tartufo
tartufo copied to clipboard
godaddy
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
## 🐛 Bug Report If I run tartufo to scan a directory from one level above my repo, it reads the tartufo.toml file to apply exclusions, but doesn't include any...
## 🐛 Bug Report Tartufo flags the ASCII alphabet as high entropy and ignores randomly-generated strings of equal length. ## To Reproduce Please run this script or equivalent commands with...
## 🐛 Bug Report ## To Reproduce Using tartufo 3.2.1 or 3.3.1 Following steps assume a local .pre-commit-config.yaml file with the following content: ``` repos: - repo: https://github.com/godaddy/tartufo rev: v3.3.1...
This PR was automatically created by Snyk using the credentials of a real user.Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of...
Bumps [idna](https://github.com/kjd/idna) from 3.4 to 3.7. Release notes Sourced from idna's releases. v3.7 What's Changed Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [black](https://github.com/psf/black) from 23.3.0 to 24.3.0. Release notes Sourced from black's releases. 24.3.0 Highlights This release is a milestone: it fixes Black's first CVE security vulnerability. If you run Black...
This PR was automatically created by Snyk using the credentials of a real user.Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of...
This PR was automatically created by Snyk using the credentials of a real user.Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of...
Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.3 to 3.1.4. Release notes Sourced from jinja2's releases. 3.1.4 This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise...
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.18 to 1.26.19. Release notes Sourced from urllib3's releases. 1.26.19 🚀 urllib3 is fundraising for HTTP/2 support urllib3 is raising ~$40,000 USD to release HTTP/2 support and...