Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Should include filename in error displayed if plugin file in baseline not found #718

Closed
1 of 2 tasks
msabramo opened this issue Oct 26, 2023 · 1 comment · Fixed by #719
Closed
1 of 2 tasks

Should include filename in error displayed if plugin file in baseline not found #718

msabramo opened this issue Oct 26, 2023 · 1 comment · Fixed by #719
Labels
pending The issue still needs to be reviewed by one of the maintainers.

Comments

@msabramo
Copy link
Contributor

msabramo commented Oct 26, 2023
edited
Loading

  • I'm submitting a ...

    • bug report
    • feature request

  • What is the current behavior?
    If you run something like detect-secrets-hook --baseline .secrets.baseline setup.py and secrets.baseline references a custom plugin that doesn't exist, you get a FileNotFoundError with a long traceback, but unfortunately it doesn't tell you which file is missing.

  • If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem

$ cat .secrets.baseline
{
  "version": "1.4.0",
  "plugins_used": [
    {
      "name": "FakeCustomPlugin",
      "path": "file://./path/to/plugin/that/does/not/exist/plugin.py"
    }
  ],
  "filters_used": [],
  "results": {}
}

$ detect-secrets-hook --baseline .secrets.baseline setup.py
Traceback (most recent call last):
...
  File "/Users/abramowi/Code/OpenSource/detect-secrets/detect_secrets/util/importlib.py", line 88, in import_file_as_module
    raise FileNotFoundError
FileNotFoundError

Note that a FileNotFoundError is raised, but it doesn't say which file was not found.

  • What is the expected behavior?

A user-friendly error message that tells the user which file was not found. For example, if an invalid plugin is passed in on the command-line:

$ detect-secrets-hook --plugin ./app/detect-secrets/plugins.py --baseline .secrets.baseline
...
detect-secrets-hook: error: argument -p/--plugin: ./app/detect-secrets/plugins.py is not a valid file.

So a better behavior for this case would be something like this:

$ detect-secrets-hook --baseline .secrets.baseline setup.py
detect-secrets-hook: error: plugin referenced in .secrets.baseline: ./path/to/plugin/that/does/not/exist/plugin.py is not a valid file.

But I'd be happy if it still displayed a traceback, but FileNotFoundError was raised with the filename that was not found as a parameter.

  • What is the motivation / use case for changing the behavior?
    To make debugging easier. I spent a bunch of time yesterday troubleshooting an issue like this and this change would've saved me a lot of time.

  • Please tell us about your environment:

    • detect-secrets Version: 1.4.0
    • Python Version: 3.10
    • OS Version: OS X 12.6.8
    • File type (if applicable):

  • Other information

$ detect-secrets-hook --baseline .secrets.baseline setup.py
Traceback (most recent call last):
  File "/Users/abramowi/Code/OpenSource/detect-secrets/.venv/bin/detect-secrets-hook", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/Users/abramowi/Code/OpenSource/detect-secrets/detect_secrets/pre_commit_hook.py", line 30, in main
    secrets.scan_file(filename)
  File "/Users/abramowi/Code/OpenSource/detect-secrets/detect_secrets/core/secrets_collection.py", line 75, in scan_file
    for secret in scan.scan_file(os.path.join(self.root, filename)):
  File "/Users/abramowi/Code/OpenSource/detect-secrets/detect_secrets/core/scan.py", line 141, in scan_file
    if not get_plugins():   # pragma: no cover
           ^^^^^^^^^^^^^
  File "/Users/abramowi/Code/OpenSource/detect-secrets/detect_secrets/settings.py", line 266, in get_plugins
    return [
           ^
  File "/Users/abramowi/Code/OpenSource/detect-secrets/detect_secrets/settings.py", line 267, in <listcomp>
    plugins.initialize.from_plugin_classname(classname)
  File "/Users/abramowi/Code/OpenSource/detect-secrets/detect_secrets/core/plugins/initialize.py", line 34, in from_plugin_classname
    for plugin_type in get_mapping_from_secret_type_to_class().values():
                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/abramowi/Code/OpenSource/detect-secrets/detect_secrets/core/plugins/util.py", line 43, in get_mapping_from_secret_type_to_class
    for plugin_class in get_plugins_from_file(filename):
  File "/Users/abramowi/Code/OpenSource/detect-secrets/detect_secrets/core/plugins/util.py", line 51, in get_plugins_from_file
    for plugin_class in get_plugins_from_module(import_file_as_module(filename)):
                                                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/abramowi/Code/OpenSource/detect-secrets/detect_secrets/util/importlib.py", line 88, in import_file_as_module
    raise FileNotFoundError
FileNotFoundError
msabramo added a commit to msabramo/detect-secrets that referenced this issue Oct 26, 2023
@msabramo
Better error if plugin file in baseline not found
0a76035 
Fixes: Yelp#718
@msabramo msabramo mentioned this issue Oct 26, 2023
Merged
3 tasks
msabramo added a commit to msabramo/detect-secrets that referenced this issue Oct 26, 2023
@msabramo
Better error if plugin file in baseline not found
1dae3f2 
Fixes: Yelp#718
msabramo added a commit to msabramo/detect-secrets that referenced this issue Oct 26, 2023
@msabramo
Better error if plugin file in baseline not found
82a6b6d 
Fixes: Yelp#718
@msabramo msabramo changed the title FileNotFoundError with traceback displayed if baseline references plugin files that don't exist Should include filename in error displayed if baseline references plugin file that doesn't exist Oct 26, 2023
@msabramo msabramo changed the title Should include filename in error displayed if baseline references plugin file that doesn't exist Should include filename in error displayed if plugin file in baseline not found Oct 26, 2023
@msabramo
Copy link
Contributor Author

msabramo commented Oct 26, 2023
edited
Loading

With #719, the output is:

$ detect-secrets-hook --baseline .secrets.baseline setup.py
[initialize]	ERROR	Error: Failed to load `FakeCustomPlugin` plugin:
    [Errno 2] No such file or directory: './path/to/plugin/that/does/not/exist/plugin.py'
[initialize]	ERROR	This error can occur when using a baseline that references a custom plugin
    with a path that does not exist.
[scan]	ERROR	Unable to load plugins!

which is much more useful for troubleshooting!

@lorenzodb1 lorenzodb1 added the pending The issue still needs to be reviewed by one of the maintainers. label Nov 17, 2023
murtaza-swati pushed a commit to travis-ci/detect-secrets that referenced this issue Nov 25, 2024
@tonoyansergey-devt @eddiez9
@nuztalgia @jpdakran @perryzjc @dependabot @sindrig @msabramo @lorenzodb1 @danielpops @direvus @pafmaf @mikedidomizio @Chandra158 @jfagoagas
TBT-71 Update repository (#1)
76c6297 
* update core bits to convert files to local filesystem

* update test assertions to be os local path

* add type cast

* Improve `DiscordBotTokenDetector` and its tests. (Yelp#628)

Fixes Yelp#627.

* Drop py36 support (Yelp#672)

* Drop py36 support

* Update contributing doc to remove instance of py36

* Remove custom logic for py36.0

* Run CI Daily (Yelp#674)

* Run ci daily at 730am

* Update action syntax

* Update to once a month

* Add String Implementation - StatisticsAggregator (Yelp#678)

* Add string output for statistics due to not implementation error

* Add return type annotations

* Empty commit

* Do not add duplicate lines for yaml transformer (Yelp#679)

* The colon equal sign regex should contain both colon and equal. Neither is optional. Specific for assignment and declaration in golang (Yelp#675)

* Add test cases for ipv4 adresses

* Add a plguin for public ip passing the tests

* Update documentation for new feature : IPPublic plguin

* Bump requests from 2.26.0 to 2.31.0

Bumps [requests](https://github.com/psf/requests) from 2.26.0 to 2.31.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.26.0...v2.31.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump certifi from 2021.10.8 to 2023.7.22

Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2023.7.22.
- [Commits](certifi/python-certifi@2021.10.08...2023.07.22)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Catch index error when checking dollar prefix

As shown by the test, we want to return False for the empty string
when checking if it is prefixed with a dollar.

* Better error if plugin file in baseline not found

Fixes: Yelp#718

* Dropped support for Python 3.7, added support for Python 3.10, upgraded dependencies and updated project info

* Updated CI with currently supported python versions

* Bump filelock from 3.0.12 to 3.13.1

Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.0.12 to 3.13.1.
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@v3.0.12...3.13.1)

---
updated-dependencies:
- dependency-name: filelock
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump urllib3 from 1.26.9 to 2.1.0

Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.9 to 2.1.0.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.26.9...2.1.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump pyflakes from 1.6.0 to 3.1.0

Bumps [pyflakes](https://github.com/PyCQA/pyflakes) from 1.6.0 to 3.1.0.
- [Changelog](https://github.com/PyCQA/pyflakes/blob/main/NEWS.rst)
- [Commits](PyCQA/pyflakes@1.6.0...3.1.0)

---
updated-dependencies:
- dependency-name: pyflakes
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump importlib-metadata from 4.8.1 to 6.8.0

Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.8.1 to 6.8.0.
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst)
- [Commits](python/importlib_metadata@v4.8.1...v6.8.0)

---
updated-dependencies:
- dependency-name: importlib-metadata
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump typing-extensions from 3.10.0.2 to 4.3.0

Bumps [typing-extensions](https://github.com/python/typing_extensions) from 3.10.0.2 to 4.3.0.
- [Release notes](https://github.com/python/typing_extensions/releases)
- [Changelog](https://github.com/python/typing_extensions/blob/main/CHANGELOG.md)
- [Commits](python/typing_extensions@3.10.0.2...4.3.0)

---
updated-dependencies:
- dependency-name: typing-extensions
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Upgrade dependencies

* Bump zipp from 3.6.0 to 3.17.0

Bumps [zipp](https://github.com/jaraco/zipp) from 3.6.0 to 3.17.0.
- [Release notes](https://github.com/jaraco/zipp/releases)
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
- [Commits](jaraco/zipp@v3.6.0...v3.17.0)

---
updated-dependencies:
- dependency-name: zipp
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump importlib-metadata from 6.6.0 to 6.8.0

Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 6.6.0 to 6.8.0.
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst)
- [Commits](python/importlib_metadata@v6.6.0...v6.8.0)

---
updated-dependencies:
- dependency-name: importlib-metadata
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump idna from 3.3 to 3.4

Bumps [idna](https://github.com/kjd/idna) from 3.3 to 3.4.
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.3...v3.4)

---
updated-dependencies:
- dependency-name: idna
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Added support for py311

* Remove importlib-metadata from requirements-dev.txt

* Use a newer version of coverage that knows how to properly report coverage metrics for python 3.11

* Fix double quoted strings

* Fix python code style

* Bump pyahocorasick from 1.4.4 to 2.0.0

Bumps [pyahocorasick](https://github.com/WojciechMula/pyahocorasick) from 1.4.4 to 2.0.0.
- [Release notes](https://github.com/WojciechMula/pyahocorasick/releases)
- [Changelog](https://github.com/WojciechMula/pyahocorasick/blob/master/CHANGELOG.rst)
- [Commits](WojciechMula/pyahocorasick@1.4.4...2.0.0)

---
updated-dependencies:
- dependency-name: pyahocorasick
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump pluggy from 0.13.1 to 1.3.0

Bumps [pluggy](https://github.com/pytest-dev/pluggy) from 0.13.1 to 1.3.0.
- [Changelog](https://github.com/pytest-dev/pluggy/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pluggy@0.13.1...1.3.0)

---
updated-dependencies:
- dependency-name: pluggy
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump cfgv from 3.2.0 to 3.4.0

Bumps [cfgv](https://github.com/asottile/cfgv) from 3.2.0 to 3.4.0.
- [Commits](asottile/cfgv@v3.2.0...v3.4.0)

---
updated-dependencies:
- dependency-name: cfgv
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update test case to unflag invalid ipv4

* Update regex to pass updated  test

* Revert import order changes

* Bump certifi from 2023.7.22 to 2023.11.17

Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.7.22 to 2023.11.17.
- [Commits](certifi/python-certifi@2023.07.22...2023.11.17)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump types-requests from 2.28.9 to 2.31.0.10

Bumps [types-requests](https://github.com/python/typeshed) from 2.28.9 to 2.31.0.10.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-requests
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump identify from 2.3.0 to 2.5.32

Bumps [identify](https://github.com/pre-commit/identify) from 2.3.0 to 2.5.32.
- [Commits](pre-commit/identify@v2.3.0...v2.5.32)

---
updated-dependencies:
- dependency-name: identify
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Reword audit prompt message for clarity

The old audit prompt message was confusing in the case of a false positive. This new wording suits both genuine findings and false positives.

Fixes Yelp#734

* Update docs and tests for new prompt wording.

* Adjust test case to return false for invalid ipv4

* Adjust regex to pass new test

* Bump nodeenv from 1.6.0 to 1.8.0

Bumps [nodeenv](https://github.com/ekalinin/nodeenv) from 1.6.0 to 1.8.0.
- [Release notes](https://github.com/ekalinin/nodeenv/releases)
- [Changelog](https://github.com/ekalinin/nodeenv/blob/master/CHANGES)
- [Commits](ekalinin/nodeenv@1.6.0...1.8.0)

---
updated-dependencies:
- dependency-name: nodeenv
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump responses from 0.16.0 to 0.24.1

Bumps [responses](https://github.com/getsentry/responses) from 0.16.0 to 0.24.1.
- [Release notes](https://github.com/getsentry/responses/releases)
- [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES)
- [Commits](getsentry/responses@0.16.0...0.24.1)

---
updated-dependencies:
- dependency-name: responses
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump pre-commit from 2.17.0 to 3.5.0

Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 2.17.0 to 3.5.0.
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit@v2.17.0...v3.5.0)

---
updated-dependencies:
- dependency-name: pre-commit
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump unidiff from 0.7.4 to 0.7.5

Bumps [unidiff](https://github.com/matiasb/python-unidiff) from 0.7.4 to 0.7.5.
- [Release notes](https://github.com/matiasb/python-unidiff/releases)
- [Changelog](https://github.com/matiasb/python-unidiff/blob/master/HISTORY)
- [Commits](matiasb/python-unidiff@v0.7.4...v0.7.5)

---
updated-dependencies:
- dependency-name: unidiff
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update prompt wording per request from @lorenzodb1

* Bump backports-entry-points-selectable from 1.1.1 to 1.2.0

Bumps [backports-entry-points-selectable](https://github.com/jaraco/backports.entry_points_selectable) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/jaraco/backports.entry_points_selectable/releases)
- [Changelog](https://github.com/jaraco/backports.entry_points_selectable/blob/main/NEWS.rst)
- [Commits](jaraco/backports.entry_points_selectable@v1.1.1...v1.2.0)

---
updated-dependencies:
- dependency-name: backports-entry-points-selectable
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump charset-normalizer from 2.0.7 to 3.3.2

Bumps [charset-normalizer](https://github.com/Ousret/charset_normalizer) from 2.0.7 to 3.3.2.
- [Release notes](https://github.com/Ousret/charset_normalizer/releases)
- [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md)
- [Upgrade guide](https://github.com/Ousret/charset_normalizer/blob/master/UPGRADE.md)
- [Commits](jawah/charset_normalizer@2.0.7...3.3.2)

---
updated-dependencies:
- dependency-name: charset-normalizer
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump backports-entry-points-selectable from 1.2.0 to 1.3.0

Bumps [backports-entry-points-selectable](https://github.com/jaraco/backports.entry_points_selectable) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/jaraco/backports.entry_points_selectable/releases)
- [Changelog](https://github.com/jaraco/backports.entry_points_selectable/blob/main/NEWS.rst)
- [Commits](jaraco/backports.entry_points_selectable@v1.2.0...v1.3.0)

---
updated-dependencies:
- dependency-name: backports-entry-points-selectable
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump pyparsing from 2.4.7 to 3.1.1

Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.1.1.
- [Release notes](https://github.com/pyparsing/pyparsing/releases)
- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES)
- [Commits](pyparsing/pyparsing@pyparsing_2.4.7...3.1.1)

---
updated-dependencies:
- dependency-name: pyparsing
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump pyyaml from 6.0 to 6.0.1

Bumps [pyyaml](https://github.com/yaml/pyyaml) from 6.0 to 6.0.1.
- [Changelog](https://github.com/yaml/pyyaml/blob/main/CHANGES)
- [Commits](yaml/pyyaml@6.0...6.0.1)

---
updated-dependencies:
- dependency-name: pyyaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump iniconfig from 1.1.1 to 2.0.0

Bumps [iniconfig](https://github.com/pytest-dev/iniconfig) from 1.1.1 to 2.0.0.
- [Release notes](https://github.com/pytest-dev/iniconfig/releases)
- [Changelog](https://github.com/pytest-dev/iniconfig/blob/main/CHANGELOG)
- [Commits](pytest-dev/iniconfig@v1.1.1...v2.0.0)

---
updated-dependencies:
- dependency-name: iniconfig
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump mypy-extensions from 0.4.3 to 1.0.0

Bumps [mypy-extensions](https://github.com/python/mypy_extensions) from 0.4.3 to 1.0.0.
- [Commits](python/mypy_extensions@0.4.3...1.0.0)

---
updated-dependencies:
- dependency-name: mypy-extensions
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump virtualenv from 20.24.6 to 20.24.7

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.24.6 to 20.24.7.
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/20.24.7/docs/changelog.rst)
- [Commits](pypa/virtualenv@20.24.6...20.24.7)

---
updated-dependencies:
- dependency-name: virtualenv
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump platformdirs from 3.10.0 to 4.0.0

Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 3.10.0 to 4.0.0.
- [Release notes](https://github.com/platformdirs/platformdirs/releases)
- [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst)
- [Commits](tox-dev/platformdirs@3.10.0...4.0.0)

---
updated-dependencies:
- dependency-name: platformdirs
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump typed-ast from 1.5.4 to 1.5.5

Bumps [typed-ast](https://github.com/python/typed_ast) from 1.5.4 to 1.5.5.
- [Changelog](https://github.com/python/typed_ast/blob/master/release_process.md)
- [Commits](python/typed_ast@1.5.4...1.5.5)

---
updated-dependencies:
- dependency-name: typed-ast
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump packaging from 21.3 to 23.2

Bumps [packaging](https://github.com/pypa/packaging) from 21.3 to 23.2.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](pypa/packaging@21.3...23.2)

---
updated-dependencies:
- dependency-name: packaging
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump pycodestyle from 2.11.0 to 2.11.1

Bumps [pycodestyle](https://github.com/PyCQA/pycodestyle) from 2.11.0 to 2.11.1.
- [Release notes](https://github.com/PyCQA/pycodestyle/releases)
- [Changelog](https://github.com/PyCQA/pycodestyle/blob/main/CHANGES.txt)
- [Commits](PyCQA/pycodestyle@2.11.0...2.11.1)

---
updated-dependencies:
- dependency-name: pycodestyle
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump tox from 3.24.4 to 4.11.4

Bumps [tox](https://github.com/tox-dev/tox) from 3.24.4 to 4.11.4.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](tox-dev/tox@3.24.4...4.11.4)

---
updated-dependencies:
- dependency-name: tox
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump virtualenv from 20.24.7 to 20.25.0

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.24.7 to 20.25.0.
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@20.24.7...20.25.0)

---
updated-dependencies:
- dependency-name: virtualenv
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump idna from 3.4 to 3.6

Bumps [idna](https://github.com/kjd/idna) from 3.4 to 3.6.
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.4...v3.6)

---
updated-dependencies:
- dependency-name: idna
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump platformdirs from 4.0.0 to 4.1.0

Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/platformdirs/platformdirs/releases)
- [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst)
- [Commits](tox-dev/platformdirs@4.0.0...4.1.0)

---
updated-dependencies:
- dependency-name: platformdirs
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump typing-extensions from 4.3.0 to 4.9.0

Bumps [typing-extensions](https://github.com/python/typing_extensions) from 4.3.0 to 4.9.0.
- [Release notes](https://github.com/python/typing_extensions/releases)
- [Changelog](https://github.com/python/typing_extensions/blob/main/CHANGELOG.md)
- [Commits](python/typing_extensions@4.3.0...4.9.0)

---
updated-dependencies:
- dependency-name: typing-extensions
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump identify from 2.5.32 to 2.5.33

Bumps [identify](https://github.com/pre-commit/identify) from 2.5.32 to 2.5.33.
- [Commits](pre-commit/identify@v2.5.32...v2.5.33)

---
updated-dependencies:
- dependency-name: identify
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump attrs from 21.4.0 to 23.1.0

Bumps [attrs](https://github.com/python-attrs/attrs) from 21.4.0 to 23.1.0.
- [Release notes](https://github.com/python-attrs/attrs/releases)
- [Changelog](https://github.com/python-attrs/attrs/blob/main/CHANGELOG.md)
- [Commits](python-attrs/attrs@21.4.0...23.1.0)

---
updated-dependencies:
- dependency-name: attrs
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump types-pyyaml from 6.0.11 to 6.0.12.12

Bumps [types-pyyaml](https://github.com/python/typeshed) from 6.0.11 to 6.0.12.12.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-pyyaml
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump distlib from 0.3.7 to 0.3.8

Bumps [distlib](https://github.com/pypa/distlib) from 0.3.7 to 0.3.8.
- [Release notes](https://github.com/pypa/distlib/releases)
- [Changelog](https://github.com/pypa/distlib/blob/master/CHANGES.rst)
- [Commits](pypa/distlib@0.3.7...0.3.8)

---
updated-dependencies:
- dependency-name: distlib
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump coverage from 7.3.2 to 7.3.3

Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.3.2 to 7.3.3.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](nedbat/coveragepy@7.3.2...7.3.3)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump coverage from 7.3.3 to 7.4.0

Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.3.3 to 7.4.0.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](nedbat/coveragepy@7.3.3...7.4.0)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump attrs from 23.1.0 to 23.2.0

Bumps [attrs](https://github.com/sponsors/hynek) from 23.1.0 to 23.2.0.
- [Commits](https://github.com/sponsors/hynek/commits)

---
updated-dependencies:
- dependency-name: attrs
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* introducing GitLab token detector analogous to GitHubTokenDetector

as described on:
https://docs.gitlab.com/ee/security/token_overview.html#gitlab-tokens

tokens are typically of the form: `glpat-[\alnum]{20}`,
ie. ~20 char token 'suffix' with a set of prefixes

* Bump types-requests from 2.31.0.10 to 2.31.0.20240106

Bumps [types-requests](https://github.com/python/typeshed) from 2.31.0.10 to 2.31.0.20240106.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-requests
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump flake8 from 3.5.0 to 7.0.0

Bumps [flake8](https://github.com/pycqa/flake8) from 3.5.0 to 7.0.0.
- [Commits](PyCQA/flake8@3.5.0...7.0.0)

---
updated-dependencies:
- dependency-name: flake8
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* GitLab token detector, differentiating token types

* Add detection of other AWS access key id prefixes

* Update comment to be access keys and not specifically AKIA

* Bump idna from 3.6 to 3.7

Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7.
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.6...v3.7)

---
updated-dependencies:
- dependency-name: idna
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

* YelpGH-768: Plugin to detect Telegram bot tokens

* Added support for Python 3.12

* Fixed pre-commit check failures

* Upgraded pyflakes to 3.2.0

* Removed support for Python 3.8

* Bump identify from 2.5.33 to 2.5.36

Bumps [identify](https://github.com/pre-commit/identify) from 2.5.33 to 2.5.36.
- [Commits](pre-commit/identify@v2.5.33...v2.5.36)

---
updated-dependencies:
- dependency-name: identify
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump responses from 0.24.1 to 0.25.0

Bumps [responses](https://github.com/getsentry/responses) from 0.24.1 to 0.25.0.
- [Release notes](https://github.com/getsentry/responses/releases)
- [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES)
- [Commits](getsentry/responses@0.24.1...0.25.0)

---
updated-dependencies:
- dependency-name: responses
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump tox from 4.11.4 to 4.15.0

Bumps [tox](https://github.com/tox-dev/tox) from 4.11.4 to 4.15.0.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](tox-dev/tox@4.11.4...4.15.0)

---
updated-dependencies:
- dependency-name: tox
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump platformdirs from 4.1.0 to 4.2.1

Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 4.1.0 to 4.2.1.
- [Release notes](https://github.com/platformdirs/platformdirs/releases)
- [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst)
- [Commits](tox-dev/platformdirs@4.1.0...4.2.1)

---
updated-dependencies:
- dependency-name: platformdirs
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump typing-extensions from 4.9.0 to 4.11.0

Bumps [typing-extensions](https://github.com/python/typing_extensions) from 4.9.0 to 4.11.0.
- [Release notes](https://github.com/python/typing_extensions/releases)
- [Changelog](https://github.com/python/typing_extensions/blob/main/CHANGELOG.md)
- [Commits](python/typing_extensions@4.9.0...4.11.0)

---
updated-dependencies:
- dependency-name: typing-extensions
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump pyahocorasick from 2.0.0 to 2.1.0

Bumps [pyahocorasick](https://github.com/WojciechMula/pyahocorasick) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/WojciechMula/pyahocorasick/releases)
- [Changelog](https://github.com/WojciechMula/pyahocorasick/blob/master/CHANGELOG.rst)
- [Commits](WojciechMula/pyahocorasick@2.0.0...2.1.0)

---
updated-dependencies:
- dependency-name: pyahocorasick
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Plugin for PyPI api tokens

* Bump virtualenv from 20.25.0 to 20.26.1

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.25.0 to 20.26.1.
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@20.25.0...20.26.1)

---
updated-dependencies:
- dependency-name: virtualenv
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump pyparsing from 3.1.1 to 3.1.2

Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/pyparsing/pyparsing/releases)
- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES)
- [Commits](pyparsing/pyparsing@3.1.1...pyparsing_3.1.2)

---
updated-dependencies:
- dependency-name: pyparsing
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Add regex to detect test.pypi.org tokens

* New plugin for OpenAI tokens

* Update README for OpenAIDetector

* Fix pre-commit

* Bump pluggy from 1.3.0 to 1.5.0

Bumps [pluggy](https://github.com/pytest-dev/pluggy) from 1.3.0 to 1.5.0.
- [Changelog](https://github.com/pytest-dev/pluggy/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pluggy@1.3.0...1.5.0)

---
updated-dependencies:
- dependency-name: pluggy
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump zipp from 3.17.0 to 3.18.1

Bumps [zipp](https://github.com/jaraco/zipp) from 3.17.0 to 3.18.1.
- [Release notes](https://github.com/jaraco/zipp/releases)
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
- [Commits](jaraco/zipp@v3.17.0...v3.18.1)

---
updated-dependencies:
- dependency-name: zipp
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog for v1.5.0 release

* Updated baseline file

* Fixed version in baseline file

* Revert "Fixed version in baseline file"

This reverts commit 16e3452.

* Revert "Updated baseline file"

This reverts commit e11ed89.

* Revert "Changelog for v1.5.0 release"

This reverts commit eaee543.

* Bump packaging from 23.2 to 24.0

Bumps [packaging](https://github.com/pypa/packaging) from 23.2 to 24.0.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](pypa/packaging@23.2...24.0)

---
updated-dependencies:
- dependency-name: packaging
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump coverage from 7.4.0 to 7.5.1

Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.4.0 to 7.5.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](nedbat/coveragepy@7.4.0...7.5.1)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update changelog v1.5.0 release (Yelp#829)

* Update changelog for v1.5.0 release

* Update date

* Bump version: 1.4.0 → 1.5.0

* Bump filelock from 3.13.1 to 3.14.0

Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.13.1 to 3.14.0.
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@3.13.1...3.14.0)

---
updated-dependencies:
- dependency-name: filelock
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump certifi from 2023.11.17 to 2024.2.2

Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.11.17 to 2024.2.2.
- [Commits](certifi/python-certifi@2023.11.17...2024.02.02)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump urllib3 from 2.1.0 to 2.2.1

Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.1.0 to 2.2.1.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@2.1.0...2.2.1)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump platformdirs from 4.2.1 to 4.2.2

Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/platformdirs/platformdirs/releases)
- [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst)
- [Commits](tox-dev/platformdirs@4.2.1...4.2.2)

---
updated-dependencies:
- dependency-name: platformdirs
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* ---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump zipp from 3.18.1 to 3.19.2

Bumps [zipp](https://github.com/jaraco/zipp) from 3.18.1 to 3.19.2.
- [Release notes](https://github.com/jaraco/zipp/releases)
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
- [Commits](jaraco/zipp@v3.18.1...v3.19.2)

---
updated-dependencies:
- dependency-name: zipp
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump requests from 2.31.0 to 2.32.3

Bumps [requests](https://github.com/psf/requests) from 2.31.0 to 2.32.3.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.31.0...v2.32.3)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump coverage from 7.5.1 to 7.5.3

Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.5.1 to 7.5.3.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](nedbat/coveragepy@7.5.1...7.5.3)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump typing-extensions from 4.11.0 to 4.12.2

Bumps [typing-extensions](https://github.com/python/typing_extensions) from 4.11.0 to 4.12.2.
- [Release notes](https://github.com/python/typing_extensions/releases)
- [Changelog](https://github.com/python/typing_extensions/blob/main/CHANGELOG.md)
- [Commits](python/typing_extensions@4.11.0...4.12.2)

---
updated-dependencies:
- dependency-name: typing-extensions
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump nodeenv from 1.8.0 to 1.9.1

Bumps [nodeenv](https://github.com/ekalinin/nodeenv) from 1.8.0 to 1.9.1.
- [Release notes](https://github.com/ekalinin/nodeenv/releases)
- [Changelog](https://github.com/ekalinin/nodeenv/blob/master/CHANGES)
- [Commits](ekalinin/nodeenv@1.8.0...1.9.1)

---
updated-dependencies:
- dependency-name: nodeenv
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump urllib3 from 2.2.1 to 2.2.2

Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@2.2.1...2.2.2)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump packaging from 24.0 to 24.1

Bumps [packaging](https://github.com/pypa/packaging) from 24.0 to 24.1.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](pypa/packaging@24.0...24.1)

---
updated-dependencies:
- dependency-name: packaging
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump responses from 0.25.0 to 0.25.3

Bumps [responses](https://github.com/getsentry/responses) from 0.25.0 to 0.25.3.
- [Release notes](https://github.com/getsentry/responses/releases)
- [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES)
- [Commits](getsentry/responses@0.25.0...0.25.3)

---
updated-dependencies:
- dependency-name: responses
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump certifi from 2024.2.2 to 2024.7.4

Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.2.2 to 2024.7.4.
- [Commits](certifi/python-certifi@2024.02.02...2024.07.04)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump virtualenv from 20.26.1 to 20.26.3

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.26.1 to 20.26.3.
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@20.26.1...20.26.3)

---
updated-dependencies:
- dependency-name: virtualenv
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix(telegram_bot_token): Regex must match just bot tokens

* test(telegram_bot_token): AWS ARN should not match

* fix(telegram_bot_token): `bot` should not be in the token

`bot` is only used while verifying the token, as per https://core.telegram.org/bots/api#authorizing-your-bot

* fix(test): something with `^bot` should not match

* fix: format trailing comma

* fix(ip_public): Exclude IPv4 Link Local

* Bump pre-commit from 3.5.0 to 4.0.1

Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 3.5.0 to 4.0.1.
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit@v3.5.0...v4.0.1)

---
updated-dependencies:
- dependency-name: pre-commit
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: eddiez9 <eddie@eddiez.me>
Co-authored-by: Nuztalgia <nuztalgia@gmail.com>
Co-authored-by: John-Paul Dakran <dakranj@yelp.com>
Co-authored-by: Jingchao Zhong <perry.zjc@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sindri Guðmundsson <sindrigudmundsson@gmail.com>
Co-authored-by: Marc Abramowitz <abramowi@adobe.com>
Co-authored-by: Lorenzo De Bernardini <lorenzodebernardini@yelp.com>
Co-authored-by: Jingchao Zhong <92573736+perryzjc@users.noreply.github.com>
Co-authored-by: Daniel Popescu <danielpops@gmail.com>
Co-authored-by: Brendan Jurd <direvus@gmail.com>
Co-authored-by: Brendan Jurd <brendan.jurd@novasystems.com>
Co-authored-by: Kirill Wedenin <kirill.wedenin@codecentric.de>
Co-authored-by: Mike DiDomizio <mikedidomizio@gmail.com>
Co-authored-by: Chandra Prakash <chandra.pr.158@gmail.com>
Co-authored-by: lorenzodb1 <lorenzodb1@hotmail.it>
Co-authored-by: Chandra Prakash <chandrapr@yelp.com>
Co-authored-by: John-Paul Dakran <dakranj@gmail.com>
Co-authored-by: Pepe Fagoaga <jfagoagas@gmail.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
pending The issue still needs to be reviewed by one of the maintainers.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Include filename in error displayed if plugin file in baseline not found msabramo/detect-secrets
2 participants
@msabramo @lorenzodb1