gitlab-secret_detection 0.3.3 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9400b760bf60e4e2325f872f32df32cb6df32fe55f3fe748eb719d31f63dbbed
-  data.tar.gz: aa5f07d0dd98ce8575384ed3c0f2a11e487eca48b7d3071f8f75bbe46f8a6de4
+  metadata.gz: a24f98710dabdb6384cc73105322372c12125c5caccddec60928dde4a8d86e39
+  data.tar.gz: 6f543facba201e091e553832bbae3d1f296547cea4558146077b15cac9f744d1
 SHA512:
-  metadata.gz: 179340612c29a1de12f315b4f2e5688040e41b561f8b65f5ff2ab4d96ee3e7d651d39990b694a72766641a70147adcc1d6ec9429e19ed5b4d7bc5bd1a4222d5e
-  data.tar.gz: 908349160e79ce825401499fa736f8a617eea773d66334315f36c8db6236ce1c0c8d94eaa3bd4b2e1fa54d2838039c5a951b9a0c20a9d9ef0cd289efec48efdb
+  metadata.gz: e06f9608d8bbb4f9e026eba705668a957215318a8e046a5dfdc97c87ce5569e7357c23040218b1122a459d9939e54fa162d7f7f08528cf99d82ede677b00e4f7
+  data.tar.gz: be989d9f5be6dd86ef752c4eb28b0738c157a844bb1bdb85b520a5f3060702df014090af03776659bb384469c5586b1e697ad1d52189f90c5e9c98afad65eae5

data/README.md

@@ -1,6 +1,6 @@
 # Secret Detection Service
 
-Secret Detection service is primarily responsible for detecting secrets in the given input payloads with RPC methods as the communication interface served via gRPC. 
+Secret Detection service is primarily responsible for detecting secrets in the given input payloads with RPC methods as the communication interface served via gRPC.
 This service will initially be invoked by Rails monolith when performing access checks for Git Push event, and eventually extended for the other usecases too.
 
 Reference Issue: https://gitlab.com/groups/gitlab-org/-/epics/13792
@@ -12,7 +12,7 @@ Reference Issue: https://gitlab.com/groups/gitlab-org/-/epics/13792
 
 ## Feature Distribution
 
-In addition to offering the feature as an gRPC service, this project also includes the provision for distributing the same feature into a Ruby Gem. 
+In addition to offering the feature as an gRPC service, this project also includes the provision for distributing the same feature into a Ruby Gem.
 This provision was added to fulfil [certain limitations](https://gitlab.com/gitlab-org/gitlab/-/issues/462359#note_1915874628). Here's the illustration representing
 the approach:
 
@@ -34,13 +34,13 @@ the approach:
 │   └── templates
 │       ├── build.yml                    # CI jobs for building container image and ruby gems
 │       ├── test.yml                     # CI jobs for running tests
-│       └── release.yml                  # CI jobs for releases related to Ruby gem, GitLab releases 
+│       └── release.yml                  # CI jobs for releases related to Ruby gem, GitLab releases
 ├── lib
 │   └── gitlab
-│       └── secret_detection  
+│       └── secret_detection
 │           ├── version.rb               # Secret Detection Gem release version
 │           ├── core/..                  # Secret detection logic (most of it pulled from existing gem)
-│           └── grpc 
+│           └── grpc
 │               ├── generated/..         # gRPC generated files and secret detection gRPC service
 │               └── scanner_service.rb   # Secret detection gRPC service implementation
 ├── examples
@@ -76,7 +76,7 @@ Usage `make <command>`
 
 ## Generating a ruby gem
 
-In the project directory, run `make gem` command in the terminal that builds a ruby gem(ex: `secret_detection-0.1.0.gem`) in the root of 
+In the project directory, run `make gem` command in the terminal that builds a ruby gem(ex: `secret_detection-0.1.0.gem`) in the root of
 the project directory.
 
 ## Server
@@ -101,7 +101,7 @@ Pre-requisite: gRPC installed on your system (`brew install grpc`)
 
 gRPC server port can be configured via `RPC_SERVER_PORT` environment variable
 
-### Calling gRPC endpoints from terminal 
+### Calling gRPC endpoints from terminal
 
 Pre-requisite:
  - gRPC installed on your system (via `brew install grpc`)
@@ -188,7 +188,7 @@ You should see the following response as a result:
 </details>
 
 
-<details><summary>Example: Using Allowlist and Tags</summary>
+<details><summary>Example: Using Exclusions and Tags</summary>
 
 ```shell
 $ grpcurl -d @ \
@@ -210,13 +210,13 @@ $ grpcurl -d @ \
             "data": "GR1348941__DUMMY_RUNNER_TOKEN"
         }
     ],
-    "allowlist": [
+    "exclusions": [
         {
-            "allow_type": "ALLOW_RULE_TYPE",
+            "exclusion_type": "EXCLUSION_TYPE_RULE",
             "value": "gitlab_personal_access_token"
         },
         {
-            "allow_type": "ALLOW_RAW_VALUE",
+            "exclusion_type": "EXCLUSION_TYPE_RAW_VALUE",
             "value": "glrt-12345123451234512345"
         }
     ],
@@ -252,17 +252,17 @@ You should see the following response as a result:
 **RPC Method:** `gitlab.secret_detection.Scanner/ScanStream`
 **Default Timeout(configurable):** per-request: `180 seconds`, per-payload: `30 seconds`
 
-Bi-directional RPC streaming allows the server to receive a continuous stream of requests and respond with a 
+Bi-directional RPC streaming allows the server to receive a continuous stream of requests and respond with a
 corresponding stream of responses as each request is processed. Unlike unary RPC calls, where requests are sent once and
-the channel closes after a single response, bi-directional streaming keeps the RPC channel open to handle ongoing 
-requests and responses, enabling continuous communication between the client and server. 
+the channel closes after a single response, bi-directional streaming keeps the RPC channel open to handle ongoing
+requests and responses, enabling continuous communication between the client and server.
 
 
 <details><summary>Example</summary>
 
 To try this out, we will accept the request input from STDIN. As on when you provide request input json in the terminal,
-you should see a corresponding server response. The connection will continue to remain open for accepting 
-requests unless you explicitly close the connection with `Ctrl+C`. 
+you should see a corresponding server response. The connection will continue to remain open for accepting
+requests unless you explicitly close the connection with `Ctrl+C`.
 
 Here's the command to start an RPC streaming channel on the terminal:
 
@@ -300,7 +300,7 @@ you should immediately see the Server's response like below:
 }
 ```
 
-You may continue to provide more request inputs to the opened RPC channel to receive corresponding server responses. Features like Allowlisting, Tag filtering works same as outlined under Unary call section.
+You may continue to provide more request inputs to the opened RPC channel to receive corresponding server responses. Features like Exclusions, Tag Filtering works same as outlined under Unary call section.
 
 </details>
 
@@ -328,9 +328,9 @@ Secret Detection service's status can be tracked here: https://gitlab.com/gitlab
 
 #### Changes made in the secret detection logic that were previously not present in the Gem
 
-- [GitLab::SecretDetection::Core::Scanner#initialize(...)](lib/gitlab/secret_detection/core/scanner.rb): To reuse the logic of ruleset parsing from a file source, we parse the ruleset file at once and pass the parsed rules around. So, 
-the `initialize()` method now accepts parsed rules instead of ruleset file path 
+- [GitLab::SecretDetection::Core::Scanner#initialize(...)](lib/gitlab/secret_detection/core/scanner.rb): To reuse the logic of ruleset parsing from a file source, we parse the ruleset file at once and pass the parsed rules around. So,
+the `initialize()` method now accepts parsed rules instead of ruleset file path
 - [GitLab::SecretDetection::Core::Status](lib/gitlab/secret_detection/core/status.rb): `NOT_FOUND` status moved from `0` to `7` since
 gRPC reserves `0` for enums. We need to reflect this change on the Rails side too
-- [GitLab::SecretDetection::Core::Scanner#scan(...)](lib/gitlab/secret_detection/core/scanner.rb): Introduced `rule_exclusions`, `allow_values` and `tags` args to `scan(..)` 
-method to suport allowlist feature
+- [GitLab::SecretDetection::Core::Scanner#scan(...)](lib/gitlab/secret_detection/core/scanner.rb): Introduced `rule_exclusions`, `raw_value_exclusions` and `tags` args to `scan(..)`
+method to suport [exclusions](https://gitlab.com/groups/gitlab-org/-/epics/14315) feature.

data/lib/gitlab/secret_detection/core/scanner.rb

@@ -50,10 +50,10 @@ module GitLab
         # +timeout+:: No of seconds(accepts floating point for smaller time values) to limit the total scan duration
         # +payload_timeout+:: No of seconds(accepts floating point for smaller time values) to limit
         #                  the scan duration on each payload
+        # +raw_value_exclusions:+:: Array of raw values to exclude from the scan.
         # +rule_exclusions+:: Array of rules to exclude from the ruleset used for the scan. Each rule is represented
         #           by its ID. For example: `gitlab_personal_access_token` for representing GitLab Personal Access
         #           Token. By default, no rule is excluded from the ruleset.
-        # +allow_values+:: Array of raw values to exclude from the scan.
         # +tags+:: Array of tag values to filter from the default ruleset when determining the rules used for the scan.
         #           For example: Add `gitlab_blocking` to include only rules for Push Protection. Defaults to
         #           [`gitlab_blocking`] (+DEFAULT_PATTERN_MATCHER_TAGS+).
@@ -68,8 +68,8 @@ module GitLab
           payloads,
           timeout: DEFAULT_SCAN_TIMEOUT_SECS,
           payload_timeout: DEFAULT_PAYLOAD_TIMEOUT_SECS,
+          raw_value_exclusions: [],
           rule_exclusions: [],
-          allow_values: [],
           tags: DEFAULT_PATTERN_MATCHER_TAGS
         )
 
@@ -90,7 +90,7 @@ module GitLab
             secrets = run_scan(
               payloads: matched_payloads, payload_timeout:,
               pattern_matcher: build_pattern_matcher(tags:),
-              allow_values:, rule_exclusions:
+              raw_value_exclusions:, rule_exclusions:
             )
 
             scan_status = overall_scan_status(secrets)
@@ -189,13 +189,13 @@ module GitLab
         # literal values to exclude from the input before the scan, also SD rules to exclude during
         # the scan when performed on the payloads.
         def run_scan(
-          payloads:, payload_timeout:, pattern_matcher:, allow_values: [], rule_exclusions: [])
+          payloads:, payload_timeout:, pattern_matcher:, raw_value_exclusions: [], rule_exclusions: [])
           payloads.flat_map do |payload|
             Timeout.timeout(payload_timeout) do
               find_secrets_in_payload(
                 payload:,
                 pattern_matcher:,
-                allow_values:, rule_exclusions:
+                raw_value_exclusions:, rule_exclusions:
               )
             end
           rescue Timeout::Error => e
@@ -208,14 +208,14 @@ module GitLab
         # Finds secrets in the given payload guarded with a timeout as a circuit breaker. It accepts
         # literal values to exclude from the input before the scan, also SD rules to exclude during
         # the scan.
-        def find_secrets_in_payload(payload:, pattern_matcher:, allow_values: [], rule_exclusions: [])
+        def find_secrets_in_payload(payload:, pattern_matcher:, raw_value_exclusions: [], rule_exclusions: [])
           findings = []
 
           payload.data
                  .each_line($INPUT_RECORD_SEPARATOR, chomp: true)
                  .each_with_index do |line, index|
-            unless allow_values.empty?
-              allow_values.each do |value|
+            unless raw_value_exclusions.empty?
+              raw_value_exclusions.each do |value|
                 line.gsub!(value, '') # replace input that doesn't contain allowed value in it
               end
             end

data/lib/gitlab/secret_detection/grpc/generated/secret_detection_pb.rb

@@ -5,7 +5,7 @@
 require 'google/protobuf'
 
 
-descriptor_data = "\n\x16secret_detection.proto\x12\x17gitlab.secret_detection\"\xdb\x03\n\x0bScanRequest\x12>\n\x08payloads\x18\x01 \x03(\x0b\x32,.gitlab.secret_detection.ScanRequest.Payload\x12\x19\n\x0ctimeout_secs\x18\x02 \x01(\x02H\x00\x88\x01\x01\x12!\n\x14payload_timeout_secs\x18\x03 \x01(\x02H\x01\x88\x01\x01\x12\x42\n\tallowlist\x18\x04 \x03(\x0b\x32/.gitlab.secret_detection.ScanRequest.AllowEntry\x12\x0c\n\x04tags\x18\x05 \x03(\t\x1a#\n\x07Payload\x12\n\n\x02id\x18\x01 \x01(\t\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\t\x1a_\n\nAllowEntry\x12\x42\n\nallow_type\x18\x01 \x01(\x0e\x32..gitlab.secret_detection.ScanRequest.AllowType\x12\r\n\x05value\x18\x02 \x01(\t\"L\n\tAllowType\x12\x15\n\x11\x41LLOW_UNSPECIFIED\x10\x00\x12\x13\n\x0f\x41LLOW_RULE_TYPE\x10\x01\x12\x13\n\x0f\x41LLOW_RAW_VALUE\x10\x02\x42\x0f\n\r_timeout_secsB\x17\n\x15_payload_timeout_secs\"\xe3\x04\n\x0cScanResponse\x12\x12\n\x05\x65rror\x18\x01 \x01(\tH\x00\x88\x01\x01\x12>\n\x07results\x18\x02 \x03(\x0b\x32-.gitlab.secret_detection.ScanResponse.Finding\x12<\n\x06status\x18\x03 \x01(\x0e\x32,.gitlab.secret_detection.ScanResponse.Status\x1a\xe9\x01\n\x07\x46inding\x12\x12\n\npayload_id\x18\x01 \x01(\t\x12<\n\x06status\x18\x02 \x01(\x0e\x32,.gitlab.secret_detection.ScanResponse.Status\x12\x11\n\x04type\x18\x03 \x01(\tH\x00\x88\x01\x01\x12\x18\n\x0b\x64\x65scription\x18\x04 \x01(\tH\x01\x88\x01\x01\x12\x18\n\x0bline_number\x18\x05 \x01(\x05H\x02\x88\x01\x01\x12\x12\n\x05\x65rror\x18\x06 \x01(\tH\x03\x88\x01\x01\x42\x07\n\x05_typeB\x0e\n\x0c_descriptionB\x0e\n\x0c_line_numberB\x08\n\x06_error\"\xca\x01\n\x06Status\x12\x16\n\x12STATUS_UNSPECIFIED\x10\x00\x12\x10\n\x0cSTATUS_FOUND\x10\x01\x12\x1c\n\x18STATUS_FOUND_WITH_ERRORS\x10\x02\x12\x17\n\x13STATUS_SCAN_TIMEOUT\x10\x03\x12\x1a\n\x16STATUS_PAYLOAD_TIMEOUT\x10\x04\x12\x15\n\x11STATUS_SCAN_ERROR\x10\x05\x12\x16\n\x12STATUS_INPUT_ERROR\x10\x06\x12\x14\n\x10STATUS_NOT_FOUND\x10\x07\x42\x08\n\x06_error2\xc1\x01\n\x07Scanner\x12U\n\x04Scan\x12$.gitlab.secret_detection.ScanRequest\x1a%.gitlab.secret_detection.ScanResponse\"\x00\x12_\n\nScanStream\x12$.gitlab.secret_detection.ScanRequest\x1a%.gitlab.secret_detection.ScanResponse\"\x00(\x01\x30\x01\x42 \xea\x02\x1dGitLab::SecretDetection::GRPCb\x06proto3"
+descriptor_data = "\n\x16secret_detection.proto\x12\x17gitlab.secret_detection\"\xfc\x03\n\x0bScanRequest\x12>\n\x08payloads\x18\x01 \x03(\x0b\x32,.gitlab.secret_detection.ScanRequest.Payload\x12\x19\n\x0ctimeout_secs\x18\x02 \x01(\x02H\x00\x88\x01\x01\x12!\n\x14payload_timeout_secs\x18\x03 \x01(\x02H\x01\x88\x01\x01\x12\x42\n\nexclusions\x18\x04 \x03(\x0b\x32..gitlab.secret_detection.ScanRequest.Exclusion\x12\x0c\n\x04tags\x18\x05 \x03(\t\x1a#\n\x07Payload\x12\n\n\x02id\x18\x01 \x01(\t\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\t\x1a\x66\n\tExclusion\x12J\n\x0e\x65xclusion_type\x18\x01 \x01(\x0e\x32\x32.gitlab.secret_detection.ScanRequest.ExclusionType\x12\r\n\x05value\x18\x02 \x01(\t\"f\n\rExclusionType\x12\x1e\n\x1a\x45XCLUSION_TYPE_UNSPECIFIED\x10\x00\x12\x17\n\x13\x45XCLUSION_TYPE_RULE\x10\x01\x12\x1c\n\x18\x45XCLUSION_TYPE_RAW_VALUE\x10\x02\x42\x0f\n\r_timeout_secsB\x17\n\x15_payload_timeout_secs\"\xe3\x04\n\x0cScanResponse\x12\x12\n\x05\x65rror\x18\x01 \x01(\tH\x00\x88\x01\x01\x12>\n\x07results\x18\x02 \x03(\x0b\x32-.gitlab.secret_detection.ScanResponse.Finding\x12<\n\x06status\x18\x03 \x01(\x0e\x32,.gitlab.secret_detection.ScanResponse.Status\x1a\xe9\x01\n\x07\x46inding\x12\x12\n\npayload_id\x18\x01 \x01(\t\x12<\n\x06status\x18\x02 \x01(\x0e\x32,.gitlab.secret_detection.ScanResponse.Status\x12\x11\n\x04type\x18\x03 \x01(\tH\x00\x88\x01\x01\x12\x18\n\x0b\x64\x65scription\x18\x04 \x01(\tH\x01\x88\x01\x01\x12\x18\n\x0bline_number\x18\x05 \x01(\x05H\x02\x88\x01\x01\x12\x12\n\x05\x65rror\x18\x06 \x01(\tH\x03\x88\x01\x01\x42\x07\n\x05_typeB\x0e\n\x0c_descriptionB\x0e\n\x0c_line_numberB\x08\n\x06_error\"\xca\x01\n\x06Status\x12\x16\n\x12STATUS_UNSPECIFIED\x10\x00\x12\x10\n\x0cSTATUS_FOUND\x10\x01\x12\x1c\n\x18STATUS_FOUND_WITH_ERRORS\x10\x02\x12\x17\n\x13STATUS_SCAN_TIMEOUT\x10\x03\x12\x1a\n\x16STATUS_PAYLOAD_TIMEOUT\x10\x04\x12\x15\n\x11STATUS_SCAN_ERROR\x10\x05\x12\x16\n\x12STATUS_INPUT_ERROR\x10\x06\x12\x14\n\x10STATUS_NOT_FOUND\x10\x07\x42\x08\n\x06_error2\xc1\x01\n\x07Scanner\x12U\n\x04Scan\x12$.gitlab.secret_detection.ScanRequest\x1a%.gitlab.secret_detection.ScanResponse\"\x00\x12_\n\nScanStream\x12$.gitlab.secret_detection.ScanRequest\x1a%.gitlab.secret_detection.ScanResponse\"\x00(\x01\x30\x01\x42 \xea\x02\x1dGitLab::SecretDetection::GRPCb\x06proto3"
 
 pool = Google::Protobuf::DescriptorPool.generated_pool
 pool.add_serialized_file(descriptor_data)
@@ -15,8 +15,8 @@ module GitLab
     module GRPC
       ScanRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("gitlab.secret_detection.ScanRequest").msgclass
       ScanRequest::Payload = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("gitlab.secret_detection.ScanRequest.Payload").msgclass
-      ScanRequest::AllowEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("gitlab.secret_detection.ScanRequest.AllowEntry").msgclass
-      ScanRequest::AllowType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("gitlab.secret_detection.ScanRequest.AllowType").enummodule
+      ScanRequest::Exclusion = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("gitlab.secret_detection.ScanRequest.Exclusion").msgclass
+      ScanRequest::ExclusionType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("gitlab.secret_detection.ScanRequest.ExclusionType").enummodule
       ScanResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("gitlab.secret_detection.ScanResponse").msgclass
       ScanResponse::Finding = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("gitlab.secret_detection.ScanResponse.Finding").msgclass
       ScanResponse::Status = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("gitlab.secret_detection.ScanResponse.Status").enummodule

data/lib/gitlab/secret_detection/grpc/scanner_service.rb

@@ -39,8 +39,8 @@ module GitLab
 
         ERROR_MESSAGES = {
           invalid_payload_fields: "Payload should not contain empty `id` and `data` fields",
-          allowlist_empty_value: "Allowlist entry value cannot be empty",
-          allowlist_invalid_type: "Invalid Allowlist entry type",
+          exclusion_empty_value: "Exclusion value cannot be empty",
+          exclusion_invalid_type: "Invalid exclusion type",
           invalid_timeout_range: "Timeout value should be > 0 and <= #{MAX_ALLOWED_TIMEOUT_SECONDS} seconds"
         }.freeze
 
@@ -62,21 +62,22 @@ module GitLab
 
           payloads = request.payloads.to_a
 
+          raw_value_exclusions = []
           rule_exclusions = []
-          allow_values = []
-          request.allowlist&.each do |entry|
-            case entry.allow_type
-            when :ALLOW_RULE_TYPE
-              rule_exclusions << entry.value
-            when :ALLOW_RAW_VALUE
-              allow_values << entry.value
+
+          request.exclusions&.each do |exclusion|
+            case exclusion.type
+            when :EXCLUSION_TYPE_RAW_VALUE
+              raw_value_exclusions << exclusion.value
+            when :EXCLUSION_TYPE_RULE
+              rule_exclusions << exclusion.value
             end
           end
 
           result = scanner.secrets_scan(
             payloads,
+            raw_value_exclusions:,
             rule_exclusions:,
-            allow_values:,
             tags: request.tags.to_a,
             timeout: request.timeout_secs,
             payload_timeout: request.payload_timeout_secs
@@ -103,10 +104,10 @@ module GitLab
         # validates grpc request body
         def validate_request(request)
           # check for non-blank values and allowed types
-          request.allowlist&.each do |entry|
-            if entry.value.empty?
-              raise ::GRPC::InvalidArgument.new(ERROR_MESSAGES[:allowlist_empty_value],
-                { field: "allowlist.value" })
+          request.exclusions&.each do |exclusion|
+            if exclusion.value.empty?
+              raise ::GRPC::InvalidArgument.new(ERROR_MESSAGES[:exclusion_empty_value],
+                { field: "exclusion.value" })
             end
           end
 

data/proto/secret_detection.proto

@@ -15,15 +15,15 @@ message ScanRequest {
   }
 
   // Either provide rule type or a particular value to allow during the scan
-  message AllowEntry {
-    AllowType allow_type = 1;
+  message Exclusion {
+    ExclusionType exclusion_type = 1;
     string value = 2;
   }
 
-  enum AllowType {
-    ALLOW_UNSPECIFIED = 0;
-    ALLOW_RULE_TYPE = 1; // Rule ID to exclude
-    ALLOW_RAW_VALUE = 2; // Raw value to exclude
+  enum ExclusionType {
+    EXCLUSION_TYPE_UNSPECIFIED = 0;
+    EXCLUSION_TYPE_RULE = 1; // Rule ID to exclude
+    EXCLUSION_TYPE_RAW_VALUE = 2; // Raw value to exclude
   }
 
   repeated Payload payloads = 1; // Array of payloads to scan
@@ -33,7 +33,7 @@ message ScanRequest {
   // Scan timeout on each payload . Value is represented in seconds, accepts float values to represent smaller
   // unit values. Default is 30 seconds.
   optional float payload_timeout_secs = 3;
-  repeated AllowEntry allowlist = 4; // Optional. Array of rule-types/raw-values to exclude from being considered during scan.
+  repeated Exclusion exclusions = 4; // Optional. Array of rule-types/raw-values to exclude from being considered during scan.
   repeated string tags = 5; // Optional. Array of rule tags to consider for scan. Ex: ["gitlab_blocking"]
 }
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-secret_detection
 version: !ruby/object:Gem::Version
-  version: 0.3.3
+  version: 0.4.0
 platform: ruby
 authors:
 - group::secret detection
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-09-26 00:00:00.000000000 Z
+date: 2024-09-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc