Detect-secrets

January 4th, 2019

:bug: Bugfixes
- Fixed a bug where we were adding an extra-newline in `detect-secrets scan` output ([111])

:snake: Miscellaneous

- Reorganized the code, mainly creating a `common/` directory ([113])

[111]: https://github.com/Yelp/detect-secrets/pull/111
[113]: https://github.com/Yelp/detect-secrets/pull/113

January 4th, 2019

:telescope: Accuracy

- [Added `null` to the `FALSE_POSITIVES` tuple for the `KeywordDetector` plugin, so we don't alert off of it](https://github.com/Yelp/detect-secrets/commit/58df82ce37d64f22cb885960c2031b5f8ebe4b75)

January 4th, 2019

:tada: New Features

- Turned the `KeywordDetector` plugin back on, with new regexes and accuracy improvements ([86])
- Added an `AWSAccessKeyDetector` plugin ([100])
- Added the ability to scan `.ini` types files that don't have a header ([106])

[86]: https://github.com/Yelp/detect-secrets/pull/86
[100]: https://github.com/Yelp/detect-secrets/pull/100
[106]: https://github.com/Yelp/detect-secrets/pull/106

:telescope: Accuracy

- Add blacklisting of PGP private key headers in `PrivateKeyDetector` plugin ([104])
- Reduced false-positives by improving `BasicAuthDetector` plugin regex ([98])

[104]: https://github.com/Yelp/detect-secrets/pull/104

:bug: Bugfixes
- Fixed a bug where we were not showing removed lines in the `audit` functionality ([98])

[98]: https://github.com/Yelp/detect-secrets/pull/98

:snake: Miscellaneous

- Added whitelist directive regexes to match against inline comment syntaxes in more languages ([105])
- Refactored various detectors to use `RegexBasedDetector` ([103])
- Refactored the `BashColor` singleton into the `colorize` function ([109])
- Small improvements to existing file parsers ([107])
- Refactored the `BasePlugin` to use the `WHITELIST_REGEX` ([99])
- Removed `unidiff` from standard dependencies ([101])

[99]: https://github.com/Yelp/detect-secrets/pull/99
[101]: https://github.com/Yelp/detect-secrets/pull/101
[103]: https://github.com/Yelp/detect-secrets/pull/103
[105]: https://github.com/Yelp/detect-secrets/pull/105
[107]: https://github.com/Yelp/detect-secrets/pull/107
[109]: https://github.com/Yelp/detect-secrets/pull/109

November 26th, 2018

:tada: New Features

- Made the pre-commit hook automatically update the baseline ([96])
- Added the `audit --diff` functionality ([95])

[95]: https://github.com/Yelp/detect-secrets/pull/95
[96]: https://github.com/Yelp/detect-secrets/pull/96

:art: Display Changes

- Added display of secret type in audit functionality ([94])

[94]: https://github.com/Yelp/detect-secrets/pull/94

October 30th, 2018

:art: Display Changes

- Added a "Please git add the baseline" message ([89])
- Improved the "Unable to open baseline file" message ([91])

[91]: https://github.com/Yelp/detect-secrets/pull/91

:bug: Bugfixes

- Update `scan --update` results to only propagate `is_secret` of new secrets ([90])

[90]: https://github.com/Yelp/detect-secrets/pull/90

October 23rd, 2018

:boom: Breaking Changes
- Disabled `KeywordDetector` plugin temporarily ([89])

:art: Display Changes

- Ordered baseline hashes, for better diffs ([84])
- Added a "Please git add the baseline" message ([89])
- Improved error messages for pre-commit hook ([85])

[84]: https://github.com/Yelp/detect-secrets/pull/84
[89]: https://github.com/Yelp/detect-secrets/pull/89
[85]: https://github.com/Yelp/detect-secrets/pull/85

:bug: Bugfixes

- Fixed a couple bugs in the `audit` functionality, one for small files and the other case-sensitivity in the `KeywordDetector` plugin ([83], thanks [jkozera])

[83]: https://github.com/Yelp/detect-secrets/pull/83