chore(deps): bump github.com/zricethezav/gitleaks/v8 from 8.18.1 to 8.30.0

[dependabot]

Bumps github.com/zricethezav/gitleaks/v8 from 8.18.1 to 8.30.0.

Release notes

Sourced from github.com/zricethezav/gitleaks/v8's releases.

v8.30.0

Changelog

• 6eaad03 0 to 5 - notes on recursive decoding (#1994)
• 09242ce Add new Looker client ID and client secret rules (#1947)
• c98e5e0 feat: add Airtable Personnal Access Token detection (#1952)
• 4ed0ca4 build: upgrade Go & alpine version (#1989)

v8.29.1

Changelog

• fb5d707 thats a paddlin
• 50493db feat: document stdout report path (#1990)

v8.29.0

Changelog

• ed65b65 Add trace log for skipped archive file when not enabled (#1961)
• c5ccbb9 Respect contexts with timeouts (#1948)
• 3821f30 Config min version (#1955)
• d223718 fix(config): validate rules when [extend] is used (#1592)
• 87d9629 feat: add Amazon Bedrock API key detection (#1935)
• 228396b Add GitHub Sponsors section and Discord link
• a82bc53 feat: improve regex to detect Sonar tokens with prefixes (#1931)

v8.28.0

Changelog

• 4fb4382 cant count
• b1c9c7e Composite rules (#1905)
• 72977e4 feat: add Anthropic API key detection (#1910)
• 7b02c98 fix(git): handle port (#1912)
• 2a7bcff dont prematurely calculate fragment newlines (#1909)
• bd79c3e feat(allowlist): promote optimizations (#1908)
• 7fb4eda Fix: CVEs on go and go crypto (#1868)
• a044b81 feat: add artifactory reference token and api key detection (#1906)
• bf380d4 silly
• f487f85 Update gitleaks.yml
• 958f55a add just like that, no leaks

Optimizations

#1909 waits to find newlines until a match. This ends up saving a boat load of time since before we were finding newlines for every fragment regardless if a rule matched or not. #1908 promoted @​rgmz excellent stopword optimization

Composite Rules (Multi-part or required Rules) #1905

In v8.28.0 Gitleaks introduced composite rules, which are made up of a single "primary" rule and one or more auxiliary or required rules. To create a composite rule, add a [[rules.required]] table to the primary rule specifying an id and optionally withinLines and/or withinColumns proximity constraints. A fragment is a chunk of content that Gitleaks processes at once (typically a file, part of a file, or git diff), and proximity matching instructs the primary rule to only report a finding if the auxiliary required rules also find matches within the specified area of the fragment.

Proximity matching: Using the withinLines and withinColumns fields instructs the primary rule to only report a finding if the auxiliary required rules also find matches within the specified proximity. You can set:

• withinLines: N - required findings must be within N lines (vertically)

... (truncated)

Commits

• 6eaad03 0 to 5 - notes on recursive decoding (#1994)
• 09242ce Add new Looker client ID and client secret rules (#1947)
• c98e5e0 feat: add Airtable Personnal Access Token detection (#1952)
• 4ed0ca4 build: upgrade Go & alpine version (#1989)
• fb5d707 thats a paddlin
• 50493db feat: document stdout report path (#1990)
• ed65b65 Add trace log for skipped archive file when not enabled (#1961)
• c5ccbb9 Respect contexts with timeouts (#1948)
• 3821f30 Config min version (#1955)
• d223718 fix(config): validate rules when [extend] is used (#1592)
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
github.com/zricethezav/gitleaks/v8	[< 8.19, > 8.18.1]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)