Skip to content

GitLab Next

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

bump gitleaks and trufflehog

Review changes
Download
Patches
Plain diff

Zach Rice requested to merge update-scanners into master Apr 27, 2020

Overview 6
Commits 6
Pipelines 5
Changes 3

What does this MR do?

Bumps Gitleaks and Trufflehog to their latest versions. This MR is needed for https://gitlab.com/gitlab-org/gitlab/-/issues/36860 as there is a bug in version 3.3.0 of gitleaks that yields the wrong results for scans on commit ranges. The changes are simple enough, just bump the versions in the Dockerfile. There is one small change to the gitleaks config that updates the toml config table for whitelists.

What are the relevant issue numbers?

gitlab-org/gitlab#214078 (closed)

Does this MR meet the acceptance criteria?

Changelog entry added
Documentation created/updated for GitLab EE, if necessary
Documentation created/updated for this project, if necessary
Documentation reviewed by technical writer or follow-up review issue created
Tests added for this feature/bug
Job definition updated, if necessary
Conforms to the code review guidelines
Conforms to the Go guidelines
Security reports checked/validated by reviewer

Edited Apr 28, 2020 by Zach Rice

Merge request reports

Assignee

Select assignees

Reviewers

Request review from

Time tracking