Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update pds-gitleaks to gitleaks version 8.18.4 to fix custom rule workaround #3314

Closed
winzj opened this issue Jul 22, 2024 · 0 comments · Fixed by #3315
Closed

Update pds-gitleaks to gitleaks version 8.18.4 to fix custom rule workaround #3314

winzj opened this issue Jul 22, 2024 · 0 comments · Fixed by #3315
Assignees
@winzj
Labels
pds-solutions secretscan

Comments

@winzj
Copy link
Member

winzj commented Jul 22, 2024

Situation

We currently use Gitleaks version 8.18.2. using the custom rule file as documented on the official reporsitory results in undefined for the finding type. The reason is, only the rules in the custom file are part of the SARIF report even if the default file is extended correctly.

With the latest gitleaks version 8.18.4 the isssue described above was fixed.

Wanted

Use the gitleaks custom rule feature as intended.

Solution

  • Update the pds-gitleaks solution to gitleaks version 8.18.4
  • make changes to the pds-gitleaks solution to use the custom gitleaks rule file as intended and documented by gitleaks.
@winzj winzj self-assigned this Jul 22, 2024
winzj added a commit that referenced this issue Jul 22, 2024
@winzj
Update gitleaks version and fix workaround for custom rules #3314
39bcf40 
- update gitleaks to latest version
- fix workaround solution for custom rules
  because gitleaks fixed behavior with latest release
@winzj winzj mentioned this issue Jul 22, 2024
Merged
winzj added a commit that referenced this issue Jul 25, 2024
@winzj
Merge pull request #3315 from mercedes-benz/feature-3314-update-gitle…
c75ff37 
…aks-and-fix-custom-rule-workaround

Update gitleaks version and fix workaround for custom rules #3314
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@winzj winzj

Labels
pds-solutions secretscan
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update gitleaks version and fix workaround for custom rules #3314 mercedes-benz/sechub
1 participant
@winzj