Skip to content

Update pre-commit-dependencies

RENOVATE_GITLAB_TOKEN requested to merge renovate/pre-commit-dependencies into main

This MR contains the following updates:

Package Type Update Change
adrienverge/yamllint repository minor v1.26.3 -> v1.31.0
compilerla/conventional-pre-commit repository minor v1.3.0 -> v1.4.0
golangci/golangci-lint repository minor v1.46.2 -> v1.52.2
pre-commit/pre-commit minor 3.1.1 -> 3.3.2
pre-commit/pre-commit-hooks repository minor v4.2.0 -> v4.4.0
zricethezav/gitleaks repository minor v8.9.0 -> v8.16.3

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

Release Notes

adrienverge/yamllint

v1.31.0

Compare Source

v1.30.0

Compare Source

v1.29.0

Compare Source

v1.28.0

Compare Source

v1.27.1

Compare Source

v1.27.0

Compare Source

compilerla/conventional-pre-commit

v1.4.0

Compare Source

What's Changed

New Contributors

Full Changelog: https://github.com/compilerla/conventional-pre-commit/compare/v1.3.0...v1.4.0

golangci/golangci-lint

v1.52.2

Compare Source

  1. updated linters
    • tparallel: from 0.3.0 to 0.3.1
  2. misc.
    • fix: pre-commit require_serial and pass_filenames

v1.52.1

Compare Source

  1. misc.
    • fix: improve panic management
    • fix: the combination of --fix and --path-prefix

v1.52.0

Compare Source

  1. updated linters
    • asciicheck: from 0.1.1 to 0.2.0
    • bidichk: from 0.2.3 to 0.2.4
    • contextcheck: from 1.1.3 to 1.1.4
    • dupword: from 0.0.9 to 0.0.11
    • durationcheck: from 0.0.9 to 0.0.10
    • errchkjson: from 0.3.0 to 0.3.1
    • errname: from 0.1.7 to 0.1.9
    • forbidigo: from 1.4.0 to 1.5.1
    • gci: from 0.9.1 to 0.10.1
    • ginkgolinter: from 0.8.1 to 0.9.0
    • go-critic: from 0.6.7 to 0.7.0
    • go-errorlint: from 1.1.0 to 1.4.0
    • godox: bump to HEAD
    • lll: skip go command
    • loggercheck: from 0.9.3 to 0.9.4
    • musttag: from 0.4.5 to 0.5.0
    • nilnil: from 0.1.1 to 0.1.3
    • noctx: from 0.0.1 to 0.0.2
    • revive: from 1.2.5 to 1.3.1
    • rowserrcheck: remove limitation related to generics support
    • staticcheck: from 0.4.2 to 0.4.3
    • testpackage: from 1.1.0 to 1.1.1
    • tparallel: from 0.2.1 to 0.3.0
    • wastedassign: remove limitation related to generics support
    • wrapcheck: from 2.8.0 to 2.8.1
  2. misc.
    • Add TeamCity output format
    • Consider path prefix when matching path patterns
    • Add Go version to version information
  3. Documentation
    • Add Tekton in Trusted By page
    • Clarify that custom linters are not enabled by default
    • Remove description for deprecated "go" option

v1.51.2

Compare Source

  1. updated linters
    • forbidigo: from 1.3.0 to 1.4.0
    • gci: from 0.9.0 to 0.9.1
    • go-critic: from 0.6.5 to 0.6.7
    • go-errorlint: from 1.0.6 to 1.1.0
    • gosec: from 2.14.0 to 2.15.0
    • musttag: from 0.4.4 to 0.4.5
    • staticcheck: from 0.4.0 to 0.4.2
    • tools: from 0.5.0 to 0.6.0
    • usestdlibvars: from 1.21.1 to 1.23.0
    • wsl: from 3.3.0 to 3.4.0
    • govet: enable timeformat by default
  2. misc.
    • fix: cache status size calculation
    • add new source archive
  3. Documentation
    • Improve installation section
    • Replace links to godoc.org with pkg.go.dev

v1.51.1

Compare Source

  1. updated linters
    • ginkgolinter: from 0.7.1 to 0.8.1
    • ineffassign: bump to HEAD
    • musttag: from 0.4.3 to 0.4.4
    • sqlclosecheck: from 0.3.0 to 0.4.0
    • staticcheck: bump to v0.4.0
    • wastedassign: from 2.0.6 to 2.0.7
    • wrapcheck: from 2.7.0 to 2.8.0

v1.51.0

Compare Source

  1. new linters
  2. updated linters
    • bodyclose: to HEAD
    • dupword: from 0.0.7 to 0.0.9
    • errcheck: from 1.6.2 to 1.6.3
    • exhaustive: from 0.8.3 to 0.9.5
    • exportloopref: from 0.1.8 to 0.1.11
    • gci: from 0.8.1 to 0.9.0
    • ginkgolinter: from 0.6.0 to 0.7.1
    • go-errorlint: from 1.0.5 to 1.0.6
    • go-ruleguard: from 0.3.21 to 0.3.22
    • gocheckcompilerdirectives: from 1.1.0 to 1.2.1
    • gochecknoglobals: from 0.1.0 to 0.2.1
    • gomodguard: from 1.2.4 to 1.3.0
    • gosec: from 2.13.1 to 2.14.0
    • govet: Add timeformat to analysers
    • grouper: from 1.1.0 to 1.1.1
    • musttag: from 0.4.1 to 0.4.3
    • revive: from 1.2.4 to 1.2.5
    • tagliatelle: from 0.3.1 to 0.4.0
    • tenv: from 1.7.0 to 1.7.1
    • unparam: bump to HEAD
    • usestdlibvars: from 1.20.0 to 1.21.1
    • wsl: fix force-err-cuddling flag
  3. misc.
    • go1.20 support
    • remove deprecated linters from presets
    • Build NetBSD binaries
    • Build loong64 binaries
  4. Documentation
    • goimport: improve documentation for local-prefixes
    • gomnd: add missing always ignored functions
    • nolint: fix typo
    • tagliatelle usage typo
    • add note about binary requirement for plugin
    • cache preserving and colored output on docker runs
    • improve documentation about debugging.
    • improve Editor Integration section
    • More specific default cache directory
    • update output example to use valid checkstyle example; add json example

v1.50.1

Compare Source

  1. updated linters
    • contextcheck: from 1.1.2 to 1.1.3
    • go-mnd: from 2.5.0 to 2.5.1
    • wrapcheck: from 2.6.2 to 2.7.0
    • revive: fix configuration parsing
    • lll: skip imports
  2. misc.
    • windows: remove redundant character escape '/'
    • code-climate: add default severity

v1.50.0

Compare Source

  1. new linters
  2. updated linters
    • contextcheck: change owner
    • contextcheck: from 1.0.6 to 1.1.2
    • depguard: from 1.1.0 to 1.1.1
    • exhaustive: add missing config
    • exhaustive: from 0.8.1 to 0.8.3
    • gci: from 0.6.3 to 0.8.0
    • go-critic: from 0.6.4 to 0.6.5
    • go-errorlint: from 1.0.2 to 1.0.5
    • go-reassign: v0.1.2 to v0.2.0
    • gofmt: add option rewrite-rules
    • gofumpt from 0.3.1 to 0.4.0
    • goimports: update to HEAD
    • interfacebloat: fix configuration loading
    • logrlint: rename logrlint to loggercheck
    • paralleltest: add tests of the ignore-missing option
    • revive: from 1.2.3 to 1.2.4
    • usestdlibvars: from 1.13.0 to 1.20.0
    • wsl: support all configs and update docs
  3. misc.
    • Normalize exclude-rules paths for Windows
    • add riscv64 to the install script
  4. Documentation
    • cli: remove reference to old service

v1.49.0

Compare Source

IMPORTANT: varcheck and deadcode has been removed of default linters.

  1. new linters
  2. updated linters
    • go-colorable: from 0.1.12 to 0.1.13
    • go-critic: from 0.6.3 to 0.6.4
    • go-errorlint: from 1.0.0 to 1.0.2
    • go-exhaustruct: from 2.2.2 to 2.3.0
    • gopsutil: from 3.22.6 to 3.22.7
    • gosec: from 2.12.0 to 2.13.1
    • revive: from 1.2.1 to 1.2.3
    • usestdlibvars: from 1.8.0 to 1.13.0
    • contextcheck: from v1.0.4 to v1.0.6 && re-enable
    • nosnakecase: This linter is deprecated.
    • varcheck: This linter is deprecated use unused instead.
    • deadcode: This linter is deprecated use unused instead.
    • structcheck: This linter is deprecated use unused instead.
  3. documentation
    • revive: fix wrong URL
    • Add a section about default exclusions
    • usestdlibvars: fix typo in documentation
    • nolintlint: remove allow-leading-space option
    • Update documentation and assets
  4. misc.
    • dev: rewrite the internal tests framework
    • fix: exit early on run --version
    • fix: set an explicit GOROOT in the Docker image for go-critic

v1.48.0

Compare Source

  1. new linters
  2. updated linters
    • contextcheck: disable linter
    • errcheck: from 1.6.1 to 1.6.2
    • gci: add missing custom-order setting
    • gci: from 0.5.0 to 0.6.0
    • ifshort: deprecate linter
    • nolint: drop allow-leading-space option and add "nolint:all"
    • revgrep: bump to HEAD
  3. documentation
    • remove outdated info on source install
  4. misc
    • go1.19 support

v1.47.3

Compare Source

  1. updated linters:
    • remove some go1.18 limitations
    • asasalint: from 0.0.10 to 0.0.11
    • decorder: from 0.2.2 to v0.2.3
    • gci: fix panic with invalid configuration option
    • gci: from 0.4.3 to v0.5.0
    • go-exhaustruct: from 2.2.0 to 2.2.2
    • gomodguard: from 1.2.3 to 1.2.4
    • nosnakecase: from 1.5.0 to 1.7.0
    • honnef.co/go/tools: from 0.3.2 to v0.3.3
  2. misc
    • cgo: fix linters ignoring CGo files

v1.47.2

Compare Source

  1. updated linters:
    • revive: ignore slow rules

v1.47.1

Compare Source

  1. updated linters:
    • gci: from 0.4.2 to 0.4.3
    • gci: remove the use of stdin
    • gci: fix options display
    • tenv: from 1.6.0 to 1.7.0
    • unparam: bump to HEAD

v1.47.0

Compare Source

  1. new linters:
  2. updated linters:
    • decorder: from 0.2.1 to 0.2.2
    • errcheck: from 1.6.0 to 1.6.1
    • errname: from 0.1.6 to 0.1.7
    • exhaustive: from 0.7.11 to 0.8.1
    • gci: fix issues and re-enable autofix
    • gci: from 0.3.4 to 0.4.2
    • go-exhaustruct: from 2.1.0 to 2.2.0
    • go-ruleguard: from 0.3.19 to 0.3.21
    • gocognit: from 1.0.5 to 1.0.6
    • gocyclo: from 0.5.1 to 0.6.0
    • golang.org/x/tools: bump to HEAD
    • gosec: allow global config
    • gosec: from 2.11.0 to 2.12.0
    • nonamedreturns: from 1.0.1 to 1.0.4
    • paralleltest: from 1.0.3 to 1.0.6
    • staticcheck: fix generics
    • staticcheck: from 0.3.1 to 0.3.2
    • tenv: from 1.5.0 to 1.6.0
    • testpackage: from 1.0.1 to 1.1.0
    • thelper: from 0.6.2 to 0.6.3
    • wrapcheck: from 2.6.1 to 2.6.2
  3. documentation:
    • add thanks page
    • add a clear explanation about the staticcheck integration.
    • depguard: add ignore-file-rules
    • depguard: adjust phrasing
    • gocritic: add enable and disable ruleguard settings
    • gomnd: fix typo
    • gosec: add configs for all existing rules
    • govet: add settings for shadow and unusedresult
    • thelper: add fuzz config and description
    • linters: add defaults
pre-commit/pre-commit

v3.3.2

Compare Source

==================

Fixes

v3.3.1

Compare Source

==================

Fixes

v3.3.0

Compare Source

==================

Features

v3.2.2

Compare Source

==================

Fixes

v3.2.1

Compare Source

==================

Fixes

v3.2.0

Compare Source

==================

Features
Fixes
pre-commit/pre-commit-hooks

v4.4.0: pre-commit-hooks v4.4.0

Compare Source

Features

v4.3.0: pre-commit-hooks v4.3.0

Compare Source

Features
  • check-executables-have-shebangs: use git config core.fileMode to determine if it should query git.
  • name-tests-test: add --pytest-test-first test convention.
Fixes
zricethezav/gitleaks

v8.16.3

Compare Source

Changelog

Huuuuuge thank you to all the contributors especially @​rgmz

@​edwardwang888 @​wparad @​sadikkuzu @​RafaelFigueiredo @​fgreinacher @​jasikpark @​sergiomarotco

v8.16.2

Compare Source

Changelog

Thanks to @​americanair for sponsoring this open source project!

Thanks to all the contributors this release: @​fgreinacher @​wparad @​RafaelFigueiredo @​sergiomarotco @​jasikpark

v8.16.1

Compare Source

Changelog

v8.16.0

Compare Source

Changelog

Allowlist Regex Targets

Let's use the generic rule to demonstrate the new regexTarget allowlist option

[[rules]]
description = "Generic API Key"
id = "generic-api-key"
regex = '''(?i)(?:key|api|token|secret|client|passwd|password|auth|access)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-z\-_.=]{10,150})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
secretGroup = 1
entropy = 3.5
keywords = [
    "key","api","token","secret","client","passwd","password","auth","access",
]

example.txt will be our target and contain a single line with a fake secret:

var discord_client_secret = '8dyfuiRyq=vVc3RRr_edRk-fK__JItpZ'

Running gitleaks on this file using the generic rule will return one finding:

gitleaks detect --source=example.txt --no-git -v --config=example.toml


    │╲
    │ ○
    ○ ░
    ░    gitleaks

Finding:     discord_client_secret = '8dyfuiRyq=vVc3RRr_edRk-fK__JItpZ'
Secret:      8dyfuiRyq=vVc3RRr_edRk-fK__JItpZ
RuleID:      generic-api-key
Entropy:     4.413910
File:        example.txt
Line:        1
Fingerprint: example.txt:generic-api-key:1

We can add a allowlist regexes entry to include part of the secret. This will cause gitleaks to ignore the finding above. Note that by default gitleaks uses the Secret to compare against allowlist regexes.

Adding the following allowlist to the generic rule will cause gitleaks to ignore the finding:

[rules.allowlist]
regexes = ["vV"]

But now say you don't want to use Secret to compare against your allowlist regexes. Well, now you can use regexTarget and set the value as either line or match to compare against the line or regex match:

[rules.allowlist]
regexTarget = "match"
regexes = ["discord"]

and

[rules.allowlist]
regexTarget = "line"
regexes = ["var"]

will both result in the finding being ignored because discord is found in the generic rule regex match and var is in the line where the finding was found.

In addition to rule allowlists, you can set regexTarget in the global allowlist:

[allowlist]
regexTarget = "line"
regexes = ["var"]

Thanks @​bplaxco for the review

v8.15.4

Compare Source

Changelog

Shouts outs to @​sandyydk @​raffis @​lawndoc @​sadikkuzu

v8.15.3

Compare Source

Changelog

v8.15.2

Compare Source

Changelog

v8.15.1

Compare Source

Changelog

v8.15.0

Compare Source

Changelog

Thanks @​RickyGrassmuck @​sergiomarotco

--pipe

Try --pipe with anything...

git log -p | gitleaks detect --pipe
--follow-symlinks
gitleaks --source . --no-git --follow-symlinks

v8.14.1

Compare Source

Changelog

  • c39e764 define log-opts, odd that this wasn't failing before... (#​1009)

v8.14.0

Compare Source

Changelog

Thanks to @​roma8389 @​michenriksen @​JoostVoskuil @​alexgit2k @​Becojo @​nnnkkk7 @​mojotx @​weineran 💪🏻

v8.13.0

Compare Source

Changelog

Thanks to @​maltemorgenstern @​b4bay @​durkinza @​akashchandwani @​very-doge-wow @​gawansch 👍🏻

v8.12.0

Compare Source

Changelog

Screen Shot 2022-09-04 at 9 13 54 AM

If this change causes outrage I can always add a --legacy-output option.

v8.11.2

Compare Source

Changelog

v8.11.1

Compare Source

Changelog

v8.11.0

Compare Source

Changelog

  • b6b7cfb bump gitdiff, add git.Err state, better log messages (#​954)

v8.10.3

Compare Source

Changelog

v8.10.2

Compare Source

Changelog

v8.10.1

Compare Source

Changelog

  • b8f236c Changed fingerprint to explicit concatenation of commit, file, rule-id, and start line (#​944)

v8.10.0

Compare Source

Changelog

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This MR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Edited by RENOVATE_GITLAB_TOKEN

Merge request reports