RubyGems - gitlab-secret_detection - Versions diffs - 0.39.2 → 0.40.0 - Mend

gitlab-secret_detection 0.39.2 → 0.40.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/gitlab/secret_detection/core/secret_push_protection_rules.toml +3 -3
data/lib/gitlab/secret_detection/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 73f035d35d4ceca23cc77190ee6acb59e8c26e4a473102a9a56da16d3dc23986
-  data.tar.gz: c6b85135c9f0bd83268bab359efc0b69f33454c371e397fa77be0e5aea5efcb5
+  metadata.gz: d8718e7ecd73dde6654d0be612f2601528c52ba6d300dada4436628ddbaaa067
+  data.tar.gz: 63ccb0506b87da6f3bd1546a5c7b6c2be70fdb6b1b188d78754f743947222d22
 SHA512:
-  metadata.gz: 4b127be2b764b05ae628dadfd0de811fa8d6e893b7d843ce2e60f4fc0af2f247580028350fa970fee5cc6980b71f2882bcc842fb6d5cd50ac3995276112714c6
-  data.tar.gz: 4961476f2092a893b11d82c357ea0e2138ddb07490edab4c207f19157f26ec44060f16e744739554bf0e0365cca38fda2813fd7c53dd01c7d8f9956270722e3a
+  metadata.gz: ab6b941f592cb99cf7fda333886f43979dfb51772cccc873ac0f46729932fd3d1f768d3907b494bc62acf73d9fe376509eec63881a364358fcfe0516cf983a4d
+  data.tar.gz: 9fe37eef71551f5bf1d8c576a07db9cbbd15d8a18c22c3dfc33cf8fc0191f6122cc0862df08df4348fe1ed45e4a2f61e963e73550e1cf9623ef9cc9a5f595023

data/lib/gitlab/secret_detection/core/secret_push_protection_rules.toml CHANGED Viewed

@@ -1,4 +1,4 @@
-# rule-set version: 0.21.2
+# rule-set version: 0.23.0
 # Rules are auto-generated. See https://gitlab.com/gitlab-org/security-products/secret-detection/secret-detection-rules for instructions on updating the rules.
 [[rules]]
 id = 'AdafruitIOKey'
@@ -77,7 +77,7 @@ id = 'AtlassianApiKey'
 regex = '\bATCTT3xFfGN0[0-9A-Za-z_-]{171}=[0-9A-F]{8}\b'
 description = "An Atlassian Admin API Key or Bitbucket Repository Access Token was identified. These API keys allow you to manage your\norganization through the Atlassian Admin APIs.\n\n- For Admin API Keys a malicious actor can take over the entire organization's Atlassian products and services using\n  this key.\n- For Bitbucket Repository Access Tokens, a malicious actor can gain the privileges assigned to the repository token\n  which could be full access to a repository or just read access to certain aspects of the workspace."
 title = 'Atlassian admin API key / Bitbucket repository access token'
-remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke an Atlassian Repository Token:\n\n- At <https://bitbucket.org>, go to the repository the access token was created for\n- On the sidebar, select \"Repository Settings\"\n- On the sidebar, under Security, select \"Access tokens\"\n- Find the access token and select \"Revoke\", then confirm that you want to revoke the token\n\nFor more information on revoking and creating Atlassian Bitbucket Repository Tokens, please see their [documentation](https://support.atlassian.com/bitbucket-cloud/docs/create-a-repository-access-token/).\n\nTo revoke an Atlassian Admin API key:\n\n- Go to <https://admin.atlassian.com>\n- Select your organization if you have more than one\n- Select \"Settings > API keys\"\n- Select \"Revoke\" next to the API key\n\nFor more information on revoking and creating Atlassian Admin API Keys, please see their [documentation](https://support.atlassian.com/organization-administration/docs/manage-an-organization-with-the-admin-apis/)."
+remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke an Atlassian Repository Token:\n\n- At <https://bitbucket.org>, go to the repository the access token was created for\n- In the sidebar, select \"Repository Settings\"\n- In the sidebar, under Security, select \"Access tokens\"\n- Find the access token and select \"Revoke\", then confirm that you want to revoke the token\n\nFor more information on revoking and creating Atlassian Bitbucket Repository Tokens, please see their [documentation](https://support.atlassian.com/bitbucket-cloud/docs/create-a-repository-access-token/).\n\nTo revoke an Atlassian Admin API key:\n\n- Go to <https://admin.atlassian.com>\n- Select your organization if you have more than one\n- Select \"Settings > API keys\"\n- Select \"Revoke\" next to the API key\n\nFor more information on revoking and creating Atlassian Admin API Keys, please see their [documentation](https://support.atlassian.com/organization-administration/docs/manage-an-organization-with-the-admin-apis/)."
 tags = ['gitlab_blocking']
 keywords = ['ATCTT3xFfGN0']
@@ -470,7 +470,7 @@ keywords = ['glimt']
 [[rules]]
 id = 'GrafanaCloudAccessPolicyToken'
-regex = '\bglc_eyJvIjoi[0-9A-Za-z]{120,140}\b'
+regex = "\\b(glc_eyJvIjoi[A-Za-z0-9+\\/]{80,220}={0,2})(?:\\\\['\"rn]|['\"\\x60; \\s]|<\\/|$)"
 description = "A Grafana cloud access policy token was identified. Cloud access policy tokens are used for managing the stacks in\nGrafana. Any tokens defined in the Grafana Administration settings are limited to that Grafana's stack. Depending on the\nassigned scope, a malicious actor with access to this token can read or write metrics, logs, traces, alerts, rules, and\naccess policies."
 title = 'Grafana cloud access policy token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke an access policy token:\n\n- Sign in to your Grafana instance and select \"Administration\" on the left-hand menu\n- Under \"User and access\" select \"Cloud access policies\"\n- Find the token that was identified and select the trash icon.\n\nFor more information, please see [Grafana's documentation on cloud access policies](https://grafana.com/docs/grafana-cloud/account-management/authentication-and-permissions/access-policies/)."

data/lib/gitlab/secret_detection/version.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module Gitlab
     class Gem
       # Ensure to maintain the same version in CHANGELOG file.
       # More details available under 'Release Process' section in the README.md file.
-      VERSION = "0.39.2"
+      VERSION = "0.40.0"
       # SD_ENV env var is used to determine which environment the
       # server is running. This var is defined in `.runway/env-<env>.yml` files.

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-secret_detection
 version: !ruby/object:Gem::Version
-  version: 0.39.2
+  version: 0.40.0
 platform: ruby
 authors:
 - group::secret detection
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-02-19 00:00:00.000000000 Z
+date: 2026-04-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc