v0.23.0 (#248)

* Update dependencies with `cargo update`
* Update gix, parquet, arrow-schema, serde-sarif, petgraph, and vergen to latest
* Update CHANGELOG
* Bump version number to v0.23.0

CHANGELOG.md

@@ -7,7 +7,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 Note that the use of semantic versioning applies to the command-line interface and output formats; the Rust crate APIs are considered an implementation detail at this point.
 
 
-## Unreleased
+## [v0.23.0](https://github.com/praetorian-inc/noseyparker/releases/v0.23.0) (2025-01-28)
 
 ### Additions
 - New rules:

Cargo.toml

@@ -12,7 +12,7 @@ authors = ["Brad Larsen <bradford.larsen@praetorian.com>"]
 homepage = "https://github.com/praetorian-inc/noseyparker"
 repository = "https://github.com/praetorian-inc/noseyparker"
 
-version = "0.23.0-dev"
+version = "0.23.0"
 
 publish = false
 

README.md

@@ -10,7 +10,7 @@ It has found secrets in hundreds of offensive security engagements at [Praetoria
 
 **Key features:**
 - **Flexiblity:** It natively scans files, directories, GitHub, and Git history, and has an extensible input enumeration mechanism
-- **Field-tested rules:** It uses regular expressions with [169 patterns](crates/noseyparker/data/default/builtin/rules) chosen for high precision based on feedback from security engineers
+- **Field-tested rules:** It uses regular expressions with [170 patterns](crates/noseyparker/data/default/builtin/rules) chosen for high precision based on feedback from security engineers
 - **Signal-to-noise:** It deduplicates matches that share the same secret, reducing review burden by 10-1000x or more
 - **Speed & scalability:** it can scan at GB/s on a multicore system, and has scanned inputs as large as 20TB during security engagements
 

crates/input-enumerator/Cargo.toml

@@ -15,9 +15,9 @@ bstr = { version = "1.0", features = ["serde"] }
 bstring-serde = { path = "../bstring-serde" }
 crossbeam-channel = "0.5"
 fixedbitset = "0.5"
-gix = { version = "0.68", features = ["max-performance", "serde"] }
+gix = { version = "0.70", features = ["max-performance", "serde"] }
 ignore = "0.4"
-petgraph = "0.6"
+petgraph = "0.7"
 roaring = "0.10"
 schemars = { version = "0.8" }
 serde = { version = "1.0", features = ["derive"] }

crates/noseyparker-cli/Cargo.toml

@@ -63,7 +63,8 @@ default = ["mimalloc", "color_backtrace", "github", "parquet"]
 
 [build-dependencies]
 # Used for embedding compile-time version information into the `noseyparker` CLI
-vergen = { version = "8.3", features = ["build", "cargo", "git", "gitcl", "rustc", "si"] }
+vergen = { version = "9.0", features = ["build", "cargo", "rustc", "si"] }
+vergen-gitcl = { version = "1.0", features = ["build", "cargo", "rustc", "si"] }
 
 [dependencies]
 anyhow = { version = "1.0" }
@@ -77,7 +78,7 @@ console = "0.15"
 content-guesser = { path = "../content-guesser" }
 crossbeam-channel = "0.5"
 flate2 = "1.0"
-gix = { version = "0.68", features = ["max-performance", "serde"] }
+gix = { version = "0.70", features = ["max-performance", "serde"] }
 glob = "0.3.1"
 indenter = "0.3"
 indicatif = { version = "0.17", features = ["improved_unicode"] }
@@ -97,7 +98,7 @@ rlimit = "0.10.0"
 schemars = "0.8"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
-serde-sarif = "0.6"
+serde-sarif = "0.7"
 strum = { version = "0.26", features = ["derive"] }
 sysinfo = { version =  "0.33" }
 tar = "0.4"
@@ -108,9 +109,9 @@ tracing-subscriber = { version = "0.3", features = ["tracing-log", "ansi", "env-
 url = "2.3"
 vectorscan-rs = { version = "0.0.5" }
 object-pool = "0.6.0"
-parquet = { version = "53.2.0", optional = true }
-arrow-schema = { version = "53.2.0", optional = true }
-arrow-array = { version = "53.2.0", optional = true }
+parquet = { version = "54.0.0", optional = true }
+arrow-schema = { version = "54.0.0", optional = true }
+arrow-array = { version = "54.0.0", optional = true }
 
 [dev-dependencies]
 assert_cmd = { version = "2.0", features = ["color-auto"] }

crates/noseyparker-cli/build.rs

@@ -1,16 +1,17 @@
 /// This build script uses `vergen` to expose lots of build information at compile time.
 /// This information is used in the `noseyparker` CLI in its `version/-V/--version` commands.
 use std::error::Error;
-use vergen::EmitBuilder;
+use vergen_gitcl::{
+    BuildBuilder, CargoBuilder, Emitter, GitclBuilder, RustcBuilder, SysinfoBuilder,
+};
 
 fn main() -> Result<(), Box<dyn Error>> {
-    // Emit the instructions
-    EmitBuilder::builder()
-        .all_build()
-        .all_git()
-        .all_cargo()
-        .all_rustc()
-        .all_sysinfo()
+    Emitter::default()
+        .add_instructions(&BuildBuilder::all_build()?)?
+        .add_instructions(&GitclBuilder::all_git()?)?
+        .add_instructions(&CargoBuilder::all_cargo()?)?
+        .add_instructions(&RustcBuilder::all_rustc()?)?
+        .add_instructions(&SysinfoBuilder::all_sysinfo()?)?
         .emit()?;
     Ok(())
 }

crates/noseyparker-cli/tests/help/snapshots/test_noseyparker__help__version_long-2.snap

@@ -2,7 +2,7 @@
 source: crates/noseyparker-cli/tests/help/mod.rs
 expression: stdout
 ---
-noseyparker 0.23.0-dev
+noseyparker 0.23.0
 
 Build Configuration:
 

crates/noseyparker-digest/Cargo.toml

@@ -10,7 +10,7 @@ version = "0.0.0"
 publish.workspace = true
 
 [dependencies]
-gix-features = "0.39"
+gix-features = "0.40"
 hex = "0.4"
 
 [dev-dependencies]

crates/noseyparker/Cargo.toml

@@ -32,7 +32,7 @@ bstr = { version = "1.0", features = ["serde"] }
 bstring-serde = { path = "../bstring-serde" }
 chrono = { version = "0.4", default-features = false, features = ["std"], optional = true }
 console = "0.15"
-gix = { version = "0.68", features = ["max-performance", "serde"] }
+gix = { version = "0.70", features = ["max-performance", "serde"] }
 hex = "0.4"
 include_dir = { version = "0.7", features = ["glob"] }
 input-enumerator = { path = "../input-enumerator" }