bump gitleaks and trufflehog
What does this MR do?
Bumps Gitleaks and Trufflehog to their latest versions. This MR is needed for https://gitlab.com/gitlab-org/gitlab/-/issues/36860 as there is a bug in version 3.3.0 of gitleaks that yields the wrong results for scans on commit ranges. The changes are simple enough, just bump the versions in the Dockerfile. There is one small change to the gitleaks config that updates the toml config table for whitelists.
What are the relevant issue numbers?
gitlab-org/gitlab#214078 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Zach Rice