head 1.48; access; symbols pkgsrc-2026Q2:1.47.0.2 pkgsrc-2026Q2-base:1.47 pkgsrc-2026Q1:1.44.0.2 pkgsrc-2026Q1-base:1.44 pkgsrc-2025Q4:1.40.0.2 pkgsrc-2025Q4-base:1.40 pkgsrc-2025Q3:1.37.0.2 pkgsrc-2025Q3-base:1.37 pkgsrc-2025Q2:1.34.0.2 pkgsrc-2025Q2-base:1.34 pkgsrc-2025Q1:1.32.0.2 pkgsrc-2025Q1-base:1.32 pkgsrc-2024Q4:1.31.0.4 pkgsrc-2024Q4-base:1.31 pkgsrc-2024Q3:1.31.0.2 pkgsrc-2024Q3-base:1.31 pkgsrc-2024Q2:1.28.0.2 pkgsrc-2024Q2-base:1.28 pkgsrc-2024Q1:1.25.0.2 pkgsrc-2024Q1-base:1.25 pkgsrc-2023Q4:1.22.0.2 pkgsrc-2023Q4-base:1.22 pkgsrc-2023Q3:1.18.0.2 pkgsrc-2023Q3-base:1.18 pkgsrc-2023Q2:1.15.0.2 pkgsrc-2023Q2-base:1.15 pkgsrc-2023Q1:1.13.0.2 pkgsrc-2023Q1-base:1.13 pkgsrc-2022Q4:1.9.0.2 pkgsrc-2022Q4-base:1.9 pkgsrc-2022Q3:1.5.0.2 pkgsrc-2022Q3-base:1.5; locks; strict; comment @# @; 1.48 date 2026.07.08.18.32.38; author bsiegert; state Exp; branches; next 1.47; commitid cDbYxmIrkrXYDSMG; 1.47 date 2026.06.05.10.21.49; author bsiegert; state Exp; branches 1.47.2.1; next 1.46; commitid jt8yVpLxXvatZAIG; 1.46 date 2026.05.07.18.50.05; author bsiegert; state Exp; branches; next 1.45; commitid MMrI2EXGAt3HJUEG; 1.45 date 2026.04.08.05.45.08; author bsiegert; state Exp; branches; next 1.44; commitid FFJx9trbRMg7k7BG; 1.44 date 2026.03.06.21.08.02; author bsiegert; state Exp; branches 1.44.2.1; next 1.43; commitid AQtIeR1eh5qvuXwG; 1.43 date 2026.02.24.08.45.36; author bsiegert; state Exp; branches; next 1.42; commitid IrpU9bGVDwSIHBvG; 1.42 date 2026.01.26.19.49.20; author bsiegert; state Exp; branches; next 1.41; commitid yzzTb7tKWPopjWrG; 1.41 date 2026.01.15.19.54.54; author bsiegert; state Exp; branches; next 1.40; commitid Zuo9UmMrkrU4HwqG; 1.40 date 2025.12.02.19.25.19; author bsiegert; state Exp; branches; next 1.39; commitid 269raRGxaHJBWRkG; 1.39 date 2025.10.16.18.00.00; author bsiegert; state Exp; branches; next 1.38; commitid RAGpkHmyeYCUYOeG; 1.38 date 2025.10.08.06.54.36; author bsiegert; state Exp; branches; next 1.37; commitid 5p46uH9RJXSFyJdG; 1.37 date 2025.09.06.13.17.09; author bsiegert; state Exp; branches; next 1.36; commitid cojusOdnRBFGHE9G; 1.36 date 2025.08.31.19.40.17; author leot; state Exp; branches; next 1.35; commitid 1tTUsBAxIWQ91V8G; 1.35 date 2025.08.31.09.48.03; author bsiegert; state Exp; branches; next 1.34; commitid YzupkwmjNwz5KR8G; 1.34 date 2025.06.06.14.01.37; author bsiegert; state Exp; branches; next 1.33; commitid JbNcx43ItkrmUPXF; 1.33 date 2025.04.05.18.51.26; author bsiegert; state Exp; branches; next 1.32; commitid 5KX0APffNjdlvTPF; 1.32 date 2025.03.07.20.54.29; author bsiegert; state Exp; branches 1.32.2.1; next 1.31; commitid rfTPfnLphAPl7bMF; 1.31 date 2024.09.06.18.48.56; author bsiegert; state Exp; branches; next 1.30; commitid sM1YPLxu37gUgMoF; 1.30 date 2024.08.11.15.57.10; author bsiegert; state Exp; branches; next 1.29; commitid Q02ZqKpOSdvP9qlF; 1.29 date 2024.07.03.06.59.31; author bsiegert; state Exp; branches; next 1.28; commitid clKUvbmZS6C5rmgF; 1.28 date 2024.06.13.13.47.08; author bsiegert; state Exp; branches; next 1.27; commitid JAoDOmAvI7TNkPdF; 1.27 date 2024.06.01.14.03.01; author bsiegert; state Exp; branches; next 1.26; commitid ffwNZJIDPPV5OhcF; 1.26 date 2024.04.05.19.14.09; author bsiegert; state Exp; branches; next 1.25; commitid eg3d1kDRSryvmZ4F; 1.25 date 2024.02.07.14.50.59; author bsiegert; state Exp; branches; next 1.24; commitid 7gDVHFycBNsGLvXE; 1.24 date 2024.01.10.19.14.38; author bsiegert; state Exp; branches; next 1.23; commitid UV9PAPQbNGpZ7WTE; 1.23 date 2024.01.07.13.10.55; author leot; state Exp; branches; next 1.22; commitid vIjqnyomwEXVcwTE; 1.22 date 2023.12.05.19.46.14; author bsiegert; state Exp; branches; next 1.21; commitid U47ig27ZDVHCsjPE; 1.21 date 2023.11.10.15.45.20; author bsiegert; state Exp; branches; next 1.20; commitid o3oFzjmXZZyOV4ME; 1.20 date 2023.10.29.14.48.20; author bsiegert; state Exp; branches; next 1.19; commitid jWdavz5Nyqs70xKE; 1.19 date 2023.10.15.12.04.30; author bsiegert; state Exp; branches; next 1.18; commitid ty8v2zrF0XsQxIIE; 1.18 date 2023.09.08.19.06.10; author bsiegert; state Exp; branches 1.18.2.1; next 1.17; commitid c6lIkxn2TQcc40EE; 1.17 date 2023.08.26.16.31.37; author bsiegert; state Exp; branches; next 1.16; commitid g2P4Ffplg5e8DjCE; 1.16 date 2023.07.15.10.53.06; author bsiegert; state Exp; branches; next 1.15; commitid AvpTGe7iqymJ6TwE; 1.15 date 2023.05.05.19.37.37; author bsiegert; state Exp; branches; next 1.14; commitid QnXJTC5u3Ar9iOnE; 1.14 date 2023.04.05.20.47.52; author bsiegert; state Exp; branches; next 1.13; commitid otfbJh3QwD1ZDXjE; 1.13 date 2023.03.08.13.38.50; author bsiegert; state Exp; branches; next 1.12; commitid zjDge6tGIbvHakgE; 1.12 date 2023.02.16.15.02.01; author bsiegert; state Exp; branches; next 1.11; commitid 0nue7vmM3ce6hLdE; 1.11 date 2023.01.11.17.28.35; author bsiegert; state Exp; branches; next 1.10; commitid PPGNtzdC4VB0f99E; 1.10 date 2023.01.10.21.35.36; author leot; state Exp; branches; next 1.9; commitid Dr9xRAShPGDJD29E; 1.9 date 2022.12.08.16.14.18; author bsiegert; state Exp; branches; next 1.8; commitid OJV7UsBeEDopVL4E; 1.8 date 2022.11.02.19.39.50; author bsiegert; state Exp; branches; next 1.7; commitid qBvrZTNpGRueda0E; 1.7 date 2022.10.05.11.33.05; author bsiegert; state Exp; branches; next 1.6; commitid 0etERUd63ipoqwWD; 1.6 date 2022.09.26.18.40.15; author bsiegert; state Exp; branches; next 1.5; commitid DMadhSGcJfSX4pVD; 1.5 date 2022.09.17.11.03.56; author leot; state Exp; branches; next 1.4; commitid 5GHNc4n9XBfiQcUD; 1.4 date 2022.09.07.09.32.20; author bsiegert; state Exp; branches; next 1.3; commitid w2QNEDRq81HQEUSD; 1.3 date 2022.09.02.19.28.16; author leot; state Exp; branches; next 1.2; commitid i95Q1IgGzCni7kSD; 1.2 date 2022.08.12.20.38.04; author bsiegert; state Exp; branches; next 1.1; commitid 006upzR4Kpy0bDPD; 1.1 date 2022.08.07.22.21.38; author leot; state Exp; branches; next ; commitid oWgCrVRdU65FUZOD; 1.47.2.1 date 2026.07.14.00.36.03; author maya; state Exp; branches; next ; commitid sHC3bIiGgkiEuyNG; 1.44.2.1 date 2026.04.22.14.32.14; author maya; state Exp; branches; next ; commitid iDHLLUhOplH6NXCG; 1.32.2.1 date 2025.04.05.20.45.11; author maya; state Exp; branches; next ; commitid ts1uPa8RLrwE7UPF; 1.18.2.1 date 2023.10.22.18.44.17; author spz; state Exp; branches; next 1.18.2.2; commitid F5xCMl0v6Vo6xEJE; 1.18.2.2 date 2023.12.06.12.08.51; author spz; state Exp; branches; next ; commitid fLEciuttqVQKToPE; desc @@ 1.48 log @Revbump all Go packages after go126 update @ text @# $NetBSD: Makefile,v 1.47 2026/06/05 10:21:49 bsiegert Exp $ DISTNAME= trufflehog-3.90.5 PKGREVISION= 11 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GITHUB:=trufflesecurity/} GITHUB_TAG= v${PKGVERSION_NOREV} MAINTAINER= leot@@NetBSD.org HOMEPAGE= https://github.com/trufflesecurity/trufflehog COMMENT= Find credentials all over the place LICENSE= gnu-agpl-v3 GOFLAGS+= -ldflags ' \ -X github.com/trufflesecurity/trufflehog/v3/pkg/version.BuildVersion=${GITHUB_TAG}' GO_BUILD_PATTERN= . # github.com/wasilibs/go-re2 needs NOT_PAX_MPROTECT_SAFE, stick to Go regexp to # avoid that. SUBST_CLASSES+= regexp SUBST_STAGE.regexp= pre-configure SUBST_FILES.regexp+= pkg/detectors/*.go SUBST_FILES.regexp+= pkg/detectors/*/*.go SUBST_FILES.regexp+= pkg/detectors/*/*/*.go SUBST_FILES.regexp+= pkg/detectors/*/*/*/*.go SUBST_MESSAGE.regexp= Stick to Go regexp to avoid requiring NOT_PAX_MPROTECT_SAFE SUBST_SED.regexp+= -e 's,regexp "github.com/wasilibs/go-re2","regexp",g' .include "go-modules.mk" .include "../../lang/go/go-module.mk" .include "../../mk/bsd.pkg.mk" @ 1.47 log @Revbump all Go packages after go126 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.46 2026/05/07 18:50:05 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 10 @ 1.47.2.1 log @Revbump all Go packages after go126 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.47 2026/06/05 10:21:49 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 11 @ 1.46 log @Revbump all Go packages after go126 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.45 2026/04/08 05:45:08 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 9 @ 1.45 log @Revbump all Go packages after security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.44 2026/03/06 21:08:02 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 8 @ 1.44 log @Revbump all Go packages after go126 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.43 2026/02/24 08:45:36 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 7 @ 1.44.2.1 log @Revbump all Go packages after go126 security fix @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.44 2026/03/06 21:08:02 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 8 @ 1.43 log @Revbump all Go packages after default version bump @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.42 2026/01/26 19:49:20 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 6 @ 1.42 log @Move non-pattern Go flags to GOFLAGS. GO_BUILD_PATTERN is only for patterns, as announced on tech-pkg@@. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.41 2026/01/15 19:54:54 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 5 @ 1.41 log @Revbump all Go packages after go125 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.40 2025/12/02 19:25:19 bsiegert Exp $ d14 1 a14 1 GO_BUILD_PATTERN+= -ldflags ' \ d16 1 @ 1.40 log @Revbump all Go packages after go125 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.39 2025/10/16 18:00:00 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 4 @ 1.39 log @Revbump all Go packages after go125 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.38 2025/10/08 06:54:36 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 3 @ 1.38 log @Revbump all Go packages after go125 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.37 2025/09/06 13:17:09 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 2 @ 1.37 log @Revbump all Go packages after go125 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.36 2025/08/31 19:40:17 leot Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.36 log @trufflehog: Update to 3.90.5 pkgsrc changes: - Build with Go 1.25. - Switch to use "regexp". github.com/wasilibs/go-re2 needs NOT_PAX_MPROTECT_SAFE: panic: permission denied goroutine 1 [running]: github.com/tetratelabs/wazero/internal/engine/wazevo.mmapExecutable(...) .../pkg/mod/github.com/tetratelabs/wazero@@v1.9.0/internal/engine/wazevo/engine.go:776 github.com/tetratelabs/wazero/internal/engine/wazevo.(*engine).compileSharedFunctions(0xc0005a22d0) .../pkg/mod/github.com/tetratelabs/wazero@@v1.9.0/internal/engine/wazevo/engine.go:605 +0xc85 github.com/tetratelabs/wazero/internal/engine/wazevo.NewEngine({0x4f0cee8, 0xc0003a5260}, 0xc0cb48?, {0x0, 0x0}) .../pkg/mod/github.com/tetratelabs/wazero@@v1.9.0/internal/engine/wazevo/engine.go:115 +0x145 github.com/tetratelabs/wazero.NewRuntimeWithConfig({0x4f0cee8?, 0xc0003a5260?}, {0x4f265a0?, 0xc000469d00}) .../pkg/mod/github.com/tetratelabs/wazero@@v1.9.0/runtime.go:178 +0x12c github.com/wasilibs/go-re2/internal.init.0() .../pkg/mod/github.com/wasilibs/go-re2@@v1.9.0/internal/re2_wazero.go:180 +0x137 Changes: [Changelog basically list every single commit and is not very easy to read. I have omitted a lot of them, for full changes please see ] v3.90.4 * Disabled besnappy detector * Add option to skip binary files during filesystem source scanning * Bug fixes and improvements v3.90.2 * Added Anypoint API OAuth2 Detector v3.90.1 * Salesforce Refresh Token Detector v3.90.0 * Added LangSmith API Key detector * Bannerbear Detector V2 * Add support for docker daemon as a source v3.89.2 * Analyzer/datadog v3.89.0 * Stripe Payment Intent Detector v3.88.35 * Added deepseek support v3.88.34 * Enhanced smartsheets detector v3.88.31 * Added DataBricks Analyzer v3.88.30 * Detector implementation for Azure Configuration Connection String Key * Added Ngrok API Key Analyzer * Added New AccuWeather Detector Version * Added Mux API Analyzer * Implementation of Posthog Analyzer v3.88.29 * Detector implementation for Azure API Management Direct Management Key * Monday App Analyzer v3.88.28 * Add xAI detector * Netlify Analyzer v3.88.27 * bing subscription key support v3.88.26 * Support Dockerhub OATs * langfuse support v3.88.24 * Plaid API Analyzer * Addition of Detector - Azure Subsciprtion Keys v3.88.21 * Added Figma (PAT) Analyzer * Detector implementation for Azure API Management Repository key v3.88.19 * added sentry org token detector * Detector implementation for Azure SAS Tokens v3.88.16 * Groq Analyzer * LaunchDarkly Token Analyzer v3.88.15 * Planetscale Analyzer * Airtable Analyzer for Personal Access Tokens v3.88.14 * Airtable Personal Access Token Detector v3.88.13 * elevenlabs analyzer v3.88.12 * Airtable Analyzer for OAuth Tokens v3.88.8 * anthropic api key analyzer v3.88.7 * dockerhub analyzer v3.88.6 * Airtable OAuth Detector v3.88.5 * Create detector for Azure refresh tokens * PrivateKey Analyzer v3.88.0 * Added new detector for Twilio APIKey v3.86.0 * Add new detector for Twitch OAuth Access Tokens v3.85.0 * Add Flexport detector v3.84.1 * Support S3 Source Resumption v3.84.0 * S3 Progress Tracker * Added ZohoCRM detector v3.83.7 * Add support for scanning APK files v3.83.5 * add config option for s3 resumption v3.82.9 * Add SaladCloud API Key detector v3.82.7 * Added Cisco Meraki API Key detector v3.82.5 * RailwayApp Detector v3.82.2 * Add Analyzer for MySQL * Add Analyzer for Mailgun * Add analyzer interface for Shopify v3.82.0 * Add Robinhood Crypto detector v3.80.2 * Added Twitter v2 Detector v3.80.0 * Elevenlabs detector * Atlassian Token Detector v3.79.0 * Adding Larksuite Detectors v3.78.2 * adding twitter + Consumer key detector v3.78.0 * Add Jenkins scanning v3.77.0 * adding Groq detector @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.35 2025/08/31 09:48:03 bsiegert Exp $ d4 1 @ 1.35 log @Fix Go version to 1.24 for some packages. These do not build on Go 1.25 and should be fixed. For now, we work around this by using the next older Go version. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.34 2025/06/06 14:01:37 bsiegert Exp $ d3 1 a3 2 DISTNAME= trufflehog-3.63.7 PKGREVISION= 11 a12 3 # TODO: fix build of this package with Go 1.25 and remove this line GO_VERSION_DEFAULT= 124 d16 11 @ 1.34 log @Revbump all Go packages after go124 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.33 2025/04/05 18:51:26 bsiegert Exp $ d14 3 @ 1.33 log @Belated revbump for all Go packages after go124 update I forgot to do the revbump again, sorry for doing it so late after the update. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.32 2025/03/07 20:54:29 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 10 @ 1.32 log @Revbump all Go packages after go124 update I realize I forgot to do the revbump after updating the default Go version to 1.24, so let's do that now. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.31 2024/09/06 18:48:56 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 9 @ 1.32.2.1 log @Pulup ticket #6952 - Update PKGREVISION for all Go packages. Go had a security update to one of the builtin libraries. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.32 2025/03/07 20:54:29 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 10 @ 1.31 log @Revbump all Go packages after go122 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.30 2024/08/11 15:57:10 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 8 @ 1.30 log @Revbump all Go packages after update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.29 2024/07/03 06:59:31 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 7 @ 1.29 log @Revbump all Go packages after go122 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.28 2024/06/13 13:47:08 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 6 @ 1.28 log @Revbump all Go packages after go122 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.27 2024/06/01 14:03:01 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 5 @ 1.27 log @Revbump all Go packages, default Go version is now 1.22. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.26 2024/04/05 19:14:09 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 4 @ 1.26 log @Revbump all Go packages after go121 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.25 2024/02/07 14:50:59 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 3 @ 1.25 log @Revbump all Go packages after go121 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.24 2024/01/10 19:14:38 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 2 @ 1.24 log @Revbump all Go packages after go121 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.23 2024/01/07 13:10:55 leot Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.23 log @trufflehog: Update to 3.63.7 pkgsrc changes: - Use a forked go-ps that supports NetBSD, from wip/flux2 Changes: v3.63.7 * Add skip archive support * Skip all binaries v3.63.6 * Adds basic if/else check if pid slice is empty * Avoid extraneous authentication attempts when verifying Snowflake v3.63.5 * Update Freshworks verification to check for valid JSON response * Enhance HuggingFace extra data * Convert Shortcut detector to tri-state verification * add secretID to chunk v3.63.4 * Update GitLab v1 verification to check for valid JSON response * Fix GitHub source showing 0 members v3.63.3 * Deprecate some detectors * Remove Java archives from ignored extensions * Check private keys concurrently * Use bad json in slackwebhooks * Fix azurestorage detector * fix and refactor browserstack detector * Update metabase verification to check for a valid JSON response v3.63.2 ## Changelog * skip files we can't scan * Ignore images and binaries v3.63.1 ## Changelog * fix nil map assignment v3.63.0 ## Changelog * Add JSON tags to job metrics * extract AWS account number from ID without verification * Adding Sumo Logic how to rotate * Added Replicate API token detector * Added Ngrok API token detector * Added v2 version for fullstory * Add support for user:pass@@host to postgres JDBC detector * Add Overloop detector * Added Request.Finance API token detector * Created grafana service account detector * Fixed zulipchat detector * Added eventbrite detector * logz.io detector * Coda Detector * Fix LiveAgent Detector & Verifier * Pulling short lived AWS keys into their own thing * Support multiple detectors per match * Fix ScraperSite (deprecated) * Fix PassBase (acquired, deprecated) * Created Grafana Cloud API Key detector * Fix/Deprecate Prospect.io * Added resource type mapping to extraData in AWS * Fix FakeJSON (deprecated) * Adding Azure Container Registry Password Detector * Fix SentimentInvestor (deprecated) * Adding Azure Batch keys v3.62.1 * Fix several detectors * Support multiple custom detectors * Centralize logic for checking archive extraction tools v3.62.0 * Added LemonSqueezy API token detector * Added Budibase API token detector * Developed Deno Deploy Detector * Added Stripo API token detector * Added Reply.io API token detector v3.61.0 * Fix/Remove Happi Detection & Verification * Fix/Remove Flowdock detector * Fix SurveyBot Verification * Added BetterStack API token detector * Added ZeroTier API token detector * Added AppOptics API token detector * Add Metabase Session Secret Detector * Add Coinbase Wallet-as-a-Service detector v3.60.4 * loggly detector * Added OpenVPN API Detector * Added Portainer Detector * Fix/Remove baseapi detector (no longer exists) * Added Vagrant Cloud Access Token Detector * fixed monday.com regex * Fix ScreenshotAPI Verification * Fix MeaningCloud Verification * Deprecate Glitterly * Fix/Remove BlaBlaBus, API retired * Fix/Remove QuickMetrics (shutdown) * Fix/Remove DataFire, API retired v3.60.3 * Fix CloudSmith verification * NewRelic Detector -fallback to EU Api for verification * Added PortainerToken Detector v3.60.2 * Add Voiceflow detector * Fix plaid.com API key detection * Add Privacy.com API key detector * Add ipinfo.io API key detector * add IP2Location api key detector * Fix SuperNotes API verification * Add InstaMojo Payment Detector * Fix CodeClimate verification v3.60.1 * Bug fixes v3.60.0 * Use placeholder as default if field left empty and is required * add tristate verification to postman * support insecure TLS for Jira and Jenkins * add ramp.com client id & secret detector * add anthropic api key detector * fix notion.so false negative verification * Add Klaviyo API Secret Detector * added cody gateway token detection code v3.59.0 * Bug fixes and documentation improvements v3.58.0 * Added PR and Issue body scanning * Added Web3 Storage detector * Use S3 credentials waterfall v3.57.0 * Bug fixes and improvements v3.56.1 * Bug fixes and improvements v3.56.0 * Implement Gitlab source validation * Bug fixes and improvements v3.55.1 * fix slackwebhook detector * Add log verbosity v3.55.0 * Improve private key detector * Bug fixes and improvements v3.54.4 * Validate s3 source * Add Tailscale detector * Retry AWS verification 403s * Bug fixes and improvements v3.54.3 * Bug fixes and improvements v3.54.2 * Update to Go 1.21 * Bug fixes and improvements v3.54.1 * Bug fixes and improvements v3.54.0 * add snowflake detector * Support azure git links * Bug fixes and improvements v3.53.0 * add rate limit and consumption metrics for GitHub * Bug fixes and improvements v3.52.1 * update test file v3.52.0 * Bug fixes v3.51.0 * Bug fixes v3.50.0 * add salesforce detector v3.49.0 * Docker scanning by digest * add huggingface detector v3.48.0 * Bug fixes and improvements v3.47.0 * Github Oauth2 verification * Add terminal UI v3.46.3 * Bug fixes and improvements v3.46.2 * Bug fixes and improvements v3.46.1 * Bug fixes v3.46.0 * Bug fixes and improvements v3.45.3 * Add path (location of file) to Google Drive proto * Bug fixes and improvements v3.45.2 * Pass GitHub apiEndpoint for basic or no auth * Improve log message when scanning GitHub comments * Detect CosmoDB access keys * Add azure repos protos * add merge support * Bug fixes and improvements v3.45.1 * Bug fixes and improvements v3.45.0 * add envoy api key scanner * add couchbase scanner to defaults * tweak jdbc redaction * add thog enterprise detector for web keys * add dockerhub scanner * Bug fixes and improvements v3.44.0 * Remove the Image4 detector * scan GitHub PR and issue comments * Dedupe results * Bug fixes and improvements v3.43.0 * Introduce `trufflehog:ignore` tag feature * Add missing keywords for sqlserver * Bug fixes and improvements v3.42.0 * Exit with non-zero exit code on chunk source error * Add Couchbase Detector * Use url redaction in git * added opsgenie detector * Bug fixes and improvements v3.41.1 * Bug fixes and improvements v3.41.0 * Add Docker image scanning * Bug fixes and improvements v3.40.0 * Add DocuSign detector v3.39.0 * No changes available v3.38.0 * Check that git meets version requirements v3.37.0 * Add message for discord server in readme * Make OpenAI regex more specific * Bug fixes and improvements v3.36.0 * Misc improvements v3.35.0 * added pulumi cloud Access token detector * Add buildkitev2 detector for newer tokens * Add Base64URLSafe decoder v3.34.0 * add tineswebhook detector v3.33.0 * Added a new detector for percy.io * Bug fixes and improvements v3.32.2 * Bug fixes and improvements v3.32.1 * Bug fixes and improvements v3.32.0 * Adding Google drive to MetaData proto * Allow multiple team IDs for MS Teams * Bug fixes and improvements v3.31.6 * optimize gitparse handling of diffs v3.31.5 * Use persistable cache for GCS progress tracking * Bug fixes and improvements v3.31.4 * Adding support for the AWS_SESSION_TOKEN v3.31.3 * Bug fixes and improvements v3.31.2 * revert to original entrypoint config v3.31.1 * ensure stdout is still provided v3.31.0 * Support for exclude globs at the `git log` level * Add GitHub Actions output v3.30.0 * Add resuming capability to GCS source * Add OpenAI API Tokens detector * Add Oauth creds to GCS * Delete progress tracking from GCS source v3.29.1 * Make slack webhook detector regex more specific v3.29.0 * Remove period from file extension * Add gcs scanning integration v3.28.7 * Support filtering detectors by version v3.28.6 * Misc improvements v3.28.5 * Only scanned staged git changes v3.28.4 * Custom regex parallel verify v3.28.3 * Support file scanning in filesystem source * Add ability to include and exclude detectors v3.28.2 * Bug fixes v3.28.1 * Bug fixes v3.28.0 * Github filter support for exclude and include * Correctly parse most filenames with ' and ' * Adding initial protos for Google Drive scanner * Bug fixes and improvements v3.27.1 * Revert "Make detectors configurable" v3.27.0 * braintree detector: use production API URL instead of the test sandbox * Add max commit size * Make detectors configurable v3.26.0 * Add openssh-client to trufflehog container * filesystem support for exclude and include filters (2nd attemp) * Add file to confluence proto. * Remove false positive detection for CustomRegex v3.25.4 * fix github integration tests v3.25.3 * Add concurrency to CircleCi source * Updated stdout to print results in alphabetical order for consistent output * Add location to Teams source metadata * Limit diff size to prevent out of control memory use. v3.25.2 * Use access-token endpoint for validity check * Record timestamp when a context was cancelled * remove logger from retryable client, it is not respecting loglevels v3.25.1 * Update entrypoint v3.25.0 * Copy metadata for line number aware sources * Rename and export isGitSource @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.22 2023/12/05 19:46:14 bsiegert Exp $ d4 1 @ 1.22 log @Revbump all Go packages after go121 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.21 2023/11/10 15:45:20 bsiegert Exp $ d3 1 a3 2 DISTNAME= trufflehog-3.24.0 PKGREVISION= 12 @ 1.21 log @Revbump all Go packages after go121 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.20 2023/10/29 14:48:20 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 11 @ 1.20 log @Revbump all Go packages because go121 is now the default @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.19 2023/10/15 12:04:30 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 10 @ 1.19 log @Revbump all Go packages after go120 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.18 2023/09/08 19:06:10 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 9 @ 1.18 log @Revbump all Go packages after go120 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.17 2023/08/26 16:31:37 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 8 @ 1.18.2.1 log @Pullup ticket #6812 - requested by bsiegert lang/go120: security update lang/go: version info update audio/gospt: RevBump audio/ymuse: RevBump chat/coyim: RevBump chat/gomuks: RevBump chat/matterircd: RevBump chat/senpai: RevBump chat/ssh-chat: RevBump databases/go-ldap: RevBump databases/influxdb: RevBump databases/mongo-tools: RevBump databases/mysqld_exporter: RevBump databases/postgres_exporter: RevBump databases/prometheus: RevBump databases/promscale: RevBump databases/sqlc: RevBump databases/timescaledb-tune: RevBump devel/asmfmt: RevBump devel/conftest: RevBump devel/errcheck: RevBump devel/fq: RevBump devel/git-lfs: RevBump devel/go-ed25519: RevBump devel/go-gocode: RevBump devel/go-golang-lru: RevBump devel/go-gopkgs: RevBump devel/go-goptlib: RevBump devel/go-goreturns: RevBump devel/go-gox: RevBump devel/go-impl: RevBump devel/go-logrus: RevBump devel/go-nbreader: RevBump devel/go-pty: RevBump devel/go-review: RevBump devel/go-siphash: RevBump devel/go-staticcheck: RevBump devel/go-swagger: RevBump devel/go-sys: RevBump devel/go-tools: RevBump devel/go-wire: RevBump devel/go-xerrors: RevBump devel/golangci-lint: RevBump devel/golint: RevBump devel/gomodifytags: RevBump devel/gopls: RevBump devel/goredo: RevBump devel/gotags: RevBump devel/gotests: RevBump devel/govulncheck: RevBump devel/lazygit: RevBump devel/mob: RevBump devel/nancy: RevBump devel/opa: RevBump devel/packr: RevBump devel/reftools: RevBump devel/regal: RevBump devel/revive: RevBump devel/shfmt: RevBump devel/syft: RevBump editors/micro: RevBump filesystems/kubo: RevBump graphics/gif2png: RevBump lang/joker: RevBump mail/opensmtpd-filter-rspamd: RevBump mail/opensmtpd-filter-senderscore: RevBump mail/postforward: RevBump meta-pkgs/bulk-test-essential: RevBump misc/exercism: RevBump net/amazon-ecs-cli: RevBump net/amfora: RevBump net/bombadillo: RevBump net/croc: RevBump net/czds: RevBump net/dnscontrol: RevBump net/dnscrypt-proxy2: RevBump net/gh: RevBump net/go-dnstap: RevBump net/go-net: RevBump net/go-websocket: RevBump net/gunison: RevBump net/gvproxy: RevBump net/hub: RevBump net/ipget: RevBump net/kubectl: RevBump net/libquic: RevBump net/mangos: RevBump net/nats-server: RevBump net/obfs4proxy: RevBump net/rclone: RevBump net/stern: RevBump net/syncthing: RevBump net/terraform-provider-archive: RevBump net/terraform-provider-aws: RevBump net/terraform-provider-kubernetes: RevBump net/terraform-provider-local: RevBump net/terraform-provider-null: RevBump net/terraform-provider-random: RevBump net/terraform-provider-template: RevBump net/terraform-provider-vultr: RevBump net/terraform: RevBump net/tut: RevBump net/vultr-cli: RevBump pkgtools/pkglint: RevBump security/2fa: RevBump security/age: RevBump security/amass: RevBump security/authelia: RevBump security/cfssl: RevBump security/dnsx: RevBump security/go-asn1-ber: RevBump security/go-crypto: RevBump security/go-getpass: RevBump security/go-mkcert: RevBump security/gopass: RevBump security/httpx: RevBump security/nuclei: RevBump security/oauth2c: RevBump security/osv-scanner: RevBump security/subfinder: RevBump security/tlsx: RevBump security/trufflehog: RevBump security/vault: RevBump shells/elvish: RevBump shells/oh-my-posh: RevBump sysutils/beats: RevBump sysutils/consul: RevBump sysutils/direnv: RevBump sysutils/fzf: RevBump sysutils/goreman: RevBump sysutils/lf: RevBump sysutils/node_exporter: RevBump sysutils/packer: RevBump sysutils/podman: RevBump sysutils/restic: RevBump sysutils/vultr: RevBump textproc/glow: RevBump textproc/go-kr-text: RevBump textproc/go-md2man: RevBump textproc/go-mmark: RevBump textproc/go-text: RevBump textproc/miller: RevBump textproc/sift: RevBump www/apisprout: RevBump www/caddy: RevBump www/gitea: RevBump www/go-ffuf: RevBump www/go-minify: RevBump www/gotosocial: RevBump www/grafana: RevBump www/hugo: RevBump www/jira-cli: RevBump www/mycorrhiza: RevBump www/pup: RevBump www/restish: RevBump www/shoutrrr: RevBump Revisions pulled up: - lang/go/version.mk 1.190,1.192 - lang/go120/PLIST 1.9 - lang/go120/distinfo 1.10-1.11 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Sat Oct 7 18:09:35 UTC 2023 Modified Files: pkgsrc/lang/go: version.mk pkgsrc/lang/go120: PLIST distinfo Log Message: go120: update to 1.20.9 (security). cmd/go: line directives allows arbitrary execution during build "//line" directives can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compliation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploting this issue significantly more complex. This is CVE-2023-39323 and Go issue https://go.dev/issue/63211. View the release notes for more information: https://go.dev/doc/devel/release#go1.20.9 To generate a diff of this commit: cvs rdiff -u -r1.189 -r1.190 pkgsrc/lang/go/version.mk cvs rdiff -u -r1.8 -r1.9 pkgsrc/lang/go120/PLIST cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/go120/distinfo ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Sun Oct 15 11:02:08 UTC 2023 Modified Files: pkgsrc/lang/go: version.mk pkgsrc/lang/go120: distinfo Log Message: go120: update to 1.20.10 (security) net/http: rapid stream resets can cause excessive work A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded to the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit. New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 v0.17.0, for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function. This is CVE-2023-39325 and Go issue https://go.dev/issue/63417. This is also tracked by CVE-2023-44487. To generate a diff of this commit: cvs rdiff -u -r1.191 -r1.192 pkgsrc/lang/go/version.mk cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/go120/distinfo @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.18 2023/09/08 19:06:10 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 9 @ 1.18.2.2 log @Pullup ticket #6822 - requested by bsiegert lang/go120: security update lang/go121: security update lang/go: metadata update audio/gospt: revision bump audio/ymuse: revision bump chat/coyim: revision bump chat/gomuks: revision bump chat/matterircd: revision bump chat/senpai: revision bump chat/ssh-chat: revision bump databases/go-ldap: revision bump databases/influxdb: revision bump databases/mongo-tools: revision bump databases/mysqld_exporter: revision bump databases/postgres_exporter: revision bump databases/prometheus: revision bump databases/promscale: revision bump databases/sqlc: revision bump databases/timescaledb-tune: revision bump devel/asmfmt: revision bump devel/conftest: revision bump devel/errcheck: revision bump devel/fq: revision bump devel/git-lfs: revision bump devel/go-ed25519: revision bump devel/go-gocode: revision bump devel/go-golang-lru: revision bump devel/go-gopkgs: revision bump devel/go-goptlib: revision bump devel/go-goreturns: revision bump devel/go-gox: revision bump devel/go-impl: revision bump devel/go-logrus: revision bump devel/go-nbreader: revision bump devel/go-pty: revision bump devel/go-review: revision bump devel/go-siphash: revision bump devel/go-staticcheck: revision bump devel/go-swagger: revision bump devel/go-sys: revision bump devel/go-tools: revision bump devel/go-wire: revision bump devel/go-xerrors: revision bump devel/golangci-lint: revision bump devel/golint: revision bump devel/gomodifytags: revision bump devel/gopls: revision bump devel/goredo: revision bump devel/gotags: revision bump devel/gotests: revision bump devel/govulncheck: revision bump devel/lazygit: revision bump devel/mob: revision bump devel/nancy: revision bump devel/opa: revision bump devel/packr: revision bump devel/reftools: revision bump devel/regal: revision bump devel/revive: revision bump devel/shfmt: revision bump devel/syft: revision bump editors/micro: revision bump filesystems/kubo: revision bump graphics/gif2png: revision bump lang/joker: revision bump mail/opensmtpd-filter-rspamd: revision bump mail/opensmtpd-filter-senderscore: revision bump mail/postforward: revision bump misc/exercism: revision bump net/amazon-ecs-cli: revision bump net/amfora: revision bump net/bombadillo: revision bump net/croc: revision bump net/czds: revision bump net/dnscontrol: revision bump net/dnscrypt-proxy2: revision bump net/gh: revision bump net/go-dnstap: revision bump net/go-net: revision bump net/go-websocket: revision bump net/gunison: revision bump net/gvproxy: revision bump net/hub: revision bump net/ipget: revision bump net/kubectl: revision bump net/libquic: revision bump net/mangos: revision bump net/nats-server: revision bump net/obfs4proxy: revision bump net/rclone: revision bump net/stern: revision bump net/syncthing: revision bump net/terraform-provider-archive: revision bump net/terraform-provider-aws: revision bump net/terraform-provider-kubernetes: revision bump net/terraform-provider-local: revision bump net/terraform-provider-null: revision bump net/terraform-provider-random: revision bump net/terraform-provider-template: revision bump net/terraform-provider-vultr: revision bump net/terraform: revision bump net/tut: revision bump net/vultr-cli: revision bump pkgtools/pkglint: revision bump security/2fa: revision bump security/age: revision bump security/amass: revision bump security/authelia: revision bump security/cfssl: revision bump security/dnsx: revision bump security/go-asn1-ber: revision bump security/go-crypto: revision bump security/go-getpass: revision bump security/go-mkcert: revision bump security/gopass: revision bump security/httpx: revision bump security/nuclei: revision bump security/oauth2c: revision bump security/osv-scanner: revision bump security/subfinder: revision bump security/tlsx: revision bump security/trufflehog: revision bump security/vault: revision bump shells/elvish: revision bump shells/oh-my-posh: revision bump sysutils/beats: revision bump sysutils/consul: revision bump sysutils/direnv: revision bump sysutils/fzf: revision bump sysutils/goreman: revision bump sysutils/lf: revision bump sysutils/node_exporter: revision bump sysutils/packer: revision bump sysutils/podman: revision bump sysutils/restic: revision bump sysutils/vultr: revision bump textproc/glow: revision bump textproc/go-kr-text: revision bump textproc/go-md2man: revision bump textproc/go-mmark: revision bump textproc/go-text: revision bump textproc/miller: revision bump textproc/sift: revision bump www/apisprout: revision bump www/caddy: revision bump www/gitea: revision bump www/go-ffuf: revision bump www/go-minify: revision bump www/gotosocial: revision bump www/grafana: revision bump www/hugo: revision bump www/jira-cli: revision bump www/mycorrhiza: revision bump www/pup: revision bump www/restish: revision bump www/shoutrrr: revision bump Revisions pulled up: - lang/go/version.mk 1.194 - lang/go120/PLIST 1.10 - lang/go120/distinfo 1.12 - lang/go121/PLIST 1.4 - lang/go121/distinfo 1.4 - audio/gospt/Makefile by patch - audio/ymuse/Makefile by patch - chat/coyim/Makefile by patch - chat/gomuks/Makefile by patch - chat/matterircd/Makefile by patch - chat/senpai/Makefile by patch - chat/ssh-chat/Makefile by patch - databases/go-ldap/Makefile by patch - databases/influxdb/Makefile by patch - databases/mongo-tools/Makefile by patch - databases/mysqld_exporter/Makefile by patch - databases/postgres_exporter/Makefile by patch - databases/prometheus/Makefile by patch - databases/promscale/Makefile by patch - databases/sqlc/Makefile by patch - databases/timescaledb-tune/Makefile by patch - devel/asmfmt/Makefile by patch - devel/conftest/Makefile by patch - devel/errcheck/Makefile by patch - devel/fq/Makefile by patch - devel/git-lfs/Makefile by patch - devel/go-ed25519/Makefile by patch - devel/go-gocode/Makefile by patch - devel/go-golang-lru/Makefile by patch - devel/go-gopkgs/Makefile by patch - devel/go-goptlib/Makefile by patch - devel/go-goreturns/Makefile by patch - devel/go-gox/Makefile by patch - devel/go-impl/Makefile by patch - devel/go-logrus/Makefile by patch - devel/go-nbreader/Makefile by patch - devel/go-pty/Makefile by patch - devel/go-review/Makefile by patch - devel/go-siphash/Makefile by patch - devel/go-staticcheck/Makefile by patch - devel/go-swagger/Makefile by patch - devel/go-sys/Makefile by patch - devel/go-tools/Makefile by patch - devel/go-wire/Makefile by patch - devel/go-xerrors/Makefile by patch - devel/golangci-lint/Makefile by patch - devel/golint/Makefile by patch - devel/gomodifytags/Makefile by patch - devel/gopls/Makefile by patch - devel/goredo/Makefile by patch - devel/gotags/Makefile by patch - devel/gotests/Makefile by patch - devel/govulncheck/Makefile by patch - devel/lazygit/Makefile by patch - devel/mob/Makefile by patch - devel/nancy/Makefile by patch - devel/opa/Makefile by patch - devel/packr/Makefile by patch - devel/reftools/Makefile by patch - devel/regal/Makefile by patch - devel/revive/Makefile by patch - devel/shfmt/Makefile by patch - devel/syft/Makefile by patch - editors/micro/Makefile by patch - filesystems/kubo/Makefile by patch - graphics/gif2png/Makefile by patch - lang/joker/Makefile by patch - mail/opensmtpd-filter-rspamd/Makefile by patch - mail/opensmtpd-filter-senderscore/Makefile by patch - mail/postforward/Makefile by patch - misc/exercism/Makefile by patch - net/amazon-ecs-cli/Makefile by patch - net/amfora/Makefile by patch - net/bombadillo/Makefile by patch - net/croc/Makefile by patch - net/czds/Makefile by patch - net/dnscontrol/Makefile by patch - net/dnscrypt-proxy2/Makefile by patch - net/gh/Makefile by patch - net/go-dnstap/Makefile by patch - net/go-net/Makefile by patch - net/go-websocket/Makefile by patch - net/gunison/Makefile by patch - net/gvproxy/Makefile by patch - net/hub/Makefile by patch - net/ipget/Makefile by patch - net/kubectl/Makefile by patch - net/libquic/Makefile by patch - net/mangos/Makefile by patch - net/nats-server/Makefile by patch - net/obfs4proxy/Makefile by patch - net/rclone/Makefile by patch - net/stern/Makefile by patch - net/syncthing/Makefile by patch - net/terraform-provider-archive/Makefile by patch - net/terraform-provider-aws/Makefile by patch - net/terraform-provider-kubernetes/Makefile by patch - net/terraform-provider-local/Makefile by patch - net/terraform-provider-null/Makefile by patch - net/terraform-provider-random/Makefile by patch - net/terraform-provider-template/Makefile by patch - net/terraform-provider-vultr/Makefile by patch - net/terraform/Makefile by patch - net/tut/Makefile by patch - net/vultr-cli/Makefile by patch - pkgtools/pkglint/Makefile by patch - security/2fa/Makefile by patch - security/age/Makefile by patch - security/amass/Makefile by patch - security/authelia/Makefile by patch - security/cfssl/Makefile by patch - security/dnsx/Makefile by patch - security/go-asn1-ber/Makefile by patch - security/go-crypto/Makefile by patch - security/go-getpass/Makefile by patch - security/go-mkcert/Makefile by patch - security/gopass/Makefile by patch - security/httpx/Makefile by patch - security/nuclei/Makefile by patch - security/oauth2c/Makefile by patch - security/osv-scanner/Makefile by patch - security/subfinder/Makefile by patch - security/tlsx/Makefile by patch - security/trufflehog/Makefile by patch - security/vault/Makefile by patch - shells/elvish/Makefile by patch - shells/oh-my-posh/Makefile by patch - sysutils/beats/Makefile by patch - sysutils/consul/Makefile by patch - sysutils/direnv/Makefile by patch - sysutils/fzf/Makefile by patch - sysutils/goreman/Makefile by patch - sysutils/lf/Makefile by patch - sysutils/node_exporter/Makefile by patch - sysutils/packer/Makefile by patch - sysutils/podman/Makefile by patch - sysutils/restic/Makefile by patch - sysutils/vultr/Makefile by patch - textproc/glow/Makefile by patch - textproc/go-kr-text/Makefile by patch - textproc/go-md2man/Makefile by patch - textproc/go-mmark/Makefile by patch - textproc/go-text/Makefile by patch - textproc/miller/Makefile by patch - textproc/sift/Makefile by patch - www/apisprout/Makefile by patch - www/caddy/Makefile by patch - www/gitea/Makefile by patch - www/go-ffuf/Makefile by patch - www/go-minify/Makefile by patch - www/gotosocial/Makefile by patch - www/grafana/Makefile by patch - www/hugo/Makefile by patch - www/jira-cli/Makefile by patch - www/mycorrhiza/Makefile by patch - www/pup/Makefile by patch - www/restish/Makefile by patch - www/shoutrrr/Makefile by patch ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Fri Nov 10 15:39:34 UTC 2023 Modified Files: pkgsrc/lang/go: version.mk pkgsrc/lang/go120: PLIST distinfo pkgsrc/lang/go121: PLIST distinfo Log Message: Update go120 to 1.20.11 and go121 to 1.21.4 (security). These minor releases include 2 security fixes following the security policy: - path/filepath: recognize \??\ as a Root Local Device path prefix. On Windows, a path beginning with \??\ is a Root Local Device path equivalent to a path beginning with \\?\. Paths with a \??\ prefix may be used to access arbitrary locations on the system. For example, the path \??\c:\x is equivalent to the more common path c:\x. The filepath package did not recognize paths with a \??\ prefix as special. Clean could convert a rooted path such as \a\..\??\b into the root local device path \??\b. It will now convert this path into .\??\b. IsAbs did not report paths beginning with \??\ as absolute. It now does so. VolumeName now reports the \??\ prefix as a volume name. Join(`\`, `??`, `b`) could convert a seemingly innocent sequence of path elements into the root local device path \??\b. It will now convert this to \.\??\b. This is CVE-2023-45283 and https://go.dev/issue/63713. - path/filepath: recognize device names with trailing spaces and superscripts The IsLocal function did not correctly detect reserved names in some cases: reserved names followed by spaces, such as "COM1 ". "COM" or "LPT" followed by a superscript 1, 2, or 3. IsLocal now correctly reports these names as non-local. This is CVE-2023-45284 and https://go.dev/issue/63713. To generate a diff of this commit: cvs rdiff -u -r1.193 -r1.194 pkgsrc/lang/go/version.mk cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/go120/PLIST cvs rdiff -u -r1.11 -r1.12 pkgsrc/lang/go120/distinfo cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/go121/PLIST pkgsrc/lang/go121/distinfo @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.18.2.1 2023/10/22 18:44:17 spz Exp $ d4 1 a4 1 PKGREVISION= 10 @ 1.17 log @Revbump all Go packages after go120 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.16 2023/07/15 10:53:06 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 7 @ 1.16 log @Revbump all Go packages after go120 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.15 2023/05/05 19:37:37 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 6 @ 1.15 log @Revbump all Go packages after go120 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.14 2023/04/05 20:47:52 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 5 @ 1.14 log @Revbump all Go packages after yesterday's go120 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.13 2023/03/08 13:38:50 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 4 @ 1.13 log @Revbump all Go packages after go119 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.12 2023/02/16 15:02:01 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 3 @ 1.12 log @Revbump all Go packages after go119 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.11 2023/01/11 17:28:35 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 2 @ 1.11 log @Revbump all Go packages after go119 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.10 2023/01/10 21:35:36 leot Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.10 log @trufflehog: Update to 3.24.0 Changes: v3.24.0 ## What's Changed * Switch to retryableHttpClient for GitHub AuthN API Client + More Logs * Bump dependencies * Handle invalid regex for custom detector. * Capture callstack of canceled contexts * Validate custom regular expressions on detector initialization v3.23.2 ## What's Changed * Bump dependencies v3.23.1 ## What's Changed * Allow for default value to be used in GHA Workflow v3.23.0 ## What's Changed * Add Circle CI source v3.22.0 ## What's Changed * Remove ctx from source structs * Removing Debug version Println to logrus debug * Make GA action default base an empty string v3.21.1 (No changes) v3.21.0 ## What's Changed * Add configuration parsing and custom detectors to engine * Add custom regex detector docs * Remove custom log leveler * Bump dependencies v3.20.0 ## What's Changed * Bump dependencies * [bug] - Handle error when scanning s3 bucket * Add more logging for git sources * Add s3 object count to trace logs * Implement CustomRegex detector * Use Todoist's REST API v2 * Allow using a glob for include list v3.19.0 ## What's Changed * Add newlines when file is split * Close files to clean up tmp files * Use new diskbufferreader version * Add test for configuring custom regex with webhook verification * Add CustomRegex validation * Don't scan the --since-commit target * Only scan an org and org related repos with --org flag * Support globbing with ignore repos v3.18.0 ## What's Changed * Add `--exclude-paths` support for gitlab scanning module * Log the stack trace and recover object * ed25519 private keys not detected * Add warning about using trufflehog as a library * Enable skipping of particular key IDs * add LDAP detector * Fix error message * Skip some FTP FPs * add rambbitmq detector * Update slack webhook detector string check * Add custom detectors configuration parsing * S3 scanner improvements v3.17.0 ## What's Changed * fixed mailchimp detector * Update Scrapfly API Key Format * Replace plain decoder with utf8 v3.16.4 ## What's Changed * Add sqlserver integration test and some default params * Check for closed channel in HandleFile * add option to skip tls verification for confluence * Add Unknown visibility level * Adding Shopify detector v3.16.3 ## What's Changed * Do local URI verification, while attempting to defuse SSRF v3.16.2 ## What's Changed * Bump dependencies v3.16.1 ## What's Changed * Add bytes counter to scans * Support common ssh repo format v3.16.0 ## What's Changed * proposal: SqlServer connection string detector * support github fine grained tokens and add extra data * only detect live env razor pay and use std lib * improve fastly validation endpoint and add extra data * increase datadog token sensitivity * increase digitalocean token sensitivity v3.15.1 ## What's Changed * Use line aware chunking for git v3.15.0 ## What's Changed * Ignore URIs where the password is redacted * Add ignore repo list to Github proto * added npm detector * Ignore Bitbucket and Gitlab repos * Check rate limit when getting github user v3.14.0 ## What's Changed * Include public/private in github metadata * Do not fail scanning if we cannot enumerate gists * Add token auth to JIRA proto * Added DigitalOceanV2 detector * Add SSH config option for the git source v3.13.0 ## What's Changed * Add Gemini detector * Show clone path for git repos * 403 on listing user gist should not fail org scan v3.12.1 ## What's Changed * Recover from detector panics * Browserstack regex v3.12.0 ## What's Changed * Adding detector for Nvidia NGC * Implement JDBC verification for select drivers * Fix improper github org member pagination v3.11.1 ## What's Changed * Fix scanning specific github repos with token v3.11.0 ## What's Changed * A few improvements v3.10.4 ## What's Changed * fix regex pattern for confluent detector * Add AWS account information * Improve GitHub debug logging * Add support for MongoDB detector * Add SlackRealtime proto message * Add location to Slack and Confluence metadata @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.9 2022/12/08 16:14:18 bsiegert Exp $ d4 1 @ 1.9 log @Revbump all Go packages after go119 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.8 2022/11/02 19:39:50 bsiegert Exp $ d3 1 a3 2 DISTNAME= trufflehog-3.10.3 PKGREVISION= 4 @ 1.8 log @Revbump all Go packages after go119 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.7 2022/10/05 11:33:05 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 3 @ 1.7 log @Revbump all Go packages after go119 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6 2022/09/26 18:40:15 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 2 @ 1.6 log @Revbump all Go packages after 1.19 became default @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.5 2022/09/17 11:03:56 leot Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.5 log @trufflehog: Update to 3.10.3 Changes: 3.10.3 ------ - Use gitparse for unstaged changes. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 2022/09/07 09:32:20 bsiegert Exp $ d4 1 @ 1.4 log @Revbump all Go packages after go118 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.3 2022/09/02 19:28:16 leot Exp $ d3 1 a3 2 DISTNAME= trufflehog-3.10.2 PKGREVISION= 1 @ 1.3 log @trufflehog: Update to 3.10.2 Changes: v3.10.2 ------- What's Changed * Split parsing from reader * Fix Honeycomb detector with older key format * clean up detectors v3.10.1 ------- What's Changed * added new detectors * Enhancement in Gitlab detector * fix and make_protos * [OC-71] - Add helper methods to context to set metatada token values for the API * fix issue in codacy * Fix okta detector v3.10.0 ------- What's Changed * Allow secrets to be passed as env vars * Import 27 new detectors * [THOG-643] Implement independent log level controls * Add common sentry recover library and add into goroutines * added new detectors v3.9.0 ------ What's Changed * Add Honeycomb detector * Feature/scalr detector * added websitepulse detector * added tokeet detector * Feature/salesmate detector * added kanbantool detector * added demio detector * added heatmapapi detector * added getresponse detector * added codeclimate detector * added flightlabs detector * added prodpad detector * added lemlist detector * added formsite detector * added docparser detector * added parseur detector * Added ecostruxureit detector * Added transferwise detector * Added holistic detector * Added twist detector * Added monkeylearn detector * Added gtmetrix detector * Added duply detector * Added braintreepayments detector * added apilayer scanner * added appointed scanner * [bug] - Fix the starting index value for plus line check. v3.8.0 ------ What's Changed * Support scanning binary files in git sources * Add the slack client token to the slack tokens proto * Added support for SSH URIs * Use file handler and common chunker * Add ssh:// URI to docs v3.7.3 ------ * AWS detector should detect with leading '+' * Add hash v2 to results proto. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.2 2022/08/12 20:38:04 bsiegert Exp $ d4 1 @ 1.2 log @Revbump all Go packages after go118 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.1 2022/08/07 22:21:38 leot Exp $ d3 1 a3 2 DISTNAME= trufflehog-3.7.2 PKGREVISION= 1 @ 1.1 log @trufflehog: Import trufflehog-3.7.2 as security/trufflehog TruffleHog find leaked credentials by scanning several sources like Git, GitHub, GitLab, S3, filesystem and syslog. Every potential secret that is detected is verified against API to eliminate false positives. @ text @d1 1 a1 1 # $NetBSD$ d4 1 @