Update Gitleaks and SD Rules version

Review changes
Open in Workspace
Download
Patches
Plain diff

Update Gitleaks and SD Rules version

Vishwa Bhatrequested to merge

vbhat/fix-git-dir into master Aug 19, 2025

Overview 21
Commits 12
Pipelines 11
Changes 72

What does this MR do?

Update Gitleaks version to v8.28.0
Update SD Rules version to v0.13.0 | gitlab-org/security-products/secret-detection/secret-detection-rules!142 (merged)
- Fixes rule Alibaba AccessKey ID to report fewer FPs
- Includes .git directory in the allowlists to fix the bug reported in v7.10.0
- Includes low-risk files and directories in the allowlists to skip them during the scan
Adds integration test to confirm allowlists behaviour

NOTE: I chose the pessimistic approach of verifying every pattern defined in the allowlist patterns by creating a dedicated file/directory (hence ~70 changes) and expecting analyzer to exclude it in the integration test.

What are the relevant issue numbers?

gitlab-org/gitlab#560147 (closed)

Does this MR meet the acceptance criteria?

Changelog entry added
Documentation created/updated for GitLab EE, if necessary
Documentation created/updated for this project, if necessary
Documentation reviewed by technical writer or follow-up review issue created
Tests updated/added for this feature/bug
Job definition updated, if necessary
Conforms to the code review guidelines
Conforms to the Go guidelines
Security reports checked/validated by reviewer

Edited Aug 19, 2025 by Vishwa Bhat

Merge request reports

Assignee Loading

Reviewers Loading

Request review from

Loading

Time tracking Loading

Loading