feat(adafruitio): improve pattern matching
2025-07-13 17:09:15 -07:00
preparing for v1.12
2025-06-24 17:17:16 -07:00
Improved Updater text. Cleaned up more rules and the examples included with them.
2025-06-26 14:29:36 -07:00
Updating GitHub Action to generate Docker image. Added rules for Diffbot, ai21, baseten. Fixed supabase rule. Added 'alg' to JWT validation output
2025-07-18 15:26:18 -07:00
added rule for Vercel
2025-08-13 15:35:04 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
fixed aiven regex to pass test
2025-08-14 10:17:16 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Added validation for Alibaba rule
2025-07-09 15:03:07 -07:00
updated anthropic rule
2025-10-23 15:02:30 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
- New rules: Telegram bot token, OpenWeatherMap, Apify
2025-08-01 16:56:04 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
added rule for Vercel
2025-08-13 15:35:04 -07:00
- Now generating DEB and RPM packages
2025-07-21 15:21:10 -07:00
added rule for Vercel
2025-08-13 15:35:04 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
removed serde_utils and added Authress rule
2025-08-16 07:35:52 -07:00
updated rule for AWS Secret Access key
2025-09-10 13:29:19 -07:00
fixed example in rule
2025-08-18 23:32:15 -07:00
Added first-class Azure Repos support, including CLI commands, enumeration, and documentation updates
2025-10-04 23:12:28 -07:00
preparing for v1.12
2025-06-24 17:17:16 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
- Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key
2025-08-18 22:56:34 -07:00
added more rules
2025-08-16 14:54:01 -07:00
Fixed Gitlab support. Added pre-commit and pre-receive installation scripts.
2025-07-23 19:57:33 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
fix ci build error
2025-08-31 10:27:16 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
WIP: Adding support for scanning Docker images
2025-07-27 12:20:20 -07:00
changes in response to code review
2025-08-27 15:43:31 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
Fixed validation logic for clarifai rule
2025-08-06 21:31:02 -07:00
- Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key
2025-08-18 22:56:34 -07:00
added more rules
2025-08-16 14:54:01 -07:00
added more rules
2025-08-16 14:54:01 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
added more rules
2025-08-16 14:54:01 -07:00
Added rules for Cohere and Stability.ai
2025-07-17 13:18:54 -07:00
bug fixes in response to code review. Also added support for ed25519 coinbase cdp api keys
2025-07-31 18:29:21 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
added more rules
2025-08-16 14:54:01 -07:00
- Use system TLS root certificates to support self-hosted GitLab instances with internal CAs
2025-08-05 14:45:51 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
refactored output reporting and formatting logic
2025-08-04 08:58:06 -07:00
added more rules
2025-08-16 14:54:01 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
- Improved performance of tree-sitter parsing
2025-10-03 17:22:28 -07:00
- Now generating DEB and RPM packages
2025-07-21 15:21:10 -07:00
added rules for deepseek, xai. Removed branding. Added a NOTICE file
2025-06-30 17:04:29 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
- Improved rules: github oauth2, diffbot, mailchimp, aws
2025-08-29 17:24:26 -07:00
fix(digitalocean): regex is case-sensitive
2025-07-13 17:27:44 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
fix ci build error
2025-08-31 10:27:16 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Added rules for twitter, wireguard, onepassword, droneci
2025-06-26 21:24:07 -07:00
added more rules
2025-08-16 14:54:01 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
preparing for v1.12
2025-06-24 17:17:16 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Added ElevenLabs rule
2025-07-25 10:31:17 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
added rule for Vercel
2025-08-13 15:35:04 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Improved Updater text. Cleaned up more rules and the examples included with them.
2025-06-26 14:29:36 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
added more rules
2025-08-16 20:23:27 -07:00
changes in response to code review
2025-08-27 15:43:31 -07:00
fix ci build error
2025-08-31 10:27:16 -07:00
added more rules
2025-08-16 14:54:01 -07:00
Fixed some rules. Added rules for mandrill, mapbox, microsoft teams, stripe
2025-06-25 15:12:42 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
added rules for cerbras, friendli, fireworks.ai
2025-08-27 11:25:39 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Decode Base64 blobs and scan their contents for secrets while skipping short strings for performance
2025-08-30 16:44:55 -07:00
added more rules
2025-08-16 20:36:22 -07:00
- Improved rules: github oauth2, diffbot, mailchimp, aws
2025-08-29 17:24:26 -07:00
Fixed Gitlab rule which was incorrectly identifying certain tokens as valid
2025-07-02 15:20:50 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Added rule for Google Gemini AI
2025-07-17 11:07:44 -07:00
preparing for v1.12
2025-06-24 17:17:16 -07:00
Added gradle and grafana rules
2025-06-25 08:39:10 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
New rule: Groq
2025-08-01 17:07:13 -07:00
Improved Updater text. Cleaned up more rules and the examples included with them.
2025-06-26 14:29:36 -07:00
added more rules
2025-08-16 20:23:27 -07:00
added rule for Vercel
2025-08-13 15:35:04 -07:00
added more rules
2025-08-16 20:23:27 -07:00
added more rules
2025-08-16 20:23:27 -07:00
Added rules for huggingface, ibm cloud, intercom, and ipstack
2025-06-25 14:07:11 -07:00
Fixed malformed rules. Now validating that response_matcher is present in validation section of all rules
2025-06-25 22:17:37 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
- Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key
2025-08-18 22:56:34 -07:00
Added rules for huggingface, ibm cloud, intercom, and ipstack
2025-06-25 14:07:11 -07:00
Added rules for huggingface, ibm cloud, intercom, and ipstack
2025-06-25 14:07:11 -07:00
Added rules for line
2025-06-25 14:22:37 -07:00
added more rules
2025-08-16 20:36:22 -07:00
JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials
2025-08-07 17:21:16 -07:00
updated jwt rule
2025-09-04 23:31:34 -07:00
added more rules
2025-08-16 20:23:27 -07:00
- Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key
2025-08-18 22:56:34 -07:00
- Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url'
2025-08-21 15:39:04 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
- Improved rules: github oauth2, diffbot, mailchimp, aws
2025-08-29 17:24:26 -07:00
added ollama rule
2025-08-26 10:22:18 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Added netlify, netrc, newrelic, ngrok, npm, and nuget rules
2025-06-25 15:46:33 -07:00
- Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url'
2025-08-21 15:39:04 -07:00
added tests for --branch and --since-commit feature
2025-10-23 17:27:40 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
Fixed malformed rules. Now validating that response_matcher is present in validation section of all rules
2025-06-25 22:17:37 -07:00
updated anthropic rule
2025-10-23 15:02:30 -07:00
Added support for HTTP request bodies in rule validation. Added mistral and perplexity rule
2025-07-08 17:49:12 -07:00
- Enabled MongoDB URI validation
2025-09-09 16:45:02 -07:00
preparing for v1.12
2025-06-24 17:17:16 -07:00
Introduced flag – skip files/dirs whose path resembles tests (, , , , ), reducing noise.
2025-06-28 09:16:42 -07:00
Added ruels for sonarcloud, sonarqube, sourcegraph
2025-06-28 08:34:15 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Added netlify, netrc, newrelic, ngrok, npm, and nuget rules
2025-06-25 15:46:33 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
fixed failing tests
2025-08-21 16:13:03 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
changes in response to code review
2025-08-27 15:43:31 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
Added rules for twitter, wireguard, onepassword, droneci
2025-06-26 21:24:07 -07:00
preparing for v1.12
2025-06-24 17:17:16 -07:00
added ollama rule
2025-08-26 10:22:18 -07:00
Fixed GitHub organization and GitLab group scans when using '--git-history=none'
2025-08-07 16:13:57 -07:00
Update data/rules/openai.yml
2025-08-01 15:31:29 -07:00
- New rules: Telegram bot token, OpenWeatherMap, Apify
2025-08-01 16:56:04 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Fixed bug in Makefile hen setting PROJECT_NAME
2025-07-21 22:52:05 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Improved Updater text. Cleaned up more rules and the examples included with them.
2025-06-26 14:29:36 -07:00
- Improved rules: AWS, pem
2025-08-22 16:16:00 -07:00
Added PR review suggestions
2025-07-09 16:00:54 -07:00
added more rules
2025-08-16 20:23:27 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
preparing for v1.12
2025-06-24 17:17:16 -07:00
Improved Updater text. Cleaned up more rules and the examples included with them.
2025-06-26 14:29:36 -07:00
added more rules
2025-08-16 20:23:27 -07:00
- Added provider-specific kingfisher scan subcommands (for example kingfisher scan github …) that translate into the legacy flags under the hood. The new layout keeps backwards compatibility while removing the wall of provider options from kingfisher scan --help.
2025-10-22 16:24:09 -07:00
Dropped the “prevalidated” flag from rule definitions and validation logic so every finding now flows through the standard active/inactive/unknown pipeline, simplifying rule configuration and preventing special‑case bypasses
2025-08-13 08:22:53 -07:00
preparing for v1.12
2025-06-24 17:17:16 -07:00
Improved Updater text. Cleaned up more rules and the examples included with them.
2025-06-26 14:55:35 -07:00
Improved Updater text. Cleaned up more rules and the examples included with them.
2025-06-26 14:55:35 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
preparing for v1.12
2025-06-24 17:17:16 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
Improved Updater text. Cleaned up more rules and the examples included with them.
2025-06-26 14:55:35 -07:00
- New rules: Telegram bot token, OpenWeatherMap, Apify
2025-08-01 16:56:04 -07:00
fixed issues found by pr review
2025-07-17 15:19:03 -07:00
Improved Updater text. Cleaned up more rules and the examples included with them.
2025-06-26 14:55:35 -07:00
Added rule for Runway
2025-07-17 13:52:26 -07:00
Added rules for readme, rubygems, salesforce, segment, snyk, pulumi, pubnub
2025-06-26 15:37:51 -07:00
Fix changes in response to code review
2025-08-30 20:07:31 -07:00
- Now generating DEB and RPM packages
2025-07-21 15:21:10 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
Added rules for readme, rubygems, salesforce, segment, snyk, pulumi, pubnub
2025-06-26 15:37:51 -07:00
- Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url'
2025-08-21 15:39:04 -07:00
added rules for nasa, teamcity
2025-06-28 09:05:19 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
- Improved rules: github oauth2, diffbot, mailchimp, aws
2025-08-29 17:24:26 -07:00
Added rules for shopify, truenas
2025-06-28 08:44:36 -07:00
Fix: HTML detection now requires both HTML content-type and html tag, fixing webhook false negatives
2025-06-27 15:28:34 -07:00
Fixed Snyk rule
2025-06-26 15:46:14 -07:00
Added ruels for sonarcloud, sonarqube, sourcegraph
2025-06-28 08:34:15 -07:00
Added ruels for sonarcloud, sonarqube, sourcegraph
2025-06-28 08:34:15 -07:00
Added test to prevent this and similar issues
2025-06-29 22:51:49 -07:00
added rules for nasa, teamcity
2025-06-28 09:05:19 -07:00
Added rules for Cohere and Stability.ai
2025-07-17 11:30:36 -07:00
- Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url'
2025-08-21 15:39:04 -07:00
Improved Updater text. Cleaned up more rules and the examples included with them.
2025-06-26 14:29:36 -07:00
fixing github action failure for linux-arm6 when making deb
2025-08-05 18:06:09 -07:00
fixed test
2025-08-13 09:20:36 -07:00
added more rules
2025-08-16 20:23:27 -07:00
added rules for nasa, teamcity
2025-06-28 09:05:19 -07:00
- New rules: Telegram bot token, OpenWeatherMap, Apify
2025-08-01 16:56:04 -07:00
added more rules
2025-08-16 20:23:27 -07:00
added rules for together.ai
2025-08-27 12:20:44 -07:00
Populate the finding path from git blob metadata so history-derived secrets display their file location instead of an empty path
2025-09-24 10:06:47 -07:00
added more rules
2025-08-16 20:23:27 -07:00
Updated formatting of several rules
2025-06-26 11:31:41 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
- --quiet now suppresses scan summaries and rule statistics unless --rule-stats is explicitly provided
2025-08-09 15:52:00 -07:00
- Fixed kingfisher scan so that providing --branch without --since-commit now diffs the branch against the empty tree and scans every commit reachable from that branch.
2025-10-20 18:23:12 -07:00
preparing for v1.12
2025-06-24 17:17:16 -07:00
- Fixed local filesystem scans to keep open_path_as_is enabled when opening Git repositories and only disable it for diff-based scans.
2025-10-25 17:12:51 -07:00
updating s3 feature
2025-08-03 20:59:58 -07:00
changes in response to code review
2025-08-27 15:43:31 -07:00
Added rules for twitter, wireguard, onepassword, droneci
2025-06-26 21:24:07 -07:00
added rules for deepseek, xai. Removed branding. Added a NOTICE file
2025-06-30 17:04:29 -07:00
added rules for zhipu
2025-08-27 12:43:41 -07:00
7d9d3be132