Run of fresh-snapshots for gitleaks

Try this locally package):

debcheckout gitleaks
cd gitleaks
new-upstream --snapshot --debian-revision=0kali1 --refresh-patches

Summary

new-upstream --snapshot --debian-revision=0kali1 --refresh-patches

Diff

Branch: pristine-tar

diff --git a/gitleaks_7.4.1+git20210422.1.e7553b0.orig.tar.gz.delta b/gitleaks_7.4.1+git20210422.1.e7553b0.orig.tar.gz.delta
new file mode 100644
index 0000000..32e8314
Binary files /dev/null and b/gitleaks_7.4.1+git20210422.1.e7553b0.orig.tar.gz.delta differ
diff --git a/gitleaks_7.4.1+git20210422.1.e7553b0.orig.tar.gz.id b/gitleaks_7.4.1+git20210422.1.e7553b0.orig.tar.gz.id
new file mode 100644
index 0000000..9238b67
--- /dev/null
+++ b/gitleaks_7.4.1+git20210422.1.e7553b0.orig.tar.gz.id
@@ -0,0 +1 @@
+30eafbb09ac88ff076c3fa676a410f21e08a0e86

Branch: upstream

Tag: upstream/7.4.1+git20210422.1.e7553b0
diff --git a/.pre-commit-hooks.yaml b/.pre-commit-hooks.yaml
new file mode 100644
index 0000000..f9b0a97
--- /dev/null
+++ b/.pre-commit-hooks.yaml
@@ -0,0 +1,5 @@
+- id: gitleaks
+  name: Detect hardcoded secrets
+  description: Detect hardcoded secrets using Gitleaks
+  entry: gitleaks
+  language: golang
diff --git a/README.md b/README.md
index e82e1cb..ed530b7 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,6 @@
   <img alt="gitleaks" src="https://raw.githubusercontent.com/zricethezav/gifs/master/gitleakslogo.png" height="70" />
   <p align="center">
       <a href="https://travis-ci.org/zricethezav/gitleaks"><img alt="Travis" src="https://img.shields.io/travis/zricethezav/gitleaks/master.svg?style=flat-square"></a>
-      <a href="https://gitter.im/gitleaks/gitleaks"><img alt="Travis" src="https://badges.gitter.im/gitleaks/gitleaks.svg?style=flat-square"></a>
   </p>
 </p>
 
@@ -25,7 +24,7 @@ Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, api keys
 
 
 ### Installation
-Gitleaks can be installed using Homebrew, Docker, or Go. Gitleaks is also available in binary form for many popular platforms and OS types on the [releases page](https://github.com/zricethezav/gitleaks/releases).
+Gitleaks can be installed using Homebrew, Docker, or Go. Gitleaks is also available in binary form for many popular platforms and OS types on the [releases page](https://github.com/zricethezav/gitleaks/releases). In addition, Gitleaks can be implemented as a pre-commit hook directly in your repo.
 
 ##### MacOS
 
@@ -43,6 +42,18 @@ docker pull zricethezav/gitleaks
 ```bash
 GO111MODULE=on go get github.com/zricethezav/gitleaks/v7
 ```
+##### As a pre-commit hook
+
+See [pre-commit](https://github.com/pre-commit/pre-commit) for instructions.
+
+Sample `.pre-commit-config.yaml`
+
+```yaml
+-   repo: https://github.com/zricethezav/gitleaks
+    rev: v7.4.0
+    hooks:
+    -   id: gitleaks
+```
 
 ### Usage and Options
 ```
@@ -254,7 +265,7 @@ You can always set the exit code when leaves are encountered with the `--leaks-e
 ```
 
 ###  Sponsors ❤️
-#### Corporate Sponsors
+#### Organization Sponsors
 [![gammanet](https://gammanet.com/assets/images/new-design/gamma-logo.png)](https://gammanet.com/?utm_source=gitleaks&utm_medium=homepage&utm_campaign=gitleaks_promotion)
 
 Gamma proactively detects and remediates data leaks across cloud apps. Scan your public repos for secret leaks with [Gamma](https://gammanet.com/github-demo?utm_source=gitleaks&utm_medium=homepage&utm_campaign=gitleaks_promotion)
diff --git a/examples/pre-commit-config-example.yaml b/examples/pre-commit-config-example.yaml
new file mode 100644
index 0000000..a104e92
--- /dev/null
+++ b/examples/pre-commit-config-example.yaml
@@ -0,0 +1,14 @@
+# pre-commit configuration example to add docker-based hook that executes gitleaks
+# This should be added to .pre-commit-config.yaml coniguration file: https://pre-commit.com/#2-add-a-pre-commit-configuration
+
+repos:
+- repo: local
+  hooks:
+  - id: gitleaks
+    name: Gitleaks
+    language: docker_image
+    entry: zricethezav/gitleaks:v7.4.0
+    args:
+    - --config-path
+    - .gitleaks.toml
+    - --verbose
diff --git a/scan/unstaged.go b/scan/unstaged.go
index 6468e81..dc199da 100644
--- a/scan/unstaged.go
+++ b/scan/unstaged.go
@@ -184,6 +184,12 @@ func (us *UnstagedScanner) Scan() (Report, error) {
 				}
 			}
 
+			// Check if file is allow listed
+			if us.cfg.Allowlist.FileAllowed(filepath.Base(filename)) ||
+				us.cfg.Allowlist.PathAllowed(filename) {
+				continue
+			}
+
 			dmp := diffmatchpatch.New()
 			diffs := dmp.DiffMain(prevFileContents, currFileContents, false)
 			prettyDiff := diffPrettyText(diffs)

Branch: main

diff --git a/.pre-commit-hooks.yaml b/.pre-commit-hooks.yaml
new file mode 100644
index 0000000..f9b0a97
--- /dev/null
+++ b/.pre-commit-hooks.yaml
@@ -0,0 +1,5 @@
+- id: gitleaks
+  name: Detect hardcoded secrets
+  description: Detect hardcoded secrets using Gitleaks
+  entry: gitleaks
+  language: golang
diff --git a/README.md b/README.md
index e82e1cb..ed530b7 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,6 @@
   <img alt="gitleaks" src="https://raw.githubusercontent.com/zricethezav/gifs/master/gitleakslogo.png" height="70" />
   <p align="center">
       <a href="https://travis-ci.org/zricethezav/gitleaks"><img alt="Travis" src="https://img.shields.io/travis/zricethezav/gitleaks/master.svg?style=flat-square"></a>
-      <a href="https://gitter.im/gitleaks/gitleaks"><img alt="Travis" src="https://badges.gitter.im/gitleaks/gitleaks.svg?style=flat-square"></a>
   </p>
 </p>
 
@@ -25,7 +24,7 @@ Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, api keys
 
 
 ### Installation
-Gitleaks can be installed using Homebrew, Docker, or Go. Gitleaks is also available in binary form for many popular platforms and OS types on the [releases page](https://github.com/zricethezav/gitleaks/releases).
+Gitleaks can be installed using Homebrew, Docker, or Go. Gitleaks is also available in binary form for many popular platforms and OS types on the [releases page](https://github.com/zricethezav/gitleaks/releases). In addition, Gitleaks can be implemented as a pre-commit hook directly in your repo.
 
 ##### MacOS
 
@@ -43,6 +42,18 @@ docker pull zricethezav/gitleaks
 ```bash
 GO111MODULE=on go get github.com/zricethezav/gitleaks/v7
 ```
+##### As a pre-commit hook
+
+See [pre-commit](https://github.com/pre-commit/pre-commit) for instructions.
+
+Sample `.pre-commit-config.yaml`
+
+```yaml
+-   repo: https://github.com/zricethezav/gitleaks
+    rev: v7.4.0
+    hooks:
+    -   id: gitleaks
+```
 
 ### Usage and Options
 ```
@@ -254,7 +265,7 @@ You can always set the exit code when leaves are encountered with the `--leaks-e
 ```
 
 ###  Sponsors ❤️
-#### Corporate Sponsors
+#### Organization Sponsors
 [![gammanet](https://gammanet.com/assets/images/new-design/gamma-logo.png)](https://gammanet.com/?utm_source=gitleaks&utm_medium=homepage&utm_campaign=gitleaks_promotion)
 
 Gamma proactively detects and remediates data leaks across cloud apps. Scan your public repos for secret leaks with [Gamma](https://gammanet.com/github-demo?utm_source=gitleaks&utm_medium=homepage&utm_campaign=gitleaks_promotion)
diff --git a/debian/changelog b/debian/changelog
index 7e19740..8219b49 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+gitleaks (7.4.1+git20210422.1.e7553b0-0kali1) UNRELEASED; urgency=low
+
+  * New upstream snapshot.
+
+ -- Kali Janitor <janitor@kali.org>  Wed, 28 Apr 2021 15:03:57 -0000
+
 gitleaks (7.4.0-0kali1) kali-dev; urgency=low
 
   [ Kali Janitor ]
diff --git a/examples/pre-commit-config-example.yaml b/examples/pre-commit-config-example.yaml
new file mode 100644
index 0000000..a104e92
--- /dev/null
+++ b/examples/pre-commit-config-example.yaml
@@ -0,0 +1,14 @@
+# pre-commit configuration example to add docker-based hook that executes gitleaks
+# This should be added to .pre-commit-config.yaml coniguration file: https://pre-commit.com/#2-add-a-pre-commit-configuration
+
+repos:
+- repo: local
+  hooks:
+  - id: gitleaks
+    name: Gitleaks
+    language: docker_image
+    entry: zricethezav/gitleaks:v7.4.0
+    args:
+    - --config-path
+    - .gitleaks.toml
+    - --verbose
diff --git a/scan/unstaged.go b/scan/unstaged.go
index 6468e81..dc199da 100644
--- a/scan/unstaged.go
+++ b/scan/unstaged.go
@@ -184,6 +184,12 @@ func (us *UnstagedScanner) Scan() (Report, error) {
 				}
 			}
 
+			// Check if file is allow listed
+			if us.cfg.Allowlist.FileAllowed(filepath.Base(filename)) ||
+				us.cfg.Allowlist.PathAllowed(filename) {
+				continue
+			}
+
 			dmp := diffmatchpatch.New()
 			diffs := dmp.DiffMain(prevFileContents, currFileContents, false)
 			prettyDiff := diffPrettyText(diffs)

Resulting package

The resulting binary packages can be installed (if you have the apt repository enabled) by running one of:

apt install -t kali-bleeding-edge gitleaks

Lintian Result

Full worker log Full build log Full dist log