Version 2.3.1

Bug fixes:

• Added rust toolchain to allow for building of latest cryptography

Other changes:

• Added no-fetch to code snippets and note about what it does

Version 2.3.0

Features:

• #42 - Report output on clean or successful scan. Add new -q/--quiet option to suppress output
• #43 - Report out of the list of exclusions. Add new -v/--verbose option to print exclusions
• #159 - Switched our primary development branch from master -> main
• Updated BFG refs from 1.13.0 to 1.13.2

Version 2.2.1

v2.2.1 - 02 December 2020

Bugfixes:

• Rev build and release versions to match

Version 2.2.0

Features:

• #119 - Added a new --fetch/--no-fetch option for local scans, controlling
  whether the local clone is refreshed before scan. (Thanks @jgowdy!)
• #125 - Implement CODEOWNERS and auto-assignment to maintainers on PRs

Bugfixes:

• #115 - Strange behavior can manifest with invalid sub-commands
• #117 - Ignore whitespace-only lines in exclusion files
• #118 - Local scans fetch remote origin
• #121 - Match rules specified with --git-rules-repo were not included in scans
• #140 - Ensure a valid output folder name in Windows

Other changes:

• #95 - Run CI across Linux, Windows, and MacOS
• #130 - Added references to Tartufo GoogleGroups mailing list to docs
• Fixed testing in Pypy3 and explicitly added Python 3.9 support
• #134 - Documented the release process
• #143 - Updated GitHub Action hashes to newest rev to address https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/ where possible

Version 2.0.2

Bug fixes:

• #115 - Strange behavior can manifest with invalid sub-commands
• #117 - Ignore whitespace-only lines in exclusion files

Other changes:

• Fixed testing in Pypy3 and explicitly added Python 3.9 support

Version 2.0.1

This is the official 2.0 release, plus a deployment fix! The 2.0.0 tag got deleted because it was only partially deployed due to an issue in the Dockerfile.

This release represents several months worth of work from a number of contributors, essentially rewriting most of the code base and hopefully making it more user-friendly and functional.

For a full list of changes, please see the CHANGELOG.md.

Version 2.0.0-alpha.2

This bugfix release is to take care of a handful of issues discovered during the
initial alpha release for 2.0.

• #68 - Added consistent documentation through the codebase for classes,
  methods, and all other API elements (via #92)
• #90 - Presenting a friendlier error message when there is an error interacting
  with git (via #93)
• #94 - Fix tests that were failing on MacOS (via #97)
• #86 - Treat tartufo.toml preferentially over pyproject.toml when loading
  config (via #101)
• #91 - Load config from scanned repositories. This functionality previously
  existed in 1.x, but was missed during the rebuild for v2.0. This also resulted
  in a bit of an overall rewrite of config file discovery to eliminate some
  duplicated logic. (via #103)

Version 2.0.0-alpha.1

This is a whole brand new tartufo! It's been entirely restructured, rewritten,
retested, rebuilt, and remade! It's now more extensible, readable, testable,
and usable.

New features include:

• #2 - Verified/approved exclusions are now handled by way of hash signatures.
  • These hashes are created on a combination of the matched string and filename
    where the match was found. They are generated using the BLAKE2 hashing
    algorithm. (via #61)
• #7 - A working directory can now be specified to clone to when scanning a
  remote repository. (via #81)
• #11 - Removed the --cleanup option and added a --output-dir in its place.
  Issues are now written to disk only when specifically requested by providing
  an output directory. (via #82)
• #39 - The functionality is now split into sub-commands (via #78) Available
  sub-commands are, for now:
  • pre-commit
  • scan-local-repo
  • scan-remote-repo
• The entire library has been refactored and nearly all logic has been put
  into its most appropriate place. It should now be possible to use this whole
  tool as a library, and not just a CLI application. (via #29, #65, #67, #70)

Bug fixes include:

• #55 - The tests no longer iterate over this repository's history; everything
  has been sufficiently split out to make it more testable without needing to
  look at an actual git history. (via #70)
• #72 - Specifying a non-git path no longer causes an error (via #80)

Other changes:

• Issues found during the scan are now represented by a class, instead of some
  amorphous dictionary (via #29)
  • Further, since a single Issue is instantiated per match, the output key
    for the matches has changed from strings_found to matched_string.
• #25 - Set up full documentation on Read The Docs (via #38)
• #30 - Support for Python 2 has been dropped (via #31)
• #58 - CI is now handled by GitHub Actions (via #59)

Docker fixes & docs

• #48 (Backport of #45 & #46)
  • Documented Docker usage
  • Small fixes to Docker to allow SSH clones and avoid scanning tartufo itself
• Docs have been backported from the master branch.

Pre-commit bugfix

This is a quick bugfix release to ensure that pre-commit hooks work properly.

• Fix the docs and pre-commit hook to use hyphens in CLI arguments, as opposed to underscores. (#33)