gitlab-secret_detection 0.26.1 → 0.27.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 13747d982598b1b92a00fcb7c619bd710265651ad7ba2d8dc7e3e132c5f35a19
|
|
4
|
+
data.tar.gz: 20ae26678fd9eb2caf3540a305ee6be761b9bc8e0a812a0d16b20e33c683bca9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7d6420e0df0c24f7046ccaadb5c9405d9c086011d57ad095410589b195dfae12583d296753220a8408094fe7220192a125d3080678519d346a6447db52bad735
|
|
7
|
+
data.tar.gz: 74488477b8a860c24758946f7fab19b747c8c7ced5a7fa2dfbc04732fed80eaa8a122c54ee397de13502f2b60b6b25b72f7b12b47460e8dc421a8c79b637bdae
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# rule-set version: 0.
|
|
1
|
+
# rule-set version: 0.10.0
|
|
2
2
|
# Rules are auto-generated. See https://gitlab.com/gitlab-org/security-products/secret-detection/secret-detection-rules for instructions on updating the rules.
|
|
3
3
|
[[rules]]
|
|
4
4
|
id = 'Adobe Client Secret'
|
|
@@ -126,6 +126,15 @@ remediation = "For general guidance on handling security incidents with regards
|
|
|
126
126
|
tags = ['gitlab', 'revocation_type', 'gitlab_blocking', 'client_side_sd']
|
|
127
127
|
keywords = ['glpat-']
|
|
128
128
|
|
|
129
|
+
[[rules]]
|
|
130
|
+
id = 'gitlab_personal_access_token_routable_versioned'
|
|
131
|
+
regex = '\bglpat-[0-9a-zA-Z_-]{27,300}\.[0-9a-z]{2}\.[0-9a-z]{2}[0-9a-z]{7}\b'
|
|
132
|
+
description = 'GitLab Personal Access Token (routable)'
|
|
133
|
+
title = 'GitLab Personal Access Token (routable)'
|
|
134
|
+
remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet)."
|
|
135
|
+
tags = ['gitlab', 'revocation_type', 'gitlab_blocking', 'client_side_sd']
|
|
136
|
+
keywords = ['glpat-']
|
|
137
|
+
|
|
129
138
|
[[rules]]
|
|
130
139
|
id = 'gitlab_pipeline_trigger_token'
|
|
131
140
|
regex = '\b(glptt-[0-9a-zA-Z_\-]{40})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)'
|
|
@@ -5,7 +5,7 @@ module Gitlab
|
|
|
5
5
|
class Gem
|
|
6
6
|
# Ensure to maintain the same version in CHANGELOG file.
|
|
7
7
|
# More details available under 'Release Process' section in the README.md file.
|
|
8
|
-
VERSION = "0.
|
|
8
|
+
VERSION = "0.27.0"
|
|
9
9
|
|
|
10
10
|
# SD_ENV env var is used to determine which environment the
|
|
11
11
|
# server is running. This var is defined in `.runway/env-<env>.yml` files.
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: gitlab-secret_detection
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.27.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- group::secret detection
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2025-05-
|
|
13
|
+
date: 2025-05-13 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: grpc
|
|
@@ -316,7 +316,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
316
316
|
requirements:
|
|
317
317
|
- - ">="
|
|
318
318
|
- !ruby/object:Gem::Version
|
|
319
|
-
version: '3.
|
|
319
|
+
version: '3.3'
|
|
320
320
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
321
321
|
requirements:
|
|
322
322
|
- - ">="
|