* feat: update global & generic allowlist (#1618)
* fix(vault-service-token): ensure that TPS contains digits
(#1614)
* Generate comprehensive secret samples (#1484)
* fix(aws): detect token in url (#1615)
* fix(rules): entropy, uppercase in samples (#1593)
* feat: tweak rules (#1608)
* Tue Oct 29 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.21.2:
* feat(rules): create Octopus Deploy api key (#1602)
* fix(aws-access-token): only match if correct length (#1584)
* fix(config): ignore jquery/swagger w/o version (#1607)
* feat: add new GitLab tokens (#1560)
* feat(generic-api-key): tune false positives (#1606)
* Create .gitleaks.toml (#1605)
* feat(curl): tweak tps and fps (#1603)
* feat(config): ignore swagger-ui assets (#1604)
* feat(generic-api-key): exclude keywords (#1587)
* feat(okta): bump entropy to 4 (#1599)
* feat: update global allowlist (#1597)
* refactor(allowlist): deduplicate commits & keywords (#1596)
* feat(config): ignore jquery static assets (#1595)
* More rule fixes (#1586)
* chore: log skipped symlinks (#1591)
* feat: match left side of identifier (#1585)
* what secrets?
* fix(rules): add entropy (#1580)
* feat(aws): add entropy & allowlist (#1582)
* feat(rules): add 1password token (#1583)
* feat(config): add curl header rule (#1576)
* Fri Oct 18 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.21.1:
* feat: add curl basic auth rule (#1575)
* Update spelling in README.md (#1574)
* refactor(allowlist): use iota for condition (#1569)
* refactor(config): temporarily switch to [rules.allowlist]
(#1573)
* Tue Oct 15 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.21.0:
* Define multiple allowlists per rule (#1496)
* build: upgrade gitleaks/go-gitdiff to v0.9.1 (#1559)
* Fix rule extension (#1556)
* Update base config allowlist (#1555)
* feat(azure): detect Azure AD client secrets (#1199)
* chore: match gitleaks.toml anywhere (#1553)
* Fri Oct 11 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.20.1:
* feat(config): add placeholder regexes to global allowlist
(#1547)
* feat: add PrivateAI rule (#1548)
* Bump golang verion used in docker build to match version
specified in go.mod (#1551)
* feat: add cohere rule (#1549)
* feat(generate): generate global (#1546)
* Feat/nuget config password rule (#1540)
* Fri Oct 04 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.20.0:
* Make private key check less greedy and include fifth dash
(#1440)
* print tags if they exist
* Decode Base64 (#1488)
* refactor(config): keyword map (#1538)
* fix: use regexTarget for extend config (#1536)
* feat: bump go to 1.22 (#1537)
* fix: handle pre-commit and staged (#1533)
* Bugfix/1352 incorrect report multiple lines (#1501)
* Fri Sep 27 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.19.3:
* fix(config): extend allowlist & handle extend when validating
(#1524)
* refactor(kubernetes-secret): tweak variable chars (#1520)
* Revert "remove validate config test temporarily" (#1529)
* feat: create fly.io rule (#1528)
* fix: to many false-positive for gltf files, add gltf suffix to
allowlist (#1527)
* Add support in .gitleaksignore file comment strings (#1425)
(#1502)
* Restrict Etsy keywords (#1491)
* feat(github): add entropy to rule (#1489)
* feat(gcp): update api key rule (#1481)
* fix(hashicorp): ignore common fps (#1498)
* fix(square): make prefix case sensitive (#1469)
* refactor(kubernetes-secret): collapse rules and update regex
(#1462)
* Sat Sep 21 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.19.2:
* fix(rule): comment out errant validation case (#1509)
* remove validate config test temporarily
* Update README.md
* Sat Sep 14 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.19.1:
* fix flag access (#1506)
* Sat Sep 14 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.19.0:
* Deprecate `detect` and `protect`. Add `git`, `dir`, `stdin`
(#1504)
* Update Harness rules to add _ and - in the account ID part.
(#1503)
* chore: fix gl workflow error (#1487)
* Make config generation utils public (#1480)
* Update Hashicorp Vault token pattern (#1483)
* feat(config): update rule validation (#1466)
* Update .gitleaksignore
* fix(detect): handle EOF with bytes (#1472)
* Added poetry.lock to default allowlist paths (#1474)
* refactor(sarif): remove |name| and change |shortDescription|
(#1473)
* Use rule id for config validation error (#1463)
* Use first non-empty group if `secretGroup` isn't set (#1459)
* chore: remove unnecessary capture groups (#1460)
* Return non-0 exit code from `DetectGit` (#1461)
* add gradle verification-metadata.xml to global allowlist
(#1446)
* feat(openshift): add user token (#1449)
* (feat): Adding secret detection rule for Kubernetes secrets
(#1454)
* add version to default
* Add go.work and go.work.sum to global allowlist (#1353)
* Add harness PAT and SAT rules (#1406)
* Update README.md
* Fri Jun 14 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.18.4:
* Limit hashicorp-tf-password to .tf/.hcl files (#1420)
* rm print
* reduce telegram... todo url and xml for later
* coderabbit.ai <3
* Add NewRelic insert key detection (#1417)
* Improved Telegram bot token rule regex and added more test
cases (#1404)
* Add intra42 client secret (#1408)
* Sat Jun 01 2024 opensuse_buildservice@ojkastl.de
- Update to version 8.18.3:
* extend FB access token discovery (#1407)
* tests: scalingo validation consistent test (#1359)
* add real (test) standard and restricted keys (#1375)
* Add Cloudflare API and Origin CA keys (#1374)
* Update "contributing guidelines" link (#1390)
* add update token from square (#1370)
* feat: facebook secret, access token, and page access token
rules (#1372)
* update mailchimp with new tokens (#1376)
* Append ordered rules when extending (#1304)
* fix: age rule id with dashes (#1349)
* patching golang.org/x/text for CVE-2021-38561 and
CVE-2022-32149 (#1342)
* Use latest base images. (#1334)
* Sun May 05 2024 Andreas Stieger <andreas.stieger@gmx.de>
- Update to version 8.18.2:
* Remove IAM identifiers for non-credential resources in the
aws-access-token rule
* Update stripe rule to not alert on publishable keys
* --max-target-megabytes flag now supported for --no-git flag as
well
* add pre-commit hook gitleaks-system
* fix errors when using protect and an external git diff tool
* rename filesystem to directory
* Enhance Secret Descriptions
* Small refactor `detect` and `sources`
* chore(config): refactor to go generate; simplify configRules
init
* pretty apparent 'protect' and 'detect' should be merged into
one command
* style: sort the stopwords
* Sat Nov 25 2023 Dirk Müller <dmueller@suse.com>
- update to 8.18.1:
* dont crash on 100gb files pls (#1292)
* remove secretgroup from default config (#1288)
* feat: Hashicorp Terraform fields for password (#1237)
* perf: avoid allocations with
`(*regexp.Regexp).MatchString` (#1283)
* refactor: more explicit rules (#1280)
* bugfix: reduce false positives for stripe tokens by
using word boundaries in regex (#1278)
* add Infracost API rule (#1273)
* refactor: simplify test asserts (#1271)
* Update Makefile
* refactor: change detect tests to t.Fatal instead of
log.Fatal (#1270)
* feat(rules): Add detection for Scalingo API Token
(#1262)
* feat(jwt): detect base64-encoded tokens (#1256)
* feat: add --ignore-gitleaks-allow cmd flag (#1260)
* switch out libs (#1259)
* fix: no-color option should also affect zerolog
(#1242)
* Fixed lineEnd indexing if the match is the whole line
(#1223)
* feat: Add optional redaction value, default 100
(#1229)
* fix(jwt): longer segment lengths (#1214)
* Added yarn.lock file to default allowlist paths
(#1258)
* Update README.md
* feat(rules): make case insensitivity optional (#1215)
* feat(rules): detect Hugging Face access tokens
* Resolve #1170 - Enable selection of a single rule
(#1183)
* Update authress.go to include alternate form account
dash (-) (#1224)
* refactor: remove unnecessary removing temp files in
tests (#1255)
* refactor: use os.ReadFile instead of os.Open +
io.ReadAll (#1254)
* fix(sumologic): improve patterns (#1218)
* Fix inconsistent generated values in config
* feat: add JFrog API and Identity keys
* Add entropy check to plaid client/secret ID rules
* Update config template logic
* Include entropy in Plaid rule file
* refactor: fix #722 properly
* Add `REDACTED` to stopwords for `generic-api-key` rule
* Add detection for Snyk tokens
* Add makefile variable detections
* chore: update deps to fix solaris #1158
* Add junit report format
* Ignore all comits when `.gitleaksignore` fingerprint lacks
SHA
* Improved global exclusion list
* Add detection for OpenAI API keys
* Add warning for quoted `--log-opts` values
* Fixed docker run command in README.md
* add tags support for csv and sarif formats
* Update Slack token regexes
* Sat Nov 25 2023 dmueller@suse.com
- Update to version 8.18.1:
* dont crash on 100gb files pls (#1292)
* remove secretgroup from default config (#1288)
* feat: Hashicorp Terraform fields for password (#1237)
* perf: avoid allocations with `(*regexp.Regexp).MatchString` (#1283)
* refactor: more explicit rules (#1280)
* bugfix: reduce false positives for stripe tokens by using word boundaries in regex (#1278)
* add Infracost API rule (#1273)
* refactor: simplify test asserts (#1271)
* Update Makefile
* refactor: change detect tests to t.Fatal instead of log.Fatal (#1270)
* feat(rules): Add detection for Scalingo API Token (#1262)
* feat(jwt): detect base64-encoded tokens (#1256)
* feat: add --ignore-gitleaks-allow cmd flag (#1260)
* switch out libs (#1259)
* fix: no-color option should also affect zerolog output (#1242)
* Fixed lineEnd indexing if the match is the whole line (#1223)
* feat: Add optional redaction value, default 100 (#1229)
* fix(jwt): longer segment lengths (#1214)
* Added yarn.lock file to default allowlist paths (#1258)
* Update README.md
* feat(rules): make case insensitivity optional (#1215)
* feat(rules): detect Hugging Face access tokens (#1204)
* Resolve #1170 - Enable selection of a single rule (#1183)
* Update authress.go to include alternate form account dash (-) (#1224)
* refactor: remove unnecessary removing temp files in tests (#1255)
* refactor: use os.ReadFile instead of os.Open + io.ReadAll (#1254)
* fix(sumologic): improve patterns (#1218)
* refactor: fix #722 properly (#1250)
* fix(plaid): include entropy in go definition (#1252)
* feat(config): update template logic (#1201)
* Add entropy check to plaid client/secret ID rules (#1213)
* feat: add JFrog API and Identity keys (#1233)
* chore(config): fix inconsistent generated values (#1200)
* Revert "Initial set of Azure secrets for #539 (#1079)" (#1197)
* Initial set of Azure secrets for #539 (#1079)
* feat(slack): update token regex (#1161)
* add tags support for csv and sarif formats (#1176)
* Fixed docker run command in README.md (#1194)
* feat: add warning for quoted --log-opts values (#1160)
* Add detection for OpenAI API keys (#1148)
* Add some useless files (#1193)
* add tests for commits
* fix broken vet, format some stuff
* add some gl ignores
* Ignore all comits when `.gitleaksignore` fingerprint lacks SHA (#1156)
* Add junit report format (#920)
* chore: update deps to fix solaris link (#1159)
* Add makefile variable detections (#1191)
* Add detection for Snyk tokens (#1190)
* Add `REDACTED` to stopwords for `generic-api-key` rule (#1188)
* Added option to specify .gitleaksignore path (#1179)
* Fix closing file in writeJson and writeSarif (#1187)
* Simplify tests by using T.TempDir (#1186)
* Fix typos in *.md, comments and logs (#1185)
* Update README.md
* Update bug_report.md
* Adding discord channel to readme
* 🐛 fix(sarif): update report to pass validator (#1167)
* fix(detect): extra secret from group before checking allowlist (#1152)
* Fix G307 warning: Deferring unsafe method "Close" on type "*os.File" (#1154)
* fix(detect): avoid panic with verbose flag (#1143)
* Fix typo (#1142)
* No color (#1136)
* Update README.md
* safer out of bounds (#1135)
* Add Authress access key format: https://authress.io/knowledge-base/docs/authorization/service-clients/secrets-scanning/ (#1131)
* Update pre-commit address and rev tag in README (#1125)
* Update gitleaks.yml
* Update README.md
* Update README.md
* Update .gitleaksignore
* Bufix/1100 protect stagged files (#1121)
* remove extra default on source option
* fix README.md !? (#1123)
* Improve rule descriptions for Stripe and Facebook access tokens (#1119)
* Add Defined Networking API Tokens (#1096)
* Update gitleaks.toml (#1116)
* Update gitleaks.yml (#1117)
* Add gradle.lockfile to allowlist (#1112)
* Update pre-commit rev tag in README (#1108)
* Add pnpm-lock.yaml and Database.refactorlo (#1109)
* Mon Mar 13 2023 Johannes Kastl <kastl@b1-systems.de>
- BuildRequire go1.19; fix wrong URL and Summary
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.16.0:
* Feat/allowlist regex target (#1107)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.15.4:
* ignore package-lock.json (#1076)
* Fix typos in README.md and CONTRIBUTING.md (#1090)
* fix: ignore baseline if path was not relative in source (#1101)
* Fix H in GitHub and update pre-commit rev tag in README (#1087)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.15.3:
* Add missing GitLab token patterns (#1077)
* Fix rule for private keys (#1072)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.15.2:
* remove color formatting when #1042 is encountered (#1050)
* Update README.md
* adding jwt tokens with padding format "=" (#1031)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.15.1:
* include default newline pairs when calculating location (#1038)
* Add rule for fine-grained GitHub PAT (#1026)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.15.0:
* Add scanning from a pipe with --pipe (#1012)
* add a few fingerprints for test data
* Add support for following symlinks (#1010)
* fix bug in readme (#1011)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.14.1:
* define log-opts, odd that this wasn't failing before... (#1009)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.14.0:
* add --max-target-megabytes : maximum size for a file/blob to be
scanned (#1003)
* Update USERS.md
* Update .gitleaksignore
* Update README.md
* Add detection rules for DigitalOcean tokens (#1002)
* docs: add Trendyol to users (#998)
* docs: added goreleaser to user list (#997)
* Update USERS.md (#996)
* Create USERS.md
* Exclude dacpac refactorlogs (#990)
* Output number of commits at info-level. (#991)
* Detect Slack Workflow Webhook URLs (#989)
* Upgrade go version to 1.19 (#987)
* Minor cleanup to error handling and logging (#985)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.13.0:
* Update README.md
* Update .gitleaksignore
* Update README.md
* Adding quiet mode to silence banner (#852)
* Issue #980: Add support for Telegram Bot API Token (#981)
* add rule for microsoft teams webhooks (#970)
* Add baseline (#975)
* Add pre-commit autoupdate command to README.md (#978)
* refactor: more precise rule for private keys (#930)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.12.0:
* update gitleaksignore
* add fingerprint to output
* Pretty output (#973)
* Update version in readme file (#972)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.11.2:
* ignore empty files (#965)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.11.1:
* Add grafana tokens rules (#959)
* add prefect and readme rules (#961)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.11.0:
* draft: bump gitdiff, add git.Err state, better log messages
(#954)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.10.3:
* Feat/add fingerprint no git (#952)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.10.2:
* safe file checking (#946)
* Update README.md
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.10.1:
* Explicit fingerprint (#944)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.10.0:
* add two test findings to gitleaksignore
* Feat/ignore finding (#938)
* add jwt rule (#943)
* bump golang test version (#942)
* gitleaks allow docs (#941)
* Add new rules for vault tokens (#919)
* Feature/add sidekiq rules (#933)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.9.0:
* update readme
* add url for config
* Feature: Adding the ability to extend configuration files (#926)
* Add fix for issue #915 (#916)
* Update README.md
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.12:
* Update README.md
* Update README.md
* adding access to generic rule keywords and identifiers
* Fix proper names capitalization (#907)
* Add multi platform build (#897)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.11:
* update twitter rule generation description and id
* capitilze twitter description
* adding travis ci
* Fix id and description for twitter tokens (#905)
* Adding okta, codecov, zendesk, and updating Atlassian's rule to
include `jira` keyword (#904)
* Fix Plaid, add Plaid access token (#903)
* adding airtable and adafruit (#902)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.10:
* Fixes accidental type typos while translating rules from
validation spreadsheet, adds bittrex rule
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.9:
* Remove ssn allowlist (#898)
* Adding a bunch of new rules, update allowlist to include
node_modules… (#896)
* contributing guidelines first draft (#895)
* Lint python commit script to satisfy PEP8 (#893)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.8:
* Update generate (#892)
* maintain parity with recent changes... need to create rule
contributing guidelines (#891)
* Fix duplicate TOML Rules and IDs (#889)
* Update README.md
* Update gitleaks.yml
* Update README.md
* user accounts don't need gitleaks license
* Update README.md
* Add gitleaks badge
* Create gitleaks.yml (#884)
* add link to gitleaks.io
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.7:
* fix git unsafe directory (#883)
* Limit newlines regex (#881)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.6:
* add combo to stopwords, update cmd/generate
* Fix generic-api-key detected erroneously
(zricethezav#877) (#878)
* ignore end line when comparing generic rules (#879)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.5:
* updating generic regex and algoia regex (#875)
* feat: add algolia key support (#866)
* Improve PlanetScale token detection (#874)
* Update README.md
* Adding JIT Security messages
* Update README.md
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.4:
* fix no-git bug (#859)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.3:
* Removing private keyword from private key rule (#858)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.2:
* nasty little bug (#853)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.1:
* adding a ton of stopwords to the generic rule only as that is
the loudest rule (#851)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.8.0:
* adding stopwords (#849)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.7.2:
* Update dockerfile (#848)
* fix EOL in secret suffix (#847)
* unpin docker version in pre-commit hook (#832)
* Generate tps (#845)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.7.1:
* maybe fix out of bounds (#843)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.7.0:
* optimize keywords (#841)
* Update detect.go (#839)
* Standardize/alphabetize rules, add cmd/generate/config package
(#840)
* fix ghcr.io typo in README.md (#835)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.6.1:
* normalize keyword check (#830)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.6.0:
* Keyword (#825)
* doc gitleaks-docker pre-commit hook (#819)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.5.3:
* skip content checks for path only rules
* use official docker image as pre-commit hook (#818)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.5.2:
* remove stopwords from global allowlist
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.5.1:
* detect: skip binary files with --no-git (#810)
* fixing a location off by one edge case for --no-git (#812)
* Update README.md
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.5.0:
* Allow tag (#809)
* Stop words (#808)
* Refactor `detect`, add `entropy` to all findings (#804)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.4.0:
* commenting out git tests, will need to revisit eventually
* commenting out flaky test for now
* go mod tidying
* more comments
* adding git test again
* handle goimports/go vet warnings
* more tests
* more cleaningup
* maintaining parity between current master
* more bug
* cleanup
* more cleaning up
* getting some tests working
* regular git scan parity
* init
* Escape - character in regex character groups (#802)
* adding go mod/sum to ignore (#797)
* GitLab pats may contain underscores as well as dashes (#794)
* Mon Mar 13 2023 kastl@b1-systems.de
- Update to version 8.3.0:
* ignore k8s apiVersion in generic-api-key pattern (#760)
* build: updates for go1.17 (#769)
* allow non-last-element secret groups (#792)
* fixing segfault when using a rule with only a path (#791)
* Fix: Typo in LinkedIn id (#789)
* Fix vendor name casing, Flutterwave typo (#785)
* Sarif results with empty rules now represents as [] instead of
null/nil (#786)
* Fix typos in README.md (#780)
* Sun Feb 13 2022 Johannes Kastl <kastl@b1-systems.de>
- first version of package gitleaks at 8.2.7
/usr/bin/gitleaks /usr/share/doc/packages/gitleaks /usr/share/doc/packages/gitleaks/README.md /usr/share/licenses/gitleaks /usr/share/licenses/gitleaks/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Jun 7 23:46:30 2025