Update gitleaks dependency to v8
What does this MR do?
This MR updates the Secret Detection analyzer dependency on gitleaks to v8.2.0. gitleaks v8.0.0 introduced some big changes including the switch from go-git to shelling git commands directly which ended up being much more performant. Full release notes for gitleaks can be found here: https://github.com/zricethezav/gitleaks/releases
Because of the gitleaks update, there have been some minor changes to the analyzer including:
- the need to extract relative file paths for non-historic scans
- secret struct definition change
- ruleids that are part of the gitleaks configuration file are used for findings' id/compare key
- shelling of
gitleaksneeded to be tweaked
Other changes include removing some bloated tests that don't accomplish anything like full-history vs small-full-history: https://gitlab.com/gitlab-org/security-products/analyzers/secrets/-/blob/master/convert_test.go#L25-28
What are the relevant issue numbers?
gitlab-org/gitlab#345770 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Lucas Charles