becojo
becojo
### Description: Last time I contributed to Gitleaks, I edited code in my PR and I forgot to regenerate the config file. So that doesn't happen again, I'd like to...
### Description: Modify the release workflow to sign the Gitleaks container using [cosign](https://github.com/sigstore/cosign). I tested the workflow in my fork and the signature of the container produced from my branch...
When using analyze_local in a container, git commands may error if the repo is owned by a different user. This commonly happens when mounting a directory into the image ```...
**Describe the bug** When hashicorp/go-version is given a GitHub Actions version "4", it pads the rest of the semver components with zeros making the effective version "4.0.0" https://github.com/hashicorp/go-version/blob/644291d14038339745c2d883a1a114488e30b702/version.go#L77-L82 This makes...
Inspired by the the talk [_API: Alternate Pathway to Injection_ by Fennix at Northsec 2024](https://nsec.io/session/2024-api-alternate-pathway-to-injection.html), add a rule to detect a code sample in Twilio's documentation that could lead to...
### Description: OpenAI has project API keys that use a different prefix and is not currently detected by GitLeaks. Since these are more scoped down than user API keys, I...