{"id":20700,"name":"gitleaks/gitleaks","ecosystem":"docker","repository_url":null,"issues_count":10,"created_at":"2025-06-07T02:13:39.107Z","updated_at":"2025-06-07T02:13:39.107Z","purl":"pkg:docker/gitleaks/gitleaks","unique_repositories_count":1,"unique_repositories_count_past_30_days":1,"recent_issues":[{"uuid":"2577718987","node_id":"PR_kwDONj2Hx86ZpN7L","number":311,"state":"open","title":"Bump gitleaks/gitleaks from v8.27.0 to v8.27.2 in /.github/actions/gitleaks","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-09T08:10:17.000Z","updated_at":"2025-06-09T08:10:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.27.0","new_version":"v8.27.2","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":"/.github/actions/gitleaks","ecosystem":"docker"},"body":"Bumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.27.0 to v8.27.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.27.2\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ec7acf33 Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e9faaa4a Add experimental allowlist optimizations (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1731\"\u003e#1731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e79068b3 Detect Notion Public API Keys \u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1889\"\u003e#1889\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1890\"\u003e#1890\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.27.1\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e80468ef Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003eef82237 fix(atlassian): reduce false-positives for v1 pattern (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1892\"\u003e#1892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e2463f11 Fix log suppresion issue (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1887\"\u003e#1887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f251ee Added Heroku API Key New Version (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1883\"\u003e#1883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e20f9a1d Add Platform Bitbucket (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1886\"\u003e#1886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e722ce82 Add Platform Gitea (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1884\"\u003e#1884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e79780b8 Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003ec5683ca prevent default warn message when max-archive-depth not set (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1881\"\u003e#1881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0357c3c prevent default warn message when max-archive-depth not set\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/c7acf33d962e8effc070072f993c365af19e3661\"\u003e\u003ccode\u003ec7acf33\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/9faaa4a09c44dec3e4e85ff9f1e45acf757042f5\"\u003e\u003ccode\u003e9faaa4a\u003c/code\u003e\u003c/a\u003e Add experimental allowlist optimizations (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1731\"\u003e#1731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/79068b35e597e5fb32d68a72e3116ce624f9ad29\"\u003e\u003ccode\u003e79068b3\u003c/code\u003e\u003c/a\u003e Detect Notion Public API Keys \u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1889\"\u003e#1889\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1890\"\u003e#1890\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/80468eff1da1824c161c53f85eb460d5c29a02ad\"\u003e\u003ccode\u003e80468ef\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/ef8223700a18832a5b3d3f9455878f715b1bc66b\"\u003e\u003ccode\u003eef82237\u003c/code\u003e\u003c/a\u003e fix(atlassian): reduce false-positives for v1 pattern (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1892\"\u003e#1892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/2463f11e7156aa042e0620d7171064c405764876\"\u003e\u003ccode\u003e2463f11\u003c/code\u003e\u003c/a\u003e Fix log suppresion issue (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1887\"\u003e#1887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/6f251eef65b76d0078d0583672385d4657ad7a87\"\u003e\u003ccode\u003e6f251ee\u003c/code\u003e\u003c/a\u003e Added Heroku API Key New Version (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1883\"\u003e#1883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/20f9a1d4eb32c81d4ee8798090a2703f70f98c0b\"\u003e\u003ccode\u003e20f9a1d\u003c/code\u003e\u003c/a\u003e Add Platform Bitbucket (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1886\"\u003e#1886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/722ce8213aae1fcc9163c751872eb5dbec9f9543\"\u003e\u003ccode\u003e722ce82\u003c/code\u003e\u003c/a\u003e Add Platform Gitea (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1884\"\u003e#1884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/79780b884d92a08984e0f1cf237867bac7c346f8\"\u003e\u003ccode\u003e79780b8\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.27.0...v8.27.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.27.0\u0026new-version=v8.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/311","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/311","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/311/packages"},{"uuid":"2577691473","node_id":"PR_kwDONj2Hx86ZpHNR","number":309,"state":"closed","title":"Bump gitleaks/gitleaks from v8.27.0 to v8.27.2","user":"dependabot[bot]","labels":["dependencies","size/XS","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-06-09T10:31:27.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-09T07:57:37.000Z","updated_at":"2025-06-09T10:31:27.000Z","time_to_close":9230,"merged_at":"2025-06-09T10:31:27.000Z","merged_by":"dependabot[bot]","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.27.0","new_version":"v8.27.2","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":null,"ecosystem":"docker"},"body":"Bumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.27.0 to v8.27.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.27.2\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ec7acf33 Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e9faaa4a Add experimental allowlist optimizations (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1731\"\u003e#1731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e79068b3 Detect Notion Public API Keys \u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1889\"\u003e#1889\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1890\"\u003e#1890\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.27.1\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e80468ef Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003eef82237 fix(atlassian): reduce false-positives for v1 pattern (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1892\"\u003e#1892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e2463f11 Fix log suppresion issue (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1887\"\u003e#1887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f251ee Added Heroku API Key New Version (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1883\"\u003e#1883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e20f9a1d Add Platform Bitbucket (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1886\"\u003e#1886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e722ce82 Add Platform Gitea (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1884\"\u003e#1884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e79780b8 Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003ec5683ca prevent default warn message when max-archive-depth not set (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1881\"\u003e#1881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0357c3c prevent default warn message when max-archive-depth not set\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/c7acf33d962e8effc070072f993c365af19e3661\"\u003e\u003ccode\u003ec7acf33\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/9faaa4a09c44dec3e4e85ff9f1e45acf757042f5\"\u003e\u003ccode\u003e9faaa4a\u003c/code\u003e\u003c/a\u003e Add experimental allowlist optimizations (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1731\"\u003e#1731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/79068b35e597e5fb32d68a72e3116ce624f9ad29\"\u003e\u003ccode\u003e79068b3\u003c/code\u003e\u003c/a\u003e Detect Notion Public API Keys \u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1889\"\u003e#1889\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1890\"\u003e#1890\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/80468eff1da1824c161c53f85eb460d5c29a02ad\"\u003e\u003ccode\u003e80468ef\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/ef8223700a18832a5b3d3f9455878f715b1bc66b\"\u003e\u003ccode\u003eef82237\u003c/code\u003e\u003c/a\u003e fix(atlassian): reduce false-positives for v1 pattern (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1892\"\u003e#1892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/2463f11e7156aa042e0620d7171064c405764876\"\u003e\u003ccode\u003e2463f11\u003c/code\u003e\u003c/a\u003e Fix log suppresion issue (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1887\"\u003e#1887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/6f251eef65b76d0078d0583672385d4657ad7a87\"\u003e\u003ccode\u003e6f251ee\u003c/code\u003e\u003c/a\u003e Added Heroku API Key New Version (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1883\"\u003e#1883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/20f9a1d4eb32c81d4ee8798090a2703f70f98c0b\"\u003e\u003ccode\u003e20f9a1d\u003c/code\u003e\u003c/a\u003e Add Platform Bitbucket (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1886\"\u003e#1886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/722ce8213aae1fcc9163c751872eb5dbec9f9543\"\u003e\u003ccode\u003e722ce82\u003c/code\u003e\u003c/a\u003e Add Platform Gitea (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1884\"\u003e#1884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/79780b884d92a08984e0f1cf237867bac7c346f8\"\u003e\u003ccode\u003e79780b8\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.27.0...v8.27.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.27.0\u0026new-version=v8.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/309","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/309","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/309/packages"},{"uuid":"2559671387","node_id":"PR_kwDONj2Hx86YkXxb","number":304,"state":"closed","title":"Bump gitleaks/gitleaks from v8.26.0 to v8.27.0 in /.github/actions/gitleaks","user":"dependabot[bot]","labels":["dependencies","size/XS","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-02T09:09:27.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-02T07:59:27.000Z","updated_at":"2025-06-02T09:09:28.000Z","time_to_close":4200,"merged_at":"2025-06-02T09:09:27.000Z","merged_by":"dependabot[bot]","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.26.0","new_version":"v8.27.0","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":"/.github/actions/gitleaks","ecosystem":"docker"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.26.0 to v8.27.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.27.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e782f310 Archive support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1872\"\u003e#1872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e489d13c Update README.md\u003c/li\u003e\n\u003cli\u003ed29ee55 Reduce aws-access-token false positives (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1876\"\u003e#1876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e611db65 Set \u003ccode\u003epass_filenames\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e for Docker hook (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1850\"\u003e#1850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0589ae0 unicode decoding (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1854\"\u003e#1854\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e82f7e32 Diagnostics (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1856\"\u003e#1856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ef97a9ee chore: include decoder in debug log (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1853\"\u003e#1853\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGot another \u003ca href=\"https://github.com/bplaxco\"\u003e\u003ccode\u003e@​bplaxco\u003c/code\u003e\u003c/a\u003e release. Cheers!\u003c/p\u003e\n\u003ch4\u003eArchive Scanning\u003c/h4\u003e\n\u003cp\u003eSometimes secrets are packaged within archive files like zip files or tarballs,\nmaking them difficult to discover. Now you can tell gitleaks to automatically\nextract and scan the contents of archives. The flag \u003ccode\u003e--max-archive-depth\u003c/code\u003e\nenables this feature for both \u003ccode\u003edir\u003c/code\u003e and \u003ccode\u003egit\u003c/code\u003e scan types. The default value of\n\u0026quot;0\u0026quot; means this feature is disabled by default.\u003c/p\u003e\n\u003cp\u003eRecursive scanning is supported since archives can also contain other archives.\nThe \u003ccode\u003e--max-archive-depth\u003c/code\u003e flag sets the recursion limit. Recursion stops when\nthere are no new archives to extract, so setting a very high max depth just\nsets the potential to go that deep. It will only go as deep as it needs to.\u003c/p\u003e\n\u003cp\u003eThe findings for secrets located within an archive will include the path to the\nfile inside the archive. Inner paths are separated with \u003ccode\u003e!\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eExample finding (shortened for brevity):\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFinding:     DB_PASSWORD=8ae31cacf141669ddfb5da\n...\nFile:        testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod\nLine:        4\nCommit:      6e6ee6596d337bb656496425fb98644eb62b4a82\n...\nFingerprint: 6e6ee6596d337bb656496425fb98644eb62b4a82:testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod:generic-api-key:4\nLink:        https://github.com/leaktk/gitleaks/blob/6e6ee6596d337bb656496425fb98644eb62b4a82/testdata/archives/nested.tar.gz\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThis means a secret was detected on line 4 of \u003ccode\u003efiles/.env.prod.\u003c/code\u003e which is in\n\u003ccode\u003earchives/files.tar\u003c/code\u003e which is in \u003ccode\u003etestdata/archives/nested.tar.gz\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eCurrently supported formats:\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://github.com/mholt/archives?tab=readme-ov-file#supported-compression-formats\"\u003ecompression\u003c/a\u003e\nand \u003ca href=\"https://github.com/mholt/archives?tab=readme-ov-file#supported-archive-formats\"\u003earchive\u003c/a\u003e\nformats supported by mholt's \u003ca href=\"https://github.com/mholt/archives\"\u003earchives package\u003c/a\u003e\nare supported.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/782f3104786efdce0f809bce8a9ff31f2fa1c9ed\"\u003e\u003ccode\u003e782f310\u003c/code\u003e\u003c/a\u003e Archive support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1872\"\u003e#1872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/489d13c14ee69d31a048cb41855a678105137004\"\u003e\u003ccode\u003e489d13c\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/d29ee5517128b093810915bb0a3a3aa7190fc0af\"\u003e\u003ccode\u003ed29ee55\u003c/code\u003e\u003c/a\u003e Reduce aws-access-token false positives (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1876\"\u003e#1876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/611db6579b59e10f4016c433e2a1196cb2786b76\"\u003e\u003ccode\u003e611db65\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003epass_filenames\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e for Docker hook (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1850\"\u003e#1850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/0589ae0298409c937eef072f14aa43ce72aaa89c\"\u003e\u003ccode\u003e0589ae0\u003c/code\u003e\u003c/a\u003e unicode decoding (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1854\"\u003e#1854\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/82f7e32b71d2d393fdcde845f811d9747cb2f7cf\"\u003e\u003ccode\u003e82f7e32\u003c/code\u003e\u003c/a\u003e Diagnostics (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1856\"\u003e#1856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/f97a9ee8721adb78de4081c89d1885b88e96692e\"\u003e\u003ccode\u003ef97a9ee\u003c/code\u003e\u003c/a\u003e chore: include decoder in debug log (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1853\"\u003e#1853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.26.0...v8.27.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.26.0\u0026new-version=v8.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/304","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/304","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/304/packages"},{"uuid":"2559671108","node_id":"PR_kwDONj2Hx86YkXtE","number":303,"state":"open","title":"Bump gitleaks/gitleaks from v8.26.0 to v8.27.0","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-02T07:59:19.000Z","updated_at":"2025-06-02T07:59:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.26.0","new_version":"v8.27.0","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":null,"ecosystem":"docker"},"body":"Bumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.26.0 to v8.27.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.27.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e782f310 Archive support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1872\"\u003e#1872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e489d13c Update README.md\u003c/li\u003e\n\u003cli\u003ed29ee55 Reduce aws-access-token false positives (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1876\"\u003e#1876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e611db65 Set \u003ccode\u003epass_filenames\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e for Docker hook (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1850\"\u003e#1850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0589ae0 unicode decoding (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1854\"\u003e#1854\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e82f7e32 Diagnostics (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1856\"\u003e#1856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ef97a9ee chore: include decoder in debug log (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1853\"\u003e#1853\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGot another \u003ca href=\"https://github.com/bplaxco\"\u003e\u003ccode\u003e@​bplaxco\u003c/code\u003e\u003c/a\u003e release. Cheers!\u003c/p\u003e\n\u003ch4\u003eArchive Scanning\u003c/h4\u003e\n\u003cp\u003eSometimes secrets are packaged within archive files like zip files or tarballs,\nmaking them difficult to discover. Now you can tell gitleaks to automatically\nextract and scan the contents of archives. The flag \u003ccode\u003e--max-archive-depth\u003c/code\u003e\nenables this feature for both \u003ccode\u003edir\u003c/code\u003e and \u003ccode\u003egit\u003c/code\u003e scan types. The default value of\n\u0026quot;0\u0026quot; means this feature is disabled by default.\u003c/p\u003e\n\u003cp\u003eRecursive scanning is supported since archives can also contain other archives.\nThe \u003ccode\u003e--max-archive-depth\u003c/code\u003e flag sets the recursion limit. Recursion stops when\nthere are no new archives to extract, so setting a very high max depth just\nsets the potential to go that deep. It will only go as deep as it needs to.\u003c/p\u003e\n\u003cp\u003eThe findings for secrets located within an archive will include the path to the\nfile inside the archive. Inner paths are separated with \u003ccode\u003e!\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eExample finding (shortened for brevity):\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFinding:     DB_PASSWORD=8ae31cacf141669ddfb5da\n...\nFile:        testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod\nLine:        4\nCommit:      6e6ee6596d337bb656496425fb98644eb62b4a82\n...\nFingerprint: 6e6ee6596d337bb656496425fb98644eb62b4a82:testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod:generic-api-key:4\nLink:        https://github.com/leaktk/gitleaks/blob/6e6ee6596d337bb656496425fb98644eb62b4a82/testdata/archives/nested.tar.gz\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThis means a secret was detected on line 4 of \u003ccode\u003efiles/.env.prod.\u003c/code\u003e which is in\n\u003ccode\u003earchives/files.tar\u003c/code\u003e which is in \u003ccode\u003etestdata/archives/nested.tar.gz\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eCurrently supported formats:\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://github.com/mholt/archives?tab=readme-ov-file#supported-compression-formats\"\u003ecompression\u003c/a\u003e\nand \u003ca href=\"https://github.com/mholt/archives?tab=readme-ov-file#supported-archive-formats\"\u003earchive\u003c/a\u003e\nformats supported by mholt's \u003ca href=\"https://github.com/mholt/archives\"\u003earchives package\u003c/a\u003e\nare supported.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/782f3104786efdce0f809bce8a9ff31f2fa1c9ed\"\u003e\u003ccode\u003e782f310\u003c/code\u003e\u003c/a\u003e Archive support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1872\"\u003e#1872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/489d13c14ee69d31a048cb41855a678105137004\"\u003e\u003ccode\u003e489d13c\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/d29ee5517128b093810915bb0a3a3aa7190fc0af\"\u003e\u003ccode\u003ed29ee55\u003c/code\u003e\u003c/a\u003e Reduce aws-access-token false positives (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1876\"\u003e#1876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/611db6579b59e10f4016c433e2a1196cb2786b76\"\u003e\u003ccode\u003e611db65\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003epass_filenames\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e for Docker hook (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1850\"\u003e#1850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/0589ae0298409c937eef072f14aa43ce72aaa89c\"\u003e\u003ccode\u003e0589ae0\u003c/code\u003e\u003c/a\u003e unicode decoding (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1854\"\u003e#1854\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/82f7e32b71d2d393fdcde845f811d9747cb2f7cf\"\u003e\u003ccode\u003e82f7e32\u003c/code\u003e\u003c/a\u003e Diagnostics (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1856\"\u003e#1856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/f97a9ee8721adb78de4081c89d1885b88e96692e\"\u003e\u003ccode\u003ef97a9ee\u003c/code\u003e\u003c/a\u003e chore: include decoder in debug log (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1853\"\u003e#1853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.26.0...v8.27.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.26.0\u0026new-version=v8.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/303","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/303","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/303/packages"},{"uuid":"2527967492","node_id":"PR_kwDONj2Hx86WrbkE","number":271,"state":"closed","title":"Bump gitleaks/gitleaks from v8.25.1 to v8.26.0 in /.github/actions/gitleaks","user":"dependabot[bot]","labels":["dependencies","size/XS","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-05-19T08:41:33.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-05-19T08:23:49.000Z","updated_at":"2025-05-19T08:41:33.000Z","time_to_close":1064,"merged_at":"2025-05-19T08:41:33.000Z","merged_by":"dependabot[bot]","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.25.1","new_version":"v8.26.0","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":"/.github/actions/gitleaks","ecosystem":"docker"},"body":"Bumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.25.1 to v8.26.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.26.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e78eebac Percent/URL Decoding Support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1831\"\u003e#1831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f967ca fix(kubernetes): remove slow element from pat (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1848\"\u003e#1848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e88f56d3 feat: identify slow file (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e9609928 rm 1password detect test since we test it in cfg gen\u003c/li\u003e\n\u003cli\u003e23cb69f feat(rules): Add 1Password secret key detection (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1834\"\u003e#1834\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCalling this one \u003ca href=\"https://github.com/bplaxco\"\u003e\u003ccode\u003e@​bplaxco\u003c/code\u003e\u003c/a\u003e's release as he introduced a really clever method for mixed decoding without sacrificing too much performance. As I stated in his PR, I think he's either a wizard or some time traveling AI. Dude \u003ca href=\"https://www.youtube.com/watch?v=hIdsjNGCGz4\"\u003eis wicked smaht\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAnyways, Gitleaks now supports the following decoders: \u003ccode\u003ehex\u003c/code\u003e, \u003ccode\u003epercent(url enconding)\u003c/code\u003e, and \u003ccode\u003eb64\u003c/code\u003e. It's relatively straight forward to add a new decoder so if you're motivated, community contributions are welcomed!\u003c/p\u003e\n\u003cp\u003eHere's an example:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e~/code/gitleaks-org/gitleaks (master) cat decode.txt\ntext below\naGVsbG8sIHdvcmxkIQ%3D%3D%0A\ntext above\n~/code/gitleaks-org/gitleaks (master) ./gitleaks dir decode.txt --max-decode-depth=2 --log-level=debug\n\u003cpre\u003e\u003ccode\u003e○\n│╲\n│ ○\n○ ░\n░    gitleaks\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e4:08PM DBG using stdlib regex engine\n4:08PM DBG unable to load gitleaks config from decode.txt/.gitleaks.toml since --source=decode.txt is a file, using default config\n4:08PM DBG found .gitleaksignore file: .gitleaksignore\n4:08PM DBG segment found: original=[29,38] pos=[29,38]: \u0026quot;%3D%3D%0A\u0026quot; -\u0026gt; \u0026quot;==\\n\u0026quot;\n4:08PM DBG segment found: original=[11,38] pos=[11,31]: \u0026quot;aGVsbG8sIHdvcmxkIQ==\u0026quot; -\u0026gt; \u0026quot;hello, world!\u0026quot;\n4:08PM INF scanned ~50 bytes (50 bytes) in 1.5ms\n4:08PM INF no leaks found\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/78eebaca9d8940b8c511a6e67349168f6477943a\"\u003e\u003ccode\u003e78eebac\u003c/code\u003e\u003c/a\u003e Percent/URL Decoding Support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1831\"\u003e#1831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/6f967cad68d7ce015f45f4545dca2ec27c34e906\"\u003e\u003ccode\u003e6f967ca\u003c/code\u003e\u003c/a\u003e fix(kubernetes): remove slow element from pat (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1848\"\u003e#1848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/88f56d3695532b6227e2e8c40143132e1977b401\"\u003e\u003ccode\u003e88f56d3\u003c/code\u003e\u003c/a\u003e feat: identify slow file (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/9609928c0216ae24dfeea1f802d04f661a44892a\"\u003e\u003ccode\u003e9609928\u003c/code\u003e\u003c/a\u003e rm 1password detect test since we test it in cfg gen\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/23cb69fba4338a486e1aac8f898bd0d4ea298995\"\u003e\u003ccode\u003e23cb69f\u003c/code\u003e\u003c/a\u003e feat(rules): Add 1Password secret key detection (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1834\"\u003e#1834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.25.1...v8.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.25.1\u0026new-version=v8.26.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/271","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/271","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/271/packages"},{"uuid":"2527967140","node_id":"PR_kwDONj2Hx86Wrbek","number":270,"state":"open","title":"Bump gitleaks/gitleaks from v8.25.1 to v8.26.0","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-05-19T08:23:42.000Z","updated_at":"2025-05-19T08:23:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.25.1","new_version":"v8.26.0","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":null,"ecosystem":"docker"},"body":"Bumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.25.1 to v8.26.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.26.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e78eebac Percent/URL Decoding Support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1831\"\u003e#1831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f967ca fix(kubernetes): remove slow element from pat (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1848\"\u003e#1848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e88f56d3 feat: identify slow file (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e9609928 rm 1password detect test since we test it in cfg gen\u003c/li\u003e\n\u003cli\u003e23cb69f feat(rules): Add 1Password secret key detection (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1834\"\u003e#1834\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCalling this one \u003ca href=\"https://github.com/bplaxco\"\u003e\u003ccode\u003e@​bplaxco\u003c/code\u003e\u003c/a\u003e's release as he introduced a really clever method for mixed decoding without sacrificing too much performance. As I stated in his PR, I think he's either a wizard or some time traveling AI. Dude \u003ca href=\"https://www.youtube.com/watch?v=hIdsjNGCGz4\"\u003eis wicked smaht\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAnyways, Gitleaks now supports the following decoders: \u003ccode\u003ehex\u003c/code\u003e, \u003ccode\u003epercent(url enconding)\u003c/code\u003e, and \u003ccode\u003eb64\u003c/code\u003e. It's relatively straight forward to add a new decoder so if you're motivated, community contributions are welcomed!\u003c/p\u003e\n\u003cp\u003eHere's an example:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e~/code/gitleaks-org/gitleaks (master) cat decode.txt\ntext below\naGVsbG8sIHdvcmxkIQ%3D%3D%0A\ntext above\n~/code/gitleaks-org/gitleaks (master) ./gitleaks dir decode.txt --max-decode-depth=2 --log-level=debug\n\u003cpre\u003e\u003ccode\u003e○\n│╲\n│ ○\n○ ░\n░    gitleaks\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e4:08PM DBG using stdlib regex engine\n4:08PM DBG unable to load gitleaks config from decode.txt/.gitleaks.toml since --source=decode.txt is a file, using default config\n4:08PM DBG found .gitleaksignore file: .gitleaksignore\n4:08PM DBG segment found: original=[29,38] pos=[29,38]: \u0026quot;%3D%3D%0A\u0026quot; -\u0026gt; \u0026quot;==\\n\u0026quot;\n4:08PM DBG segment found: original=[11,38] pos=[11,31]: \u0026quot;aGVsbG8sIHdvcmxkIQ==\u0026quot; -\u0026gt; \u0026quot;hello, world!\u0026quot;\n4:08PM INF scanned ~50 bytes (50 bytes) in 1.5ms\n4:08PM INF no leaks found\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/78eebaca9d8940b8c511a6e67349168f6477943a\"\u003e\u003ccode\u003e78eebac\u003c/code\u003e\u003c/a\u003e Percent/URL Decoding Support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1831\"\u003e#1831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/6f967cad68d7ce015f45f4545dca2ec27c34e906\"\u003e\u003ccode\u003e6f967ca\u003c/code\u003e\u003c/a\u003e fix(kubernetes): remove slow element from pat (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1848\"\u003e#1848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/88f56d3695532b6227e2e8c40143132e1977b401\"\u003e\u003ccode\u003e88f56d3\u003c/code\u003e\u003c/a\u003e feat: identify slow file (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/9609928c0216ae24dfeea1f802d04f661a44892a\"\u003e\u003ccode\u003e9609928\u003c/code\u003e\u003c/a\u003e rm 1password detect test since we test it in cfg gen\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/23cb69fba4338a486e1aac8f898bd0d4ea298995\"\u003e\u003ccode\u003e23cb69f\u003c/code\u003e\u003c/a\u003e feat(rules): Add 1Password secret key detection (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1834\"\u003e#1834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.25.1...v8.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.25.1\u0026new-version=v8.26.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/270","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/270","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/270/packages"}],"issue_packages":[{"old_version":"v8.27.0","new_version":"v8.27.2","update_type":"patch","path":"/.github/actions/gitleaks","pr_created_at":"2025-06-09T08:10:17.000Z","version_change":"v8.27.0 → v8.27.2","issue":{"uuid":"2577718987","node_id":"PR_kwDONj2Hx86ZpN7L","number":311,"state":"open","title":"Bump gitleaks/gitleaks from v8.27.0 to v8.27.2 in /.github/actions/gitleaks","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-09T08:10:17.000Z","updated_at":"2025-06-09T08:10:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.27.0","new_version":"v8.27.2","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":"/.github/actions/gitleaks","ecosystem":"docker"},"body":"Bumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.27.0 to v8.27.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.27.2\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ec7acf33 Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e9faaa4a Add experimental allowlist optimizations (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1731\"\u003e#1731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e79068b3 Detect Notion Public API Keys \u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1889\"\u003e#1889\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1890\"\u003e#1890\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.27.1\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e80468ef Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003eef82237 fix(atlassian): reduce false-positives for v1 pattern (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1892\"\u003e#1892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e2463f11 Fix log suppresion issue (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1887\"\u003e#1887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f251ee Added Heroku API Key New Version (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1883\"\u003e#1883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e20f9a1d Add Platform Bitbucket (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1886\"\u003e#1886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e722ce82 Add Platform Gitea (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1884\"\u003e#1884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e79780b8 Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003ec5683ca prevent default warn message when max-archive-depth not set (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1881\"\u003e#1881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0357c3c prevent default warn message when max-archive-depth not set\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/c7acf33d962e8effc070072f993c365af19e3661\"\u003e\u003ccode\u003ec7acf33\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/9faaa4a09c44dec3e4e85ff9f1e45acf757042f5\"\u003e\u003ccode\u003e9faaa4a\u003c/code\u003e\u003c/a\u003e Add experimental allowlist optimizations (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1731\"\u003e#1731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/79068b35e597e5fb32d68a72e3116ce624f9ad29\"\u003e\u003ccode\u003e79068b3\u003c/code\u003e\u003c/a\u003e Detect Notion Public API Keys \u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1889\"\u003e#1889\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1890\"\u003e#1890\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/80468eff1da1824c161c53f85eb460d5c29a02ad\"\u003e\u003ccode\u003e80468ef\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/ef8223700a18832a5b3d3f9455878f715b1bc66b\"\u003e\u003ccode\u003eef82237\u003c/code\u003e\u003c/a\u003e fix(atlassian): reduce false-positives for v1 pattern (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1892\"\u003e#1892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/2463f11e7156aa042e0620d7171064c405764876\"\u003e\u003ccode\u003e2463f11\u003c/code\u003e\u003c/a\u003e Fix log suppresion issue (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1887\"\u003e#1887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/6f251eef65b76d0078d0583672385d4657ad7a87\"\u003e\u003ccode\u003e6f251ee\u003c/code\u003e\u003c/a\u003e Added Heroku API Key New Version (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1883\"\u003e#1883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/20f9a1d4eb32c81d4ee8798090a2703f70f98c0b\"\u003e\u003ccode\u003e20f9a1d\u003c/code\u003e\u003c/a\u003e Add Platform Bitbucket (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1886\"\u003e#1886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/722ce8213aae1fcc9163c751872eb5dbec9f9543\"\u003e\u003ccode\u003e722ce82\u003c/code\u003e\u003c/a\u003e Add Platform Gitea (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1884\"\u003e#1884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/79780b884d92a08984e0f1cf237867bac7c346f8\"\u003e\u003ccode\u003e79780b8\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.27.0...v8.27.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.27.0\u0026new-version=v8.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/311","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/311","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/311/packages"}},{"old_version":"v8.27.0","new_version":"v8.27.2","update_type":"patch","path":null,"pr_created_at":"2025-06-09T07:57:37.000Z","version_change":"v8.27.0 → v8.27.2","issue":{"uuid":"2577691473","node_id":"PR_kwDONj2Hx86ZpHNR","number":309,"state":"closed","title":"Bump gitleaks/gitleaks from v8.27.0 to v8.27.2","user":"dependabot[bot]","labels":["dependencies","size/XS","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-06-09T10:31:27.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-09T07:57:37.000Z","updated_at":"2025-06-09T10:31:27.000Z","time_to_close":9230,"merged_at":"2025-06-09T10:31:27.000Z","merged_by":"dependabot[bot]","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.27.0","new_version":"v8.27.2","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":null,"ecosystem":"docker"},"body":"Bumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.27.0 to v8.27.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.27.2\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ec7acf33 Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e9faaa4a Add experimental allowlist optimizations (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1731\"\u003e#1731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e79068b3 Detect Notion Public API Keys \u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1889\"\u003e#1889\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1890\"\u003e#1890\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.27.1\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e80468ef Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003eef82237 fix(atlassian): reduce false-positives for v1 pattern (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1892\"\u003e#1892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e2463f11 Fix log suppresion issue (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1887\"\u003e#1887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f251ee Added Heroku API Key New Version (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1883\"\u003e#1883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e20f9a1d Add Platform Bitbucket (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1886\"\u003e#1886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e722ce82 Add Platform Gitea (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1884\"\u003e#1884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e79780b8 Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003ec5683ca prevent default warn message when max-archive-depth not set (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1881\"\u003e#1881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0357c3c prevent default warn message when max-archive-depth not set\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/c7acf33d962e8effc070072f993c365af19e3661\"\u003e\u003ccode\u003ec7acf33\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/9faaa4a09c44dec3e4e85ff9f1e45acf757042f5\"\u003e\u003ccode\u003e9faaa4a\u003c/code\u003e\u003c/a\u003e Add experimental allowlist optimizations (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1731\"\u003e#1731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/79068b35e597e5fb32d68a72e3116ce624f9ad29\"\u003e\u003ccode\u003e79068b3\u003c/code\u003e\u003c/a\u003e Detect Notion Public API Keys \u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1889\"\u003e#1889\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1890\"\u003e#1890\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/80468eff1da1824c161c53f85eb460d5c29a02ad\"\u003e\u003ccode\u003e80468ef\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/ef8223700a18832a5b3d3f9455878f715b1bc66b\"\u003e\u003ccode\u003eef82237\u003c/code\u003e\u003c/a\u003e fix(atlassian): reduce false-positives for v1 pattern (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1892\"\u003e#1892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/2463f11e7156aa042e0620d7171064c405764876\"\u003e\u003ccode\u003e2463f11\u003c/code\u003e\u003c/a\u003e Fix log suppresion issue (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1887\"\u003e#1887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/6f251eef65b76d0078d0583672385d4657ad7a87\"\u003e\u003ccode\u003e6f251ee\u003c/code\u003e\u003c/a\u003e Added Heroku API Key New Version (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1883\"\u003e#1883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/20f9a1d4eb32c81d4ee8798090a2703f70f98c0b\"\u003e\u003ccode\u003e20f9a1d\u003c/code\u003e\u003c/a\u003e Add Platform Bitbucket (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1886\"\u003e#1886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/722ce8213aae1fcc9163c751872eb5dbec9f9543\"\u003e\u003ccode\u003e722ce82\u003c/code\u003e\u003c/a\u003e Add Platform Gitea (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1884\"\u003e#1884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/79780b884d92a08984e0f1cf237867bac7c346f8\"\u003e\u003ccode\u003e79780b8\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of github.com:gitleaks/gitleaks\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.27.0...v8.27.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.27.0\u0026new-version=v8.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/309","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/309","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/309/packages"}},{"old_version":"v8.26.0","new_version":"v8.27.0","update_type":"minor","path":"/.github/actions/gitleaks","pr_created_at":"2025-06-02T07:59:27.000Z","version_change":"v8.26.0 → v8.27.0","issue":{"uuid":"2559671387","node_id":"PR_kwDONj2Hx86YkXxb","number":304,"state":"closed","title":"Bump gitleaks/gitleaks from v8.26.0 to v8.27.0 in /.github/actions/gitleaks","user":"dependabot[bot]","labels":["dependencies","size/XS","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-02T09:09:27.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-02T07:59:27.000Z","updated_at":"2025-06-02T09:09:28.000Z","time_to_close":4200,"merged_at":"2025-06-02T09:09:27.000Z","merged_by":"dependabot[bot]","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.26.0","new_version":"v8.27.0","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":"/.github/actions/gitleaks","ecosystem":"docker"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.26.0 to v8.27.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.27.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e782f310 Archive support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1872\"\u003e#1872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e489d13c Update README.md\u003c/li\u003e\n\u003cli\u003ed29ee55 Reduce aws-access-token false positives (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1876\"\u003e#1876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e611db65 Set \u003ccode\u003epass_filenames\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e for Docker hook (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1850\"\u003e#1850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0589ae0 unicode decoding (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1854\"\u003e#1854\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e82f7e32 Diagnostics (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1856\"\u003e#1856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ef97a9ee chore: include decoder in debug log (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1853\"\u003e#1853\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGot another \u003ca href=\"https://github.com/bplaxco\"\u003e\u003ccode\u003e@​bplaxco\u003c/code\u003e\u003c/a\u003e release. Cheers!\u003c/p\u003e\n\u003ch4\u003eArchive Scanning\u003c/h4\u003e\n\u003cp\u003eSometimes secrets are packaged within archive files like zip files or tarballs,\nmaking them difficult to discover. Now you can tell gitleaks to automatically\nextract and scan the contents of archives. The flag \u003ccode\u003e--max-archive-depth\u003c/code\u003e\nenables this feature for both \u003ccode\u003edir\u003c/code\u003e and \u003ccode\u003egit\u003c/code\u003e scan types. The default value of\n\u0026quot;0\u0026quot; means this feature is disabled by default.\u003c/p\u003e\n\u003cp\u003eRecursive scanning is supported since archives can also contain other archives.\nThe \u003ccode\u003e--max-archive-depth\u003c/code\u003e flag sets the recursion limit. Recursion stops when\nthere are no new archives to extract, so setting a very high max depth just\nsets the potential to go that deep. It will only go as deep as it needs to.\u003c/p\u003e\n\u003cp\u003eThe findings for secrets located within an archive will include the path to the\nfile inside the archive. Inner paths are separated with \u003ccode\u003e!\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eExample finding (shortened for brevity):\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFinding:     DB_PASSWORD=8ae31cacf141669ddfb5da\n...\nFile:        testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod\nLine:        4\nCommit:      6e6ee6596d337bb656496425fb98644eb62b4a82\n...\nFingerprint: 6e6ee6596d337bb656496425fb98644eb62b4a82:testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod:generic-api-key:4\nLink:        https://github.com/leaktk/gitleaks/blob/6e6ee6596d337bb656496425fb98644eb62b4a82/testdata/archives/nested.tar.gz\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThis means a secret was detected on line 4 of \u003ccode\u003efiles/.env.prod.\u003c/code\u003e which is in\n\u003ccode\u003earchives/files.tar\u003c/code\u003e which is in \u003ccode\u003etestdata/archives/nested.tar.gz\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eCurrently supported formats:\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://github.com/mholt/archives?tab=readme-ov-file#supported-compression-formats\"\u003ecompression\u003c/a\u003e\nand \u003ca href=\"https://github.com/mholt/archives?tab=readme-ov-file#supported-archive-formats\"\u003earchive\u003c/a\u003e\nformats supported by mholt's \u003ca href=\"https://github.com/mholt/archives\"\u003earchives package\u003c/a\u003e\nare supported.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/782f3104786efdce0f809bce8a9ff31f2fa1c9ed\"\u003e\u003ccode\u003e782f310\u003c/code\u003e\u003c/a\u003e Archive support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1872\"\u003e#1872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/489d13c14ee69d31a048cb41855a678105137004\"\u003e\u003ccode\u003e489d13c\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/d29ee5517128b093810915bb0a3a3aa7190fc0af\"\u003e\u003ccode\u003ed29ee55\u003c/code\u003e\u003c/a\u003e Reduce aws-access-token false positives (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1876\"\u003e#1876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/611db6579b59e10f4016c433e2a1196cb2786b76\"\u003e\u003ccode\u003e611db65\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003epass_filenames\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e for Docker hook (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1850\"\u003e#1850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/0589ae0298409c937eef072f14aa43ce72aaa89c\"\u003e\u003ccode\u003e0589ae0\u003c/code\u003e\u003c/a\u003e unicode decoding (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1854\"\u003e#1854\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/82f7e32b71d2d393fdcde845f811d9747cb2f7cf\"\u003e\u003ccode\u003e82f7e32\u003c/code\u003e\u003c/a\u003e Diagnostics (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1856\"\u003e#1856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/f97a9ee8721adb78de4081c89d1885b88e96692e\"\u003e\u003ccode\u003ef97a9ee\u003c/code\u003e\u003c/a\u003e chore: include decoder in debug log (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1853\"\u003e#1853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.26.0...v8.27.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.26.0\u0026new-version=v8.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/304","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/304","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/304/packages"}},{"old_version":"v8.26.0","new_version":"v8.27.0","update_type":"minor","path":null,"pr_created_at":"2025-06-02T07:59:19.000Z","version_change":"v8.26.0 → v8.27.0","issue":{"uuid":"2559671108","node_id":"PR_kwDONj2Hx86YkXtE","number":303,"state":"open","title":"Bump gitleaks/gitleaks from v8.26.0 to v8.27.0","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-02T07:59:19.000Z","updated_at":"2025-06-02T07:59:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.26.0","new_version":"v8.27.0","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":null,"ecosystem":"docker"},"body":"Bumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.26.0 to v8.27.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.27.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e782f310 Archive support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1872\"\u003e#1872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e489d13c Update README.md\u003c/li\u003e\n\u003cli\u003ed29ee55 Reduce aws-access-token false positives (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1876\"\u003e#1876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e611db65 Set \u003ccode\u003epass_filenames\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e for Docker hook (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1850\"\u003e#1850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0589ae0 unicode decoding (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1854\"\u003e#1854\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e82f7e32 Diagnostics (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1856\"\u003e#1856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ef97a9ee chore: include decoder in debug log (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1853\"\u003e#1853\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGot another \u003ca href=\"https://github.com/bplaxco\"\u003e\u003ccode\u003e@​bplaxco\u003c/code\u003e\u003c/a\u003e release. Cheers!\u003c/p\u003e\n\u003ch4\u003eArchive Scanning\u003c/h4\u003e\n\u003cp\u003eSometimes secrets are packaged within archive files like zip files or tarballs,\nmaking them difficult to discover. Now you can tell gitleaks to automatically\nextract and scan the contents of archives. The flag \u003ccode\u003e--max-archive-depth\u003c/code\u003e\nenables this feature for both \u003ccode\u003edir\u003c/code\u003e and \u003ccode\u003egit\u003c/code\u003e scan types. The default value of\n\u0026quot;0\u0026quot; means this feature is disabled by default.\u003c/p\u003e\n\u003cp\u003eRecursive scanning is supported since archives can also contain other archives.\nThe \u003ccode\u003e--max-archive-depth\u003c/code\u003e flag sets the recursion limit. Recursion stops when\nthere are no new archives to extract, so setting a very high max depth just\nsets the potential to go that deep. It will only go as deep as it needs to.\u003c/p\u003e\n\u003cp\u003eThe findings for secrets located within an archive will include the path to the\nfile inside the archive. Inner paths are separated with \u003ccode\u003e!\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eExample finding (shortened for brevity):\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFinding:     DB_PASSWORD=8ae31cacf141669ddfb5da\n...\nFile:        testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod\nLine:        4\nCommit:      6e6ee6596d337bb656496425fb98644eb62b4a82\n...\nFingerprint: 6e6ee6596d337bb656496425fb98644eb62b4a82:testdata/archives/nested.tar.gz!archives/files.tar!files/.env.prod:generic-api-key:4\nLink:        https://github.com/leaktk/gitleaks/blob/6e6ee6596d337bb656496425fb98644eb62b4a82/testdata/archives/nested.tar.gz\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThis means a secret was detected on line 4 of \u003ccode\u003efiles/.env.prod.\u003c/code\u003e which is in\n\u003ccode\u003earchives/files.tar\u003c/code\u003e which is in \u003ccode\u003etestdata/archives/nested.tar.gz\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eCurrently supported formats:\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://github.com/mholt/archives?tab=readme-ov-file#supported-compression-formats\"\u003ecompression\u003c/a\u003e\nand \u003ca href=\"https://github.com/mholt/archives?tab=readme-ov-file#supported-archive-formats\"\u003earchive\u003c/a\u003e\nformats supported by mholt's \u003ca href=\"https://github.com/mholt/archives\"\u003earchives package\u003c/a\u003e\nare supported.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/782f3104786efdce0f809bce8a9ff31f2fa1c9ed\"\u003e\u003ccode\u003e782f310\u003c/code\u003e\u003c/a\u003e Archive support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1872\"\u003e#1872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/489d13c14ee69d31a048cb41855a678105137004\"\u003e\u003ccode\u003e489d13c\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/d29ee5517128b093810915bb0a3a3aa7190fc0af\"\u003e\u003ccode\u003ed29ee55\u003c/code\u003e\u003c/a\u003e Reduce aws-access-token false positives (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1876\"\u003e#1876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/611db6579b59e10f4016c433e2a1196cb2786b76\"\u003e\u003ccode\u003e611db65\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003epass_filenames\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e for Docker hook (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1850\"\u003e#1850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/0589ae0298409c937eef072f14aa43ce72aaa89c\"\u003e\u003ccode\u003e0589ae0\u003c/code\u003e\u003c/a\u003e unicode decoding (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1854\"\u003e#1854\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/82f7e32b71d2d393fdcde845f811d9747cb2f7cf\"\u003e\u003ccode\u003e82f7e32\u003c/code\u003e\u003c/a\u003e Diagnostics (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1856\"\u003e#1856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/f97a9ee8721adb78de4081c89d1885b88e96692e\"\u003e\u003ccode\u003ef97a9ee\u003c/code\u003e\u003c/a\u003e chore: include decoder in debug log (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1853\"\u003e#1853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.26.0...v8.27.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.26.0\u0026new-version=v8.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/303","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/303","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/303/packages"}},{"old_version":"v8.25.1","new_version":"v8.26.0","update_type":"minor","path":"/.github/actions/gitleaks","pr_created_at":"2025-05-19T08:23:49.000Z","version_change":"v8.25.1 → v8.26.0","issue":{"uuid":"2527967492","node_id":"PR_kwDONj2Hx86WrbkE","number":271,"state":"closed","title":"Bump gitleaks/gitleaks from v8.25.1 to v8.26.0 in /.github/actions/gitleaks","user":"dependabot[bot]","labels":["dependencies","size/XS","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-05-19T08:41:33.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-05-19T08:23:49.000Z","updated_at":"2025-05-19T08:41:33.000Z","time_to_close":1064,"merged_at":"2025-05-19T08:41:33.000Z","merged_by":"dependabot[bot]","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.25.1","new_version":"v8.26.0","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":"/.github/actions/gitleaks","ecosystem":"docker"},"body":"Bumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.25.1 to v8.26.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.26.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e78eebac Percent/URL Decoding Support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1831\"\u003e#1831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f967ca fix(kubernetes): remove slow element from pat (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1848\"\u003e#1848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e88f56d3 feat: identify slow file (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e9609928 rm 1password detect test since we test it in cfg gen\u003c/li\u003e\n\u003cli\u003e23cb69f feat(rules): Add 1Password secret key detection (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1834\"\u003e#1834\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCalling this one \u003ca href=\"https://github.com/bplaxco\"\u003e\u003ccode\u003e@​bplaxco\u003c/code\u003e\u003c/a\u003e's release as he introduced a really clever method for mixed decoding without sacrificing too much performance. As I stated in his PR, I think he's either a wizard or some time traveling AI. Dude \u003ca href=\"https://www.youtube.com/watch?v=hIdsjNGCGz4\"\u003eis wicked smaht\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAnyways, Gitleaks now supports the following decoders: \u003ccode\u003ehex\u003c/code\u003e, \u003ccode\u003epercent(url enconding)\u003c/code\u003e, and \u003ccode\u003eb64\u003c/code\u003e. It's relatively straight forward to add a new decoder so if you're motivated, community contributions are welcomed!\u003c/p\u003e\n\u003cp\u003eHere's an example:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e~/code/gitleaks-org/gitleaks (master) cat decode.txt\ntext below\naGVsbG8sIHdvcmxkIQ%3D%3D%0A\ntext above\n~/code/gitleaks-org/gitleaks (master) ./gitleaks dir decode.txt --max-decode-depth=2 --log-level=debug\n\u003cpre\u003e\u003ccode\u003e○\n│╲\n│ ○\n○ ░\n░    gitleaks\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e4:08PM DBG using stdlib regex engine\n4:08PM DBG unable to load gitleaks config from decode.txt/.gitleaks.toml since --source=decode.txt is a file, using default config\n4:08PM DBG found .gitleaksignore file: .gitleaksignore\n4:08PM DBG segment found: original=[29,38] pos=[29,38]: \u0026quot;%3D%3D%0A\u0026quot; -\u0026gt; \u0026quot;==\\n\u0026quot;\n4:08PM DBG segment found: original=[11,38] pos=[11,31]: \u0026quot;aGVsbG8sIHdvcmxkIQ==\u0026quot; -\u0026gt; \u0026quot;hello, world!\u0026quot;\n4:08PM INF scanned ~50 bytes (50 bytes) in 1.5ms\n4:08PM INF no leaks found\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/78eebaca9d8940b8c511a6e67349168f6477943a\"\u003e\u003ccode\u003e78eebac\u003c/code\u003e\u003c/a\u003e Percent/URL Decoding Support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1831\"\u003e#1831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/6f967cad68d7ce015f45f4545dca2ec27c34e906\"\u003e\u003ccode\u003e6f967ca\u003c/code\u003e\u003c/a\u003e fix(kubernetes): remove slow element from pat (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1848\"\u003e#1848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/88f56d3695532b6227e2e8c40143132e1977b401\"\u003e\u003ccode\u003e88f56d3\u003c/code\u003e\u003c/a\u003e feat: identify slow file (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/9609928c0216ae24dfeea1f802d04f661a44892a\"\u003e\u003ccode\u003e9609928\u003c/code\u003e\u003c/a\u003e rm 1password detect test since we test it in cfg gen\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/23cb69fba4338a486e1aac8f898bd0d4ea298995\"\u003e\u003ccode\u003e23cb69f\u003c/code\u003e\u003c/a\u003e feat(rules): Add 1Password secret key detection (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1834\"\u003e#1834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.25.1...v8.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.25.1\u0026new-version=v8.26.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/271","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/271","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/271/packages"}},{"old_version":"v8.25.1","new_version":"v8.26.0","update_type":"minor","path":null,"pr_created_at":"2025-05-19T08:23:42.000Z","version_change":"v8.25.1 → v8.26.0","issue":{"uuid":"2527967140","node_id":"PR_kwDONj2Hx86Wrbek","number":270,"state":"open","title":"Bump gitleaks/gitleaks from v8.25.1 to v8.26.0","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-05-19T08:23:42.000Z","updated_at":"2025-05-19T08:23:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"gitleaks/gitleaks","old_version":"v8.25.1","new_version":"v8.26.0","repository_url":"https://github.com/gitleaks/gitleaks"}],"path":null,"ecosystem":"docker"},"body":"Bumps [gitleaks/gitleaks](https://github.com/gitleaks/gitleaks) from v8.25.1 to v8.26.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitleaks/gitleaks/releases\"\u003egitleaks/gitleaks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.26.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e78eebac Percent/URL Decoding Support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1831\"\u003e#1831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f967ca fix(kubernetes): remove slow element from pat (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1848\"\u003e#1848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e88f56d3 feat: identify slow file (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e9609928 rm 1password detect test since we test it in cfg gen\u003c/li\u003e\n\u003cli\u003e23cb69f feat(rules): Add 1Password secret key detection (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1834\"\u003e#1834\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCalling this one \u003ca href=\"https://github.com/bplaxco\"\u003e\u003ccode\u003e@​bplaxco\u003c/code\u003e\u003c/a\u003e's release as he introduced a really clever method for mixed decoding without sacrificing too much performance. As I stated in his PR, I think he's either a wizard or some time traveling AI. Dude \u003ca href=\"https://www.youtube.com/watch?v=hIdsjNGCGz4\"\u003eis wicked smaht\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAnyways, Gitleaks now supports the following decoders: \u003ccode\u003ehex\u003c/code\u003e, \u003ccode\u003epercent(url enconding)\u003c/code\u003e, and \u003ccode\u003eb64\u003c/code\u003e. It's relatively straight forward to add a new decoder so if you're motivated, community contributions are welcomed!\u003c/p\u003e\n\u003cp\u003eHere's an example:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e~/code/gitleaks-org/gitleaks (master) cat decode.txt\ntext below\naGVsbG8sIHdvcmxkIQ%3D%3D%0A\ntext above\n~/code/gitleaks-org/gitleaks (master) ./gitleaks dir decode.txt --max-decode-depth=2 --log-level=debug\n\u003cpre\u003e\u003ccode\u003e○\n│╲\n│ ○\n○ ░\n░    gitleaks\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e4:08PM DBG using stdlib regex engine\n4:08PM DBG unable to load gitleaks config from decode.txt/.gitleaks.toml since --source=decode.txt is a file, using default config\n4:08PM DBG found .gitleaksignore file: .gitleaksignore\n4:08PM DBG segment found: original=[29,38] pos=[29,38]: \u0026quot;%3D%3D%0A\u0026quot; -\u0026gt; \u0026quot;==\\n\u0026quot;\n4:08PM DBG segment found: original=[11,38] pos=[11,31]: \u0026quot;aGVsbG8sIHdvcmxkIQ==\u0026quot; -\u0026gt; \u0026quot;hello, world!\u0026quot;\n4:08PM INF scanned ~50 bytes (50 bytes) in 1.5ms\n4:08PM INF no leaks found\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/78eebaca9d8940b8c511a6e67349168f6477943a\"\u003e\u003ccode\u003e78eebac\u003c/code\u003e\u003c/a\u003e Percent/URL Decoding Support (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1831\"\u003e#1831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/6f967cad68d7ce015f45f4545dca2ec27c34e906\"\u003e\u003ccode\u003e6f967ca\u003c/code\u003e\u003c/a\u003e fix(kubernetes): remove slow element from pat (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1848\"\u003e#1848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/88f56d3695532b6227e2e8c40143132e1977b401\"\u003e\u003ccode\u003e88f56d3\u003c/code\u003e\u003c/a\u003e feat: identify slow file (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/9609928c0216ae24dfeea1f802d04f661a44892a\"\u003e\u003ccode\u003e9609928\u003c/code\u003e\u003c/a\u003e rm 1password detect test since we test it in cfg gen\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gitleaks/gitleaks/commit/23cb69fba4338a486e1aac8f898bd0d4ea298995\"\u003e\u003ccode\u003e23cb69f\u003c/code\u003e\u003c/a\u003e feat(rules): Add 1Password secret key detection (\u003ca href=\"https://redirect.github.com/gitleaks/gitleaks/issues/1834\"\u003e#1834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gitleaks/gitleaks/compare/v8.25.1...v8.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitleaks/gitleaks\u0026package-manager=docker\u0026previous-version=v8.25.1\u0026new-version=v8.26.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mattdowdell/sandbox/pull/270","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdowdell%2Fsandbox/issues/270","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/270/packages"}}]}