Tartufo

----------------------

Features:

* [328](https://github.com/godaddy/tartufo/pull/328) - Buffer issues beyond --buffer-size to a temporary file

Bug fixes:

* [330](https://github.com/godaddy/tartufo/pull/330) - Allow newer versions of pygit2 for newer versions of Python

-----------------------

Version 3.0.0. Stable Release.

------------------------------

Bug fixes:

* [301](https://github.com/godaddy/tartufo/issues/301) - Parse new-style option
values correctly, avoid duplicate processing of global options, and don't
generate spurious deprecation warnings for these options.
* [303](https://github.com/godaddy/tartufo/pull/303) - Include or exclude git submodules
only if we're not working with a mirror clone.

------------------------------

Bug fixes:

* [296](https://github.com/godaddy/tartufo/pull/296), [#297](https://github.com/godaddy/tartufo/pull/297) -
Fix our Docker image so that it actually builds, and the tartufo command works
* [298](https://github.com/godaddy/tartufo/pull/298) - Fix how we determine whether
we are scanning a shallow clone, so that it is more bulletproof.

------------------------------

Bug fixes:

* [284](https://github.com/godaddy/tartufo/pull/284) - Fix handling of first
commit during local scans; an exception was raised instead of processing the
commit.

Misc:

* [282](https://github.com/godaddy/tartufo/pull/282) - Remove old style config for `exclude-entropy-patterns`
* [292](https://github.com/godaddy/tartufo/pull/292) - Use the latest `click`
to provide better output on boolean flag defaults

Features:

* [270](https://github.com/godaddy/tartufo/issues/270) - When no refs/branches
are found locally, tartufo will now scan the repo HEAD as a single commit,
effectively scanning the entire codebase at once.
* [265](https://github.com/godaddy/tartufo/issues/265) - Adds new `--entropy-sensitivity`
option which provides a friendlier way to adjust entropy detection sensitivity.
This replaces `--b64-entropy-score` and `--hex-entropy-score`, which now are
marked as deprecated.
* [273](https://github.com/godaddy/tartufo/issues/273) - Entropy checking support
routines have been rewritten to utilize library abstractions and operate more
efficiently while returning identical results.
* [177](https://github.com/godaddy/tartufo/issues/177) -
[base64url](https://datatracker.ietf.org/doc/html/rfc4648#section-5) encodings
are now recognized and scanned for entropy.
* [268](https://github.com/godaddy/tartufo/issues/268) - Adds a new
`--recurse / --no-recurse` flag which allows users to recursively scan the entire directory or just
the root directory
* [256](https://github.com/godaddy/tartufo/issues/256) - Deprecated `--rules` in
favor of a new `rule-patterns` config option. This is the final piece of config
that was still stored in an external file.
* [202](https://github.com/godaddy/tartufo/issues/202) - Supports new format of exclusions in config file
with the ability to specify the reason along with exclusion
* [257](https://github.com/godaddy/tartufo/issues/257) - Supports new format of include-path-patterns and
exclude-path-patterns in config file with the ability to specify the reason along with the path-patterns.

---------------------------------

Bug fixes:

* [247](https://github.com/godaddy/tartufo/issues/247) - The `--branch` qualifier
now works again when using `scan-remote-repo`.

Features:

* [227](https://github.com/godaddy/tartufo/pull/227) - Report findings incrementally
as scan progresses instead of holding all of them until it has completed. This
is a re-implementation of [108](https://github.com/godaddy/tartufo/pull/108);
thanks to dclayton-godaddy for showing the way.
* [244](https://github.com/godaddy/tartufo/pull/244) - Drops support for
`--fetch/--no-fetch` option for local scans
* [253](https://github.com/godaddy/tartufo/issues/253) - Drops support for `--json` and `--compact`
and consolidates the two options into one `---output-format json/compact/text`
* [259](https://github.com/godaddy/tartufo/pull/259) - Adds a new
`--scan-filenames/--no-scan-filenames` flag which allows users to enable or disable file name scanning.
* [254](https://github.com/godaddy/tartufo/pull/260) - Changes the default value of
`--regex/--no-regex` to True.

Misc:

* [255](https://github.com/godaddy/tartufo/issues/255) - Removed deprecated flags
--include-paths and --exclude-paths