- context inclusion for redactions
- noise reduction for entropy signals
- added support for cloning repositories using github api
- auditing PRs now allows for whitelisting files
- adding gitlab user and group support
- memoizing root commit
- only count commits (not commit + parent) for total commit number
- fixed a bug where gitleaks was skipping the initial commit
- commit cache now checks curr commit + parent commit hash
- removed newlines from commit message
- mistakenly removed default whitelist files
- removed
--all-refs. By default gitleaks now scans all branches, remote and local. - added commit memoizer to prevent duplicate commit audits
- removed branch whitelist
- removed branch from report as a commit is an object independent of branch
- Better regexes for facebook, github, twitter (no more unbounded wildcards)
- fixing slack token
- defaulting to single thread process
--max-go=-->--threads=- guarding
--threads=> max threads available (you aint gettin any more performance)
- Default regex added to search: slack, telegram.
- Default whitelisting: bin, doc, jpeg, gif
- Fixing default ssh auth logic
- Better commit coverage. Now iterates through each commit in git log and generates a patch with each commit's parent.
- Removing the need for --private/-p option. Instead gitleaks will determine if the repo is private or not.
- Whitelist repos use regex now
- Whitelist repo check before clone
- Entropy Range support in gitleaks config
- Github PR support
- Github has its own go file. All other services, bitbucket, gitlab, etc should follow this convention
- Show program usage when no arguments are provided
- Exit program after the -h or --help options are used
- removing --csv option
- --report option now requires .json or .csv in filename
- adding total time to audit in logs
- fix commit whitelist logic
- Commit depth option
- Commit stats output
- Add entropy option
- exclude fork option
- whitelist repos
- sample config option
- style points
- Fixing dangling goroutines, removing channel messaging
- Fixing bug where single repos were not being audited
- Exit code == 2 on error
- Cleaning up some logs
- Removing some unreachable code
- Recover from panic when diffing
- Default maximum goroutines spawned is number of cores your CPU run with. See benchmarks in wiki.
- Cleanup after each repo audit for organizations rather than waiting for the entire organization to complete. Eliminates the risk of running out of disk space.
- Support for CSV reporting
- Refactoring Github user/owner audits
- Support for single commit repos
- Bumped go-git version from 4.5.0 to 4.7.0
- Target specific branch
- Check errors when generating commit patch
- Added support for providing an alternate GitHub URL to support scanning GitHub Enterprise repositories
- Added version option
- Introduced changelog
- Fixed commit patch order
- Updated Readme
- Fixed Twitter typo
- Fixed sample docker command
- Default clone option to "in-memory"
- Added clone option for "disk"
- Updated Makefile
- Rewrite, see Readme.md: https://github.com/zricethezav/gitleaks/releases/tag/v1.0.0
- Added support for external regexes
- Added local scan
- Meaningful exit codes
- Timestamped logs
- Refactored for some maintainability
- Additionally regex checking
- $HOME/.gitleaks/ directory for clones and reports
- Pagination for Org/User list... no more partial repo lists
- Persistent repos for Orgs and Users (no more re-cloning)
- Updated README
- Multi-staged Docker build
- Travis CI
- full git history search
- regex/entropy checks
- report generation