gitlab-secret_detection 0.39.3 → 0.40.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6a02d0b7c32d26cef1d31095f4e6c6f631af09a5414d9ac66f99c39ef93a9da6
-  data.tar.gz: 0b922337af1a13de46f8873da0b8c62bd6cdc3083d72b125ef4ca75dc530f6c6
+  metadata.gz: d8718e7ecd73dde6654d0be612f2601528c52ba6d300dada4436628ddbaaa067
+  data.tar.gz: 63ccb0506b87da6f3bd1546a5c7b6c2be70fdb6b1b188d78754f743947222d22
 SHA512:
-  metadata.gz: 6114cf030e0762cf444e2c087ef1c65563d5f65948a98db511622d2a575ed422d3ef23cc1b91b7f798135e18039241ad4f585007dc3448d758c2f04d5de8d7db
-  data.tar.gz: 1ea5361ad47740f4912a3bfd913e5157ca656190ca107104ed7c12dc186332479b4931a1eb16e57a4a4e227cd17366ff8645ff1deaa632dee0793de5a7c2605c
+  metadata.gz: ab6b941f592cb99cf7fda333886f43979dfb51772cccc873ac0f46729932fd3d1f768d3907b494bc62acf73d9fe376509eec63881a364358fcfe0516cf983a4d
+  data.tar.gz: 9fe37eef71551f5bf1d8c576a07db9cbbd15d8a18c22c3dfc33cf8fc0191f6122cc0862df08df4348fe1ed45e4a2f61e963e73550e1cf9623ef9cc9a5f595023

data/lib/gitlab/secret_detection/core/secret_push_protection_rules.toml

@@ -1,4 +1,4 @@
-# rule-set version: 0.22.1
+# rule-set version: 0.23.0
 # Rules are auto-generated. See https://gitlab.com/gitlab-org/security-products/secret-detection/secret-detection-rules for instructions on updating the rules.
 [[rules]]
 id = 'AdafruitIOKey'
@@ -77,7 +77,7 @@ id = 'AtlassianApiKey'
 regex = '\bATCTT3xFfGN0[0-9A-Za-z_-]{171}=[0-9A-F]{8}\b'
 description = "An Atlassian Admin API Key or Bitbucket Repository Access Token was identified. These API keys allow you to manage your\norganization through the Atlassian Admin APIs.\n\n- For Admin API Keys a malicious actor can take over the entire organization's Atlassian products and services using\n  this key.\n- For Bitbucket Repository Access Tokens, a malicious actor can gain the privileges assigned to the repository token\n  which could be full access to a repository or just read access to certain aspects of the workspace."
 title = 'Atlassian admin API key / Bitbucket repository access token'
-remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke an Atlassian Repository Token:\n\n- At <https://bitbucket.org>, go to the repository the access token was created for\n- On the sidebar, select \"Repository Settings\"\n- On the sidebar, under Security, select \"Access tokens\"\n- Find the access token and select \"Revoke\", then confirm that you want to revoke the token\n\nFor more information on revoking and creating Atlassian Bitbucket Repository Tokens, please see their [documentation](https://support.atlassian.com/bitbucket-cloud/docs/create-a-repository-access-token/).\n\nTo revoke an Atlassian Admin API key:\n\n- Go to <https://admin.atlassian.com>\n- Select your organization if you have more than one\n- Select \"Settings > API keys\"\n- Select \"Revoke\" next to the API key\n\nFor more information on revoking and creating Atlassian Admin API Keys, please see their [documentation](https://support.atlassian.com/organization-administration/docs/manage-an-organization-with-the-admin-apis/)."
+remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke an Atlassian Repository Token:\n\n- At <https://bitbucket.org>, go to the repository the access token was created for\n- In the sidebar, select \"Repository Settings\"\n- In the sidebar, under Security, select \"Access tokens\"\n- Find the access token and select \"Revoke\", then confirm that you want to revoke the token\n\nFor more information on revoking and creating Atlassian Bitbucket Repository Tokens, please see their [documentation](https://support.atlassian.com/bitbucket-cloud/docs/create-a-repository-access-token/).\n\nTo revoke an Atlassian Admin API key:\n\n- Go to <https://admin.atlassian.com>\n- Select your organization if you have more than one\n- Select \"Settings > API keys\"\n- Select \"Revoke\" next to the API key\n\nFor more information on revoking and creating Atlassian Admin API Keys, please see their [documentation](https://support.atlassian.com/organization-administration/docs/manage-an-organization-with-the-admin-apis/)."
 tags = ['gitlab_blocking']
 keywords = ['ATCTT3xFfGN0']
 

data/lib/gitlab/secret_detection/version.rb

@@ -5,7 +5,7 @@ module Gitlab
     class Gem
       # Ensure to maintain the same version in CHANGELOG file.
       # More details available under 'Release Process' section in the README.md file.
-      VERSION = "0.39.3"
+      VERSION = "0.40.0"
 
       # SD_ENV env var is used to determine which environment the
       # server is running. This var is defined in `.runway/env-<env>.yml` files.

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-secret_detection
 version: !ruby/object:Gem::Version
-  version: 0.39.3
+  version: 0.40.0
 platform: ruby
 authors:
 - group::secret detection
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-03-10 00:00:00.000000000 Z
+date: 2026-04-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc