Deprecate SECRET_DETECTION_COMMIT_* options
Description
Gitleaks v8.0.0 removed all --commit*
options and instead offered a more flexible --log-opts
option which accepts git log
options.
Commit related options
Variable | Reason for deprecation |
---|---|
SECRET_DETECTION_COMMIT_FROM |
Can be replaced by SECRET_DETECTION_LOG_OPTS
|
SECRET_DETECTION_COMMIT_TO |
Can be replaced by SECRET_DETECTION_LOG_OPTS
|
SECRET_DETECTION_COMMITS |
Can be replaced by SECRET_DETECTION_LOG_OPTS
|
SECRET_DETECTION_COMMITS_FILE |
Can be replaced by SECRET_DETECTION_LOG_OPTS
|
These deprecations would reduce the complexity in the analyzer as we are parsing a commits file and generating git log
options from that commits file.
Other options that should be deprecated
Variable | Reason for deprecation |
---|---|
SECRET_DETECTION_ENTROPY_LEVEL |
Entropy only rules are not supported by gitleaks. They caused too many false positives |
Tasks
-
Update documentation -
Remove variables -
Detect if these variables are provided and print a warning
Edited by Zach Rice