Comments (8)
Version pinning generally doesn't work with brew
-- so we'd need to specify a release from GitHub downloads. This could be OK as we could then also checksum the file (or check the signature, if there is one).
from caulking.
if we install outside of brew, it'd also mean we can install caulking without admin rights on our machines, which is a huge plus, IMO
from caulking.
FYI that gitleaks
is now at 8.1.1
. It's also looking like this might be more critical to fix given that this has to work for us, and the next time anyone runs an install of it it's going to pull the latest version, breaking the caulking
script. I now can't commit with it installed, for instance.
from caulking.
I think I have this mostly worked out for downloading the 7.6.1
release from GitHub, but I am unsure of the checksum or signature checking part. @pburkholder I can start a draft PR with what I have so far to work off of, or if you have time to pair a bit on this I'd appreciate it. Thanks!
from caulking.
I did start some preliminary work to get things working with the latest release and I think I figured out that path forward as well, but it looks like a lot of the tests will need to be updated, or some other config option(s) toggled that I missed and am unaware of.
from caulking.
FYI that gitleaks
has already updated to 8.2.1
.
from caulking.
A PR is now in place! Thanks, @pburkholder.
from caulking.
PR is merged! We'll revisit gitleaks
in the near future to get it fully updated.
from caulking.
Related Issues (20)
- Ensure $HOME/.aws directory and .*rc, .*profile files are free of AWS access keys HOT 1
- Makefile should be self-documenting
- Local hooks check doesn't know about global config HOT 4
- 'make audit' fails on IPv4 test HOT 2
- Only check files to be committed HOT 3
- repos have hooks.gitleaks error unclear?
- .aws fails false positive? (negative?) HOT 1
- submodule causes caulking error
- Use --no-verify instead of config modification.
- Ignore .png files
- Do not flag bash variables for passwords
- Generic credentials is triggered too easily
- Exclude lockfiles from checks
- caulking should alert on ARNs (AWS Resources) HOT 1
- caulking should fail terraform file that have unobfuscated username
- It should detect multi-line secrets HOT 1
- Caulking should catch concourse passwords in YAML files HOT 3
- Caulking audit should confirm local copy is up-to-date
- Address all GitHub secrets detection alarms
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from caulking.