exclusion regexes no longer work on 3.65.0

[JanDemaerelArqGroup]

Please review the Community Note before submitting

TruffleHog Version

3.65.0

Trace Output

N/A

Expected Behavior

trufflehog to honour file regexes in file passed on with -x (--exclude-paths) and uri "." (no quotations)

Actual Behavior

trufflehog 3.64.0 honoured file regex exclusions (e.g. ".git"), but 3.65.0 does not

Steps to Reproduce

1. create file with a high entropy string in it
2. create exclusion file, with the prior file-name as content
3. run trufflehog --no-update filesystem -x <exclusion file> .
4. trufflehog does not honour exclusions mentioned in exclusion file

Environment

docker ubuntu-latest
trufflehog 3.65.0

Additional Context

N/A

References

N/A

[dustin-decker]

Thank for your prompt report - we will look into this.

[JanDemaerelArqGroup]

note, my exclusion list contains both directories and files, which are promptly both ignored :)

[AshleyEke]

Not sure if it's related but this has started happening to me within the last couple of days. I am specifically using the docker image version 3.47.0 though.

[kagahd]

I confirm @JanDemaerelArqGroup observation.
Keep in mind to run trufflehog with parameter --no-update else trufflehog will update itself to the latest version and you may wonder why an older trufflehog version (< 3.65.0) still seems to have this newly introduced bug.

[mcastorina]

Sorry for the regression! It should be fixed in v3.66.2

[AshleyEke]

@kagahd Thank you I wasn't aware of the --no-update flag and it solved my issue. However, I am a little confused about the purpose of that flag, doesn't it defeat the purpose of installing a specific version of the CLI, or using a specific version of the docker image if it always uses the latest by default anyway?