TBT-71 Update repository (#1)

* update core bits to convert files to local filesystem * update test assertions to be os local path * add type cast * Improve `DiscordBotTokenDetector` and its tests. (#628) Fixes #627. * Drop py36 support (#672) * Drop py36 support * Update contributing doc to remove instance of py36 * Remove custom logic for py36.0 * Run CI Daily (#674) * Run ci daily at 730am * Update action syntax * Update to once a month * Add String Implementation - StatisticsAggregator (#678) * Add string output for statistics due to not implementation error * Add return type annotations * Empty commit * Do not add duplicate lines for yaml transformer (#679) * The colon equal sign regex should contain both colon and equal. Neither is optional. Specific for assignment and declaration in golang (#675) * Add test cases for ipv4 adresses * Add a plguin for public ip passing the tests * Update documentation for new feature : IPPublic plguin * Bump requests from 2.26.0 to 2.31.0 Bumps [requests](https://github.com/psf/requests) from 2.26.0 to 2.31.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.26.0...v2.31.0) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Bump certifi from 2021.10.8 to 2023.7.22 Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2023.7.22. - [Commits](certifi/python-certifi@2021.10.08...2023.07.22) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Catch index error when checking dollar prefix As shown by the test, we want to return False for the empty string when checking if it is prefixed with a dollar. * Better error if plugin file in baseline not found Fixes: #718 * Dropped support for Python 3.7, added support for Python 3.10, upgraded dependencies and updated project info * Updated CI with currently supported python versions * Bump filelock from 3.0.12 to 3.13.1 Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.0.12 to 3.13.1. - [Release notes](https://github.com/tox-dev/py-filelock/releases) - [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst) - [Commits](tox-dev/filelock@v3.0.12...3.13.1) --- updated-dependencies: - dependency-name: filelock dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump urllib3 from 1.26.9 to 2.1.0 Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.9 to 2.1.0. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@1.26.9...2.1.0) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump pyflakes from 1.6.0 to 3.1.0 Bumps [pyflakes](https://github.com/PyCQA/pyflakes) from 1.6.0 to 3.1.0. - [Changelog](https://github.com/PyCQA/pyflakes/blob/main/NEWS.rst) - [Commits](PyCQA/pyflakes@1.6.0...3.1.0) --- updated-dependencies: - dependency-name: pyflakes dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump importlib-metadata from 4.8.1 to 6.8.0 Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.8.1 to 6.8.0. - [Release notes](https://github.com/python/importlib_metadata/releases) - [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst) - [Commits](python/importlib_metadata@v4.8.1...v6.8.0) --- updated-dependencies: - dependency-name: importlib-metadata dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump typing-extensions from 3.10.0.2 to 4.3.0 Bumps [typing-extensions](https://github.com/python/typing_extensions) from 3.10.0.2 to 4.3.0. - [Release notes](https://github.com/python/typing_extensions/releases) - [Changelog](https://github.com/python/typing_extensions/blob/main/CHANGELOG.md) - [Commits](python/typing_extensions@3.10.0.2...4.3.0) --- updated-dependencies: - dependency-name: typing-extensions dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Upgrade dependencies * Bump zipp from 3.6.0 to 3.17.0 Bumps [zipp](https://github.com/jaraco/zipp) from 3.6.0 to 3.17.0. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst) - [Commits](jaraco/zipp@v3.6.0...v3.17.0) --- updated-dependencies: - dependency-name: zipp dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump importlib-metadata from 6.6.0 to 6.8.0 Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 6.6.0 to 6.8.0. - [Release notes](https://github.com/python/importlib_metadata/releases) - [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst) - [Commits](python/importlib_metadata@v6.6.0...v6.8.0) --- updated-dependencies: - dependency-name: importlib-metadata dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump idna from 3.3 to 3.4 Bumps [idna](https://github.com/kjd/idna) from 3.3 to 3.4. - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](kjd/idna@v3.3...v3.4) --- updated-dependencies: - dependency-name: idna dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Added support for py311 * Remove importlib-metadata from requirements-dev.txt * Use a newer version of coverage that knows how to properly report coverage metrics for python 3.11 * Fix double quoted strings * Fix python code style * Bump pyahocorasick from 1.4.4 to 2.0.0 Bumps [pyahocorasick](https://github.com/WojciechMula/pyahocorasick) from 1.4.4 to 2.0.0. - [Release notes](https://github.com/WojciechMula/pyahocorasick/releases) - [Changelog](https://github.com/WojciechMula/pyahocorasick/blob/master/CHANGELOG.rst) - [Commits](WojciechMula/pyahocorasick@1.4.4...2.0.0) --- updated-dependencies: - dependency-name: pyahocorasick dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump pluggy from 0.13.1 to 1.3.0 Bumps [pluggy](https://github.com/pytest-dev/pluggy) from 0.13.1 to 1.3.0. - [Changelog](https://github.com/pytest-dev/pluggy/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pluggy@0.13.1...1.3.0) --- updated-dependencies: - dependency-name: pluggy dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump cfgv from 3.2.0 to 3.4.0 Bumps [cfgv](https://github.com/asottile/cfgv) from 3.2.0 to 3.4.0. - [Commits](asottile/cfgv@v3.2.0...v3.4.0) --- updated-dependencies: - dependency-name: cfgv dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Update test case to unflag invalid ipv4 * Update regex to pass updated test * Revert import order changes * Bump certifi from 2023.7.22 to 2023.11.17 Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.7.22 to 2023.11.17. - [Commits](certifi/python-certifi@2023.07.22...2023.11.17) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump types-requests from 2.28.9 to 2.31.0.10 Bumps [types-requests](https://github.com/python/typeshed) from 2.28.9 to 2.31.0.10. - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-requests dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump identify from 2.3.0 to 2.5.32 Bumps [identify](https://github.com/pre-commit/identify) from 2.3.0 to 2.5.32. - [Commits](pre-commit/identify@v2.3.0...v2.5.32) --- updated-dependencies: - dependency-name: identify dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Reword audit prompt message for clarity The old audit prompt message was confusing in the case of a false positive. This new wording suits both genuine findings and false positives. Fixes #734 * Update docs and tests for new prompt wording. * Adjust test case to return false for invalid ipv4 * Adjust regex to pass new test * Bump nodeenv from 1.6.0 to 1.8.0 Bumps [nodeenv](https://github.com/ekalinin/nodeenv) from 1.6.0 to 1.8.0. - [Release notes](https://github.com/ekalinin/nodeenv/releases) - [Changelog](https://github.com/ekalinin/nodeenv/blob/master/CHANGES) - [Commits](ekalinin/nodeenv@1.6.0...1.8.0) --- updated-dependencies: - dependency-name: nodeenv dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump responses from 0.16.0 to 0.24.1 Bumps [responses](https://github.com/getsentry/responses) from 0.16.0 to 0.24.1. - [Release notes](https://github.com/getsentry/responses/releases) - [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES) - [Commits](getsentry/responses@0.16.0...0.24.1) --- updated-dependencies: - dependency-name: responses dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump pre-commit from 2.17.0 to 3.5.0 Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 2.17.0 to 3.5.0. - [Release notes](https://github.com/pre-commit/pre-commit/releases) - [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit@v2.17.0...v3.5.0) --- updated-dependencies: - dependency-name: pre-commit dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump unidiff from 0.7.4 to 0.7.5 Bumps [unidiff](https://github.com/matiasb/python-unidiff) from 0.7.4 to 0.7.5. - [Release notes](https://github.com/matiasb/python-unidiff/releases) - [Changelog](https://github.com/matiasb/python-unidiff/blob/master/HISTORY) - [Commits](matiasb/python-unidiff@v0.7.4...v0.7.5) --- updated-dependencies: - dependency-name: unidiff dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Update prompt wording per request from @lorenzodb1 * Bump backports-entry-points-selectable from 1.1.1 to 1.2.0 Bumps [backports-entry-points-selectable](https://github.com/jaraco/backports.entry_points_selectable) from 1.1.1 to 1.2.0. - [Release notes](https://github.com/jaraco/backports.entry_points_selectable/releases) - [Changelog](https://github.com/jaraco/backports.entry_points_selectable/blob/main/NEWS.rst) - [Commits](jaraco/backports.entry_points_selectable@v1.1.1...v1.2.0) --- updated-dependencies: - dependency-name: backports-entry-points-selectable dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump charset-normalizer from 2.0.7 to 3.3.2 Bumps [charset-normalizer](https://github.com/Ousret/charset_normalizer) from 2.0.7 to 3.3.2. - [Release notes](https://github.com/Ousret/charset_normalizer/releases) - [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md) - [Upgrade guide](https://github.com/Ousret/charset_normalizer/blob/master/UPGRADE.md) - [Commits](jawah/charset_normalizer@2.0.7...3.3.2) --- updated-dependencies: - dependency-name: charset-normalizer dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump backports-entry-points-selectable from 1.2.0 to 1.3.0 Bumps [backports-entry-points-selectable](https://github.com/jaraco/backports.entry_points_selectable) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/jaraco/backports.entry_points_selectable/releases) - [Changelog](https://github.com/jaraco/backports.entry_points_selectable/blob/main/NEWS.rst) - [Commits](jaraco/backports.entry_points_selectable@v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: backports-entry-points-selectable dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump pyparsing from 2.4.7 to 3.1.1 Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.1.1. - [Release notes](https://github.com/pyparsing/pyparsing/releases) - [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) - [Commits](pyparsing/pyparsing@pyparsing_2.4.7...3.1.1) --- updated-dependencies: - dependency-name: pyparsing dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump pyyaml from 6.0 to 6.0.1 Bumps [pyyaml](https://github.com/yaml/pyyaml) from 6.0 to 6.0.1. - [Changelog](https://github.com/yaml/pyyaml/blob/main/CHANGES) - [Commits](yaml/pyyaml@6.0...6.0.1) --- updated-dependencies: - dependency-name: pyyaml dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump iniconfig from 1.1.1 to 2.0.0 Bumps [iniconfig](https://github.com/pytest-dev/iniconfig) from 1.1.1 to 2.0.0. - [Release notes](https://github.com/pytest-dev/iniconfig/releases) - [Changelog](https://github.com/pytest-dev/iniconfig/blob/main/CHANGELOG) - [Commits](pytest-dev/iniconfig@v1.1.1...v2.0.0) --- updated-dependencies: - dependency-name: iniconfig dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump mypy-extensions from 0.4.3 to 1.0.0 Bumps [mypy-extensions](https://github.com/python/mypy_extensions) from 0.4.3 to 1.0.0. - [Commits](python/mypy_extensions@0.4.3...1.0.0) --- updated-dependencies: - dependency-name: mypy-extensions dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump virtualenv from 20.24.6 to 20.24.7 Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.24.6 to 20.24.7. - [Release notes](https://github.com/pypa/virtualenv/releases) - [Changelog](https://github.com/pypa/virtualenv/blob/20.24.7/docs/changelog.rst) - [Commits](pypa/virtualenv@20.24.6...20.24.7) --- updated-dependencies: - dependency-name: virtualenv dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump platformdirs from 3.10.0 to 4.0.0 Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 3.10.0 to 4.0.0. - [Release notes](https://github.com/platformdirs/platformdirs/releases) - [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst) - [Commits](tox-dev/platformdirs@3.10.0...4.0.0) --- updated-dependencies: - dependency-name: platformdirs dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump typed-ast from 1.5.4 to 1.5.5 Bumps [typed-ast](https://github.com/python/typed_ast) from 1.5.4 to 1.5.5. - [Changelog](https://github.com/python/typed_ast/blob/master/release_process.md) - [Commits](python/typed_ast@1.5.4...1.5.5) --- updated-dependencies: - dependency-name: typed-ast dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump packaging from 21.3 to 23.2 Bumps [packaging](https://github.com/pypa/packaging) from 21.3 to 23.2. - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](pypa/packaging@21.3...23.2) --- updated-dependencies: - dependency-name: packaging dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump pycodestyle from 2.11.0 to 2.11.1 Bumps [pycodestyle](https://github.com/PyCQA/pycodestyle) from 2.11.0 to 2.11.1. - [Release notes](https://github.com/PyCQA/pycodestyle/releases) - [Changelog](https://github.com/PyCQA/pycodestyle/blob/main/CHANGES.txt) - [Commits](PyCQA/pycodestyle@2.11.0...2.11.1) --- updated-dependencies: - dependency-name: pycodestyle dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump tox from 3.24.4 to 4.11.4 Bumps [tox](https://github.com/tox-dev/tox) from 3.24.4 to 4.11.4. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@3.24.4...4.11.4) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump virtualenv from 20.24.7 to 20.25.0 Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.24.7 to 20.25.0. - [Release notes](https://github.com/pypa/virtualenv/releases) - [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) - [Commits](pypa/virtualenv@20.24.7...20.25.0) --- updated-dependencies: - dependency-name: virtualenv dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump idna from 3.4 to 3.6 Bumps [idna](https://github.com/kjd/idna) from 3.4 to 3.6. - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](kjd/idna@v3.4...v3.6) --- updated-dependencies: - dependency-name: idna dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump platformdirs from 4.0.0 to 4.1.0 Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/platformdirs/platformdirs/releases) - [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst) - [Commits](tox-dev/platformdirs@4.0.0...4.1.0) --- updated-dependencies: - dependency-name: platformdirs dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump typing-extensions from 4.3.0 to 4.9.0 Bumps [typing-extensions](https://github.com/python/typing_extensions) from 4.3.0 to 4.9.0. - [Release notes](https://github.com/python/typing_extensions/releases) - [Changelog](https://github.com/python/typing_extensions/blob/main/CHANGELOG.md) - [Commits](python/typing_extensions@4.3.0...4.9.0) --- updated-dependencies: - dependency-name: typing-extensions dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump identify from 2.5.32 to 2.5.33 Bumps [identify](https://github.com/pre-commit/identify) from 2.5.32 to 2.5.33. - [Commits](pre-commit/identify@v2.5.32...v2.5.33) --- updated-dependencies: - dependency-name: identify dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump attrs from 21.4.0 to 23.1.0 Bumps [attrs](https://github.com/python-attrs/attrs) from 21.4.0 to 23.1.0. - [Release notes](https://github.com/python-attrs/attrs/releases) - [Changelog](https://github.com/python-attrs/attrs/blob/main/CHANGELOG.md) - [Commits](python-attrs/attrs@21.4.0...23.1.0) --- updated-dependencies: - dependency-name: attrs dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump types-pyyaml from 6.0.11 to 6.0.12.12 Bumps [types-pyyaml](https://github.com/python/typeshed) from 6.0.11 to 6.0.12.12. - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-pyyaml dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump distlib from 0.3.7 to 0.3.8 Bumps [distlib](https://github.com/pypa/distlib) from 0.3.7 to 0.3.8. - [Release notes](https://github.com/pypa/distlib/releases) - [Changelog](https://github.com/pypa/distlib/blob/master/CHANGES.rst) - [Commits](pypa/distlib@0.3.7...0.3.8) --- updated-dependencies: - dependency-name: distlib dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump coverage from 7.3.2 to 7.3.3 Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.3.2 to 7.3.3. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@7.3.2...7.3.3) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump coverage from 7.3.3 to 7.4.0 Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.3.3 to 7.4.0. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@7.3.3...7.4.0) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump attrs from 23.1.0 to 23.2.0 Bumps [attrs](https://github.com/sponsors/hynek) from 23.1.0 to 23.2.0. - [Commits](https://github.com/sponsors/hynek/commits) --- updated-dependencies: - dependency-name: attrs dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * introducing GitLab token detector analogous to GitHubTokenDetector as described on: https://docs.gitlab.com/ee/security/token_overview.html#gitlab-tokens tokens are typically of the form: `glpat-[\alnum]{20}`, ie. ~20 char token 'suffix' with a set of prefixes * Bump types-requests from 2.31.0.10 to 2.31.0.20240106 Bumps [types-requests](https://github.com/python/typeshed) from 2.31.0.10 to 2.31.0.20240106. - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-requests dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump flake8 from 3.5.0 to 7.0.0 Bumps [flake8](https://github.com/pycqa/flake8) from 3.5.0 to 7.0.0. - [Commits](PyCQA/flake8@3.5.0...7.0.0) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * GitLab token detector, differentiating token types * Add detection of other AWS access key id prefixes * Update comment to be access keys and not specifically AKIA * Bump idna from 3.6 to 3.7 Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](kjd/idna@v3.6...v3.7) --- updated-dependencies: - dependency-name: idna dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> * GH-768: Plugin to detect Telegram bot tokens * Added support for Python 3.12 * Fixed pre-commit check failures * Upgraded pyflakes to 3.2.0 * Removed support for Python 3.8 * Bump identify from 2.5.33 to 2.5.36 Bumps [identify](https://github.com/pre-commit/identify) from 2.5.33 to 2.5.36. - [Commits](pre-commit/identify@v2.5.33...v2.5.36) --- updated-dependencies: - dependency-name: identify dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump responses from 0.24.1 to 0.25.0 Bumps [responses](https://github.com/getsentry/responses) from 0.24.1 to 0.25.0. - [Release notes](https://github.com/getsentry/responses/releases) - [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES) - [Commits](getsentry/responses@0.24.1...0.25.0) --- updated-dependencies: - dependency-name: responses dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump tox from 4.11.4 to 4.15.0 Bumps [tox](https://github.com/tox-dev/tox) from 4.11.4 to 4.15.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.11.4...4.15.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump platformdirs from 4.1.0 to 4.2.1 Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 4.1.0 to 4.2.1. - [Release notes](https://github.com/platformdirs/platformdirs/releases) - [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst) - [Commits](tox-dev/platformdirs@4.1.0...4.2.1) --- updated-dependencies: - dependency-name: platformdirs dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump typing-extensions from 4.9.0 to 4.11.0 Bumps [typing-extensions](https://github.com/python/typing_extensions) from 4.9.0 to 4.11.0. - [Release notes](https://github.com/python/typing_extensions/releases) - [Changelog](https://github.com/python/typing_extensions/blob/main/CHANGELOG.md) - [Commits](python/typing_extensions@4.9.0...4.11.0) --- updated-dependencies: - dependency-name: typing-extensions dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump pyahocorasick from 2.0.0 to 2.1.0 Bumps [pyahocorasick](https://github.com/WojciechMula/pyahocorasick) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/WojciechMula/pyahocorasick/releases) - [Changelog](https://github.com/WojciechMula/pyahocorasick/blob/master/CHANGELOG.rst) - [Commits](WojciechMula/pyahocorasick@2.0.0...2.1.0) --- updated-dependencies: - dependency-name: pyahocorasick dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Plugin for PyPI api tokens * Bump virtualenv from 20.25.0 to 20.26.1 Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.25.0 to 20.26.1. - [Release notes](https://github.com/pypa/virtualenv/releases) - [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) - [Commits](pypa/virtualenv@20.25.0...20.26.1) --- updated-dependencies: - dependency-name: virtualenv dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump pyparsing from 3.1.1 to 3.1.2 Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 3.1.1 to 3.1.2. - [Release notes](https://github.com/pyparsing/pyparsing/releases) - [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) - [Commits](pyparsing/pyparsing@3.1.1...pyparsing_3.1.2) --- updated-dependencies: - dependency-name: pyparsing dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Add regex to detect test.pypi.org tokens * New plugin for OpenAI tokens * Update README for OpenAIDetector * Fix pre-commit * Bump pluggy from 1.3.0 to 1.5.0 Bumps [pluggy](https://github.com/pytest-dev/pluggy) from 1.3.0 to 1.5.0. - [Changelog](https://github.com/pytest-dev/pluggy/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pluggy@1.3.0...1.5.0) --- updated-dependencies: - dependency-name: pluggy dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump zipp from 3.17.0 to 3.18.1 Bumps [zipp](https://github.com/jaraco/zipp) from 3.17.0 to 3.18.1. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst) - [Commits](jaraco/zipp@v3.17.0...v3.18.1) --- updated-dependencies: - dependency-name: zipp dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Changelog for v1.5.0 release * Updated baseline file * Fixed version in baseline file * Revert "Fixed version in baseline file" This reverts commit 16e3452. * Revert "Updated baseline file" This reverts commit e11ed89. * Revert "Changelog for v1.5.0 release" This reverts commit eaee543. * Bump packaging from 23.2 to 24.0 Bumps [packaging](https://github.com/pypa/packaging) from 23.2 to 24.0. - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](pypa/packaging@23.2...24.0) --- updated-dependencies: - dependency-name: packaging dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump coverage from 7.4.0 to 7.5.1 Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.4.0 to 7.5.1. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@7.4.0...7.5.1) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Update changelog v1.5.0 release (#829) * Update changelog for v1.5.0 release * Update date * Bump version: 1.4.0 → 1.5.0 * Bump filelock from 3.13.1 to 3.14.0 Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.13.1 to 3.14.0. - [Release notes](https://github.com/tox-dev/py-filelock/releases) - [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst) - [Commits](tox-dev/filelock@3.13.1...3.14.0) --- updated-dependencies: - dependency-name: filelock dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump certifi from 2023.11.17 to 2024.2.2 Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.11.17 to 2024.2.2. - [Commits](certifi/python-certifi@2023.11.17...2024.02.02) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Bump urllib3 from 2.1.0 to 2.2.1 Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.1.0 to 2.2.1. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@2.1.0...2.2.1) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump platformdirs from 4.2.1 to 4.2.2 Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 4.2.1 to 4.2.2. - [Release notes](https://github.com/platformdirs/platformdirs/releases) - [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst) - [Commits](tox-dev/platformdirs@4.2.1...4.2.2) --- updated-dependencies: - dependency-name: platformdirs dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * --- updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Bump zipp from 3.18.1 to 3.19.2 Bumps [zipp](https://github.com/jaraco/zipp) from 3.18.1 to 3.19.2. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst) - [Commits](jaraco/zipp@v3.18.1...v3.19.2) --- updated-dependencies: - dependency-name: zipp dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump requests from 2.31.0 to 2.32.3 Bumps [requests](https://github.com/psf/requests) from 2.31.0 to 2.32.3. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.31.0...v2.32.3) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump coverage from 7.5.1 to 7.5.3 Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.5.1 to 7.5.3. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@7.5.1...7.5.3) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump typing-extensions from 4.11.0 to 4.12.2 Bumps [typing-extensions](https://github.com/python/typing_extensions) from 4.11.0 to 4.12.2. - [Release notes](https://github.com/python/typing_extensions/releases) - [Changelog](https://github.com/python/typing_extensions/blob/main/CHANGELOG.md) - [Commits](python/typing_extensions@4.11.0...4.12.2) --- updated-dependencies: - dependency-name: typing-extensions dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump nodeenv from 1.8.0 to 1.9.1 Bumps [nodeenv](https://github.com/ekalinin/nodeenv) from 1.8.0 to 1.9.1. - [Release notes](https://github.com/ekalinin/nodeenv/releases) - [Changelog](https://github.com/ekalinin/nodeenv/blob/master/CHANGES) - [Commits](ekalinin/nodeenv@1.8.0...1.9.1) --- updated-dependencies: - dependency-name: nodeenv dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump urllib3 from 2.2.1 to 2.2.2 Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.2.1 to 2.2.2. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@2.2.1...2.2.2) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> * Bump packaging from 24.0 to 24.1 Bumps [packaging](https://github.com/pypa/packaging) from 24.0 to 24.1. - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](pypa/packaging@24.0...24.1) --- updated-dependencies: - dependency-name: packaging dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump responses from 0.25.0 to 0.25.3 Bumps [responses](https://github.com/getsentry/responses) from 0.25.0 to 0.25.3. - [Release notes](https://github.com/getsentry/responses/releases) - [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES) - [Commits](getsentry/responses@0.25.0...0.25.3) --- updated-dependencies: - dependency-name: responses dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump certifi from 2024.2.2 to 2024.7.4 Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.2.2 to 2024.7.4. - [Commits](certifi/python-certifi@2024.02.02...2024.07.04) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> * Bump virtualenv from 20.26.1 to 20.26.3 Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.26.1 to 20.26.3. - [Release notes](https://github.com/pypa/virtualenv/releases) - [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) - [Commits](pypa/virtualenv@20.26.1...20.26.3) --- updated-dependencies: - dependency-name: virtualenv dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * fix(telegram_bot_token): Regex must match just bot tokens * test(telegram_bot_token): AWS ARN should not match * fix(telegram_bot_token): `bot` should not be in the token `bot` is only used while verifying the token, as per https://core.telegram.org/bots/api#authorizing-your-bot * fix(test): something with `^bot` should not match * fix: format trailing comma * fix(ip_public): Exclude IPv4 Link Local * Bump pre-commit from 3.5.0 to 4.0.1 Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 3.5.0 to 4.0.1. - [Release notes](https://github.com/pre-commit/pre-commit/releases) - [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit@v3.5.0...v4.0.1) --- updated-dependencies: - dependency-name: pre-commit dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: eddiez9 <[email protected]> Co-authored-by: Nuztalgia <[email protected]> Co-authored-by: John-Paul Dakran <[email protected]> Co-authored-by: Jingchao Zhong <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sindri Guðmundsson <[email protected]> Co-authored-by: Marc Abramowitz <[email protected]> Co-authored-by: Lorenzo De Bernardini <[email protected]> Co-authored-by: Jingchao Zhong <[email protected]> Co-authored-by: Daniel Popescu <[email protected]> Co-authored-by: Brendan Jurd <[email protected]> Co-authored-by: Brendan Jurd <[email protected]> Co-authored-by: Kirill Wedenin <[email protected]> Co-authored-by: Mike DiDomizio <[email protected]> Co-authored-by: Chandra Prakash <[email protected]> Co-authored-by: lorenzodb1 <[email protected]> Co-authored-by: Chandra Prakash <[email protected]> Co-authored-by: John-Paul Dakran <[email protected]> Co-authored-by: Pepe Fagoaga <[email protected]> Co-authored-by: Pepe Fagoaga <[email protected]>
Yelp · Nov 25, 2024 · 76c6297 · 76c6297
1 parent 60707a7
commit 76c6297
Show file tree

Hide file tree

Showing 54 changed files with 941 additions and 169 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -8,14 +8,16 @@ on:
     branches: [ master ]
   pull_request:
   workflow_dispatch:
+  schedule:
+    - cron: '0 0 1 * *'
 
 jobs:
   main:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        python: ['3.6', '3.7', '3.8', '3.9']
+        python: ['3.9', '3.10', '3.11', '3.12']
     steps:
     - uses: actions/checkout@v2
     - uses: actions/setup-python@v2

diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml
@@ -15,7 +15,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest]
-        python: ['3.6', '3.7', '3.8', '3.9']
+        python: ['3.9', '3.10', '3.11', '3.12']
     steps:
     - uses: actions/checkout@v2
     - uses: actions/setup-python@v2

diff --git a/.secrets.baseline b/.secrets.baseline
@@ -1,5 +1,5 @@
 {
-  "version": "1.4.0",
+  "version": "1.5.0",
   "plugins_used": [
     {
       "name": "ArtifactoryDetector"

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -25,9 +25,64 @@ If you love `detect-secrets`, please star our project on GitHub to show your sup
 [@xxxx]: https://github.com/xxxx
 -->
 
-<!--
-### Unreleased
--->
+### v1.5.0
+##### May 6th, 2024
+
+We apologise for the extreme delay in publishing a new release for our beloved `detect-secrets`. We at Yelp appreciate your continued support and your contributions to this valuable project!
+
+#### :newspaper: News
+- We're adding support for Python 3.10, 3.11 and 3.12 and we dropped support for Python 3.6 and 3.7! We hope this won't be too disruptive for you all. Be aware that in a next release, we'll remove support for Python 3.8 too, as it'll reach EOL in October 2024.
+
+#### :mega: Release Highlights
+- Added support for OS-agnostic baseline files ([#586])
+
+#### :tada: New Features
+- Added a detector for IP addresses ([#692])
+- Added a detector for GitLab tokens ([#782])
+- Added a detector for Telegram tokens ([#808])
+- Added a detector for Pypi and TestPypi tokens ([#819])
+- Added a detector for OpenAI tokens ([#823])
+
+#### :sparkles: Usability
+- Added filenames in errors thrown when a plugin file specified in the `.secrets.baseline` is not found. ([#719])
+- Changed the wording of the audit prompt ([#738])
+
+#### :telescope: Accuracy
+- Improved DiscordBotTokenDetector to reduce false negatives ([#628])
+- Improved KeywordDetector to reduce false positive for Golang ([#675])
+- Improved AWSKeyDetector by adding more access key formats ([#796])
+
+#### :bug: Bugfixes
+- Fixed `NotImplementedError` in StatisticsAggregator ([#678])
+- Fixed bug in YAMLTransformer related to parsing YAML files with achors and tags ([#679])
+- Fixed `IndexError` in `is_prefixed_with_dollar_sign` caused by passing empty strings ([#712])
+
+#### :snake: Miscellaneous
+- Dropped support for Python 3.6 ([#672])
+- Dropped support for Python 3.7 ([#724])
+- Added support for Python 3.10 ([#724])
+- Added support for Python 3.11 ([#730])
+- Added support for Python 3.12 ([#810])
+- Multiple dependency updates
+
+[#586]: https://github.com/Yelp/detect-secrets/pull/586
+[#628]: https://github.com/Yelp/detect-secrets/pull/628
+[#672]: https://github.com/Yelp/detect-secrets/pull/672
+[#675]: https://github.com/Yelp/detect-secrets/pull/675
+[#678]: https://github.com/Yelp/detect-secrets/pull/678
+[#679]: https://github.com/Yelp/detect-secrets/pull/679
+[#692]: https://github.com/Yelp/detect-secrets/pull/692
+[#712]: https://github.com/Yelp/detect-secrets/pull/712
+[#719]: https://github.com/Yelp/detect-secrets/pull/719
+[#724]: https://github.com/Yelp/detect-secrets/pull/724
+[#730]: https://github.com/Yelp/detect-secrets/pull/730
+[#738]: https://github.com/Yelp/detect-secrets/pull/738
+[#782]: https://github.com/Yelp/detect-secrets/pull/782
+[#796]: https://github.com/Yelp/detect-secrets/pull/796
+[#808]: https://github.com/Yelp/detect-secrets/pull/808
+[#810]: https://github.com/Yelp/detect-secrets/pull/810
+[#819]: https://github.com/Yelp/detect-secrets/pull/819
+[#823]: https://github.com/Yelp/detect-secrets/pull/823
 
 ### v1.4.0
 ##### October 4th, 2022

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -70,10 +70,10 @@ sys     0m2.486s
 
 ### Running the Entire Test Suite
 
-You can run the test suite in the interpreter of your choice (in this example, `py36`) by doing:
+You can run the test suite in the interpreter of your choice (in this example, `py37`) by doing:
 
 ```bash
-tox -e py36
+tox -e py37
 ```
 
 This will also run the code through our series of coverage tests, `mypy` rules and other linting

diff --git a/README.md b/README.md
@@ -98,20 +98,25 @@ BasicAuthDetector
 CloudantDetector
 DiscordBotTokenDetector
 GitHubTokenDetector
+GitLabTokenDetector
 Base64HighEntropyString
 HexHighEntropyString
 IbmCloudIamDetector
 IbmCosHmacDetector
+IPPublicDetector
 JwtTokenDetector
 KeywordDetector
 MailchimpDetector
 NpmDetector
+OpenAIDetector
 PrivateKeyDetector
+PypiTokenDetector
 SendGridDetector
 SlackDetector
 SoftlayerDetector
 SquareOAuthDetector
 StripeDetector
+TelegramBotTokenDetector
 TwilioKeyDetector
 ```
 
@@ -392,7 +397,7 @@ We recommend setting this up as a pre-commit hook. One way to do this is by usin
 # .pre-commit-config.yaml
 repos:
 -   repo: https://github.com/Yelp/detect-secrets
-    rev: v1.4.0
+    rev: v1.5.0
     hooks:
     -   id: detect-secrets
         args: ['--baseline', '.secrets.baseline']

diff --git a/detect_secrets/__version__.py b/detect_secrets/__version__.py
@@ -1 +1 @@
-VERSION = '1.4.0'
+VERSION = '1.5.0'
diff --git a/detect_secrets/audit/analytics.py b/detect_secrets/audit/analytics.py
@@ -58,7 +58,14 @@ def _get_plugin_counter(self, secret_type: str) -> 'StatisticsCounter':
         return cast(StatisticsCounter, self.data[secret_type]['stats'])
 
     def __str__(self) -> str:
-        raise NotImplementedError
+        output = ''
+
+        for secret_type, framework in self.data.items():
+            output += f'Plugin: {get_mapping_from_secret_type_to_class()[secret_type].__name__}\n'
+            for value in framework.values():
+                output += f'Statistics: {value}\n\n'
+
+        return output
 
     def json(self) -> Dict[str, Any]:
         output = {}
@@ -77,19 +84,36 @@ def __init__(self) -> None:
         self.incorrect: int = 0
         self.unknown: int = 0
 
-    def __repr__(self) -> str:
+    def __str__(self) -> str:
         return (
-            f'{self.__class__.__name__}(correct={self.correct}, '
-            'incorrect={self.incorrect}, unknown={self.unknown},)'
+            f'True Positives: {self.correct}, False Positives: {self.incorrect}, '
+            f'Unknown: {self.unknown}, Precision: {self.calculate_precision()}, '
+            f'Recall: {self.calculate_recall()}'
         )
 
     def json(self) -> Dict[str, Any]:
+        return {
+            'raw': {
+                'true-positives': self.correct,
+                'false-positives': self.incorrect,
+                'unknown': self.unknown,
+            },
+            'score': {
+                'precision': self.calculate_precision(),
+                'recall': self.calculate_recall(),
+            },
+        }
+
+    def calculate_precision(self) -> float:
         precision = (
             round(float(self.correct) / (self.correct + self.incorrect), 4)
             if (self.correct and self.incorrect)
             else 0.0
         )
 
+        return precision
+
+    def calculate_recall(self) -> float:
         # NOTE(2020-11-08|domanchi): This isn't the formal definition of `recall`, however,
         # this is the definition that we're going to attribute to it.
         #
@@ -124,14 +148,4 @@ def json(self) -> Dict[str, Any]:
             else 0.0
         )
 
-        return {
-            'raw': {
-                'true-positives': self.correct,
-                'false-positives': self.incorrect,
-                'unknown': self.unknown,
-            },
-            'score': {
-                'precision': precision,
-                'recall': recall,
-            },
-        }
+        return recall
diff --git a/detect_secrets/audit/audit.py b/detect_secrets/audit/audit.py
@@ -78,7 +78,7 @@ def _classify_secrets(iterator: BidirectionalIterator) -> bool:
         if decision == io.InputOptions.BACK:
             iterator.step_back_on_next_iteration()
 
-        # The question asked is: "Should this be committed to the repository?"
+        # The question asked is: "Should this string be committed to the repository?"
         elif decision == io.InputOptions.NO:
             secret.is_secret = True
             has_changes = True

diff --git a/detect_secrets/audit/io.py b/detect_secrets/audit/io.py
@@ -130,7 +130,7 @@ def __init__(self, allow_labelling: bool, allow_backstep: bool) -> None:
 
     def __str__(self) -> str:
         if 'Y' in self.valid_input:
-            output = 'Is this a secret that should be committed to this repository?'
+            output = 'Should this string be committed to the repository?'
         else:
             output = 'What would you like to do?'
 

diff --git a/detect_secrets/core/plugins/initialize.py b/detect_secrets/core/plugins/initialize.py
@@ -31,7 +31,17 @@ def from_plugin_classname(classname: str) -> Plugin:
     """
     :raises: TypeError
     """
-    for plugin_type in get_mapping_from_secret_type_to_class().values():
+    try:
+        plugin_types = get_mapping_from_secret_type_to_class().values()
+    except FileNotFoundError as e:
+        log.error(f'Error: Failed to load `{classname}` plugin: {e}')
+        log.error(
+            'This error can occur when using a baseline that references a '
+            'custom plugin with a path that does not exist.',
+        )
+        raise
+
+    for plugin_type in plugin_types:
         if plugin_type.__name__ == classname:
             break
     else:

diff --git a/detect_secrets/core/potential_secret.py b/detect_secrets/core/potential_secret.py
@@ -6,6 +6,7 @@
 
 from ..util.color import AnsiColor
 from ..util.color import colorize
+from ..util.path import convert_local_os_path
 
 
 class PotentialSecret:
@@ -75,7 +76,7 @@ def load_secret_from_dict(cls, data: Dict[str, Union[str, int, bool]]) -> 'Poten
         """Custom JSON decoder"""
         kwargs: Dict[str, Any] = {
             'type': str(data['type']),
-            'filename': str(data['filename']),
+            'filename': convert_local_os_path(str(data['filename'])),
             'secret': 'will be replaced',
         }
 

diff --git a/detect_secrets/core/scan.py b/detect_secrets/core/scan.py
@@ -138,8 +138,12 @@ def scan_line(line: str) -> Generator[PotentialSecret, None, None]:
 
 
 def scan_file(filename: str) -> Generator[PotentialSecret, None, None]:
-    if not get_plugins():   # pragma: no cover
-        log.error('No plugins to scan with!')
+    try:
+        if not get_plugins():   # pragma: no cover
+            log.error('No plugins to scan with!')
+            return
+    except FileNotFoundError:
+        log.error('Unable to load plugins!')
         return
 
     if _is_filtered_out(required_filter_parameters=['filename'], filename=filename):
@@ -387,13 +391,19 @@ def _is_filtered_out(required_filter_parameters: Iterable[str], **kwargs: Any) -
         try:
             if call_function_with_arguments(filter_fn, **kwargs):
                 if 'secret' in kwargs:
-                    debug_msg = f'Skipping "{kwargs["secret"]}" due to `{filter_fn.path}`.'
+                    debug_msg = f'Skipping "{0}" due to `{1}`.'.format(
+                        kwargs['secret'],
+                        filter_fn.path,
+                    )
                 elif list(kwargs.keys()) == ['filename']:
                     # We want to make sure this is only run if we're skipping files (as compared
                     # to other filters that may include `filename` as a parameter).
-                    debug_msg = f'Skipping "{kwargs["filename"]}" due to `{filter_fn.path}`'
+                    debug_msg = 'Skipping "{0}" due to `{1}`'.format(
+                        kwargs['filename'],
+                        filter_fn.path,
+                    )
                 else:
-                    debug_msg = f'Skipping secret due to `{filter_fn.path}`.'
+                    debug_msg = 'Skipping secret due to `{0}`.'.format(filter_fn.path)
 
                 log.info(debug_msg)
                 return True

diff --git a/detect_secrets/core/secrets_collection.py b/detect_secrets/core/secrets_collection.py
@@ -10,6 +10,7 @@
 from typing import Tuple
 
 from . import scan
+from ..util.path import convert_local_os_path
 from .potential_secret import PotentialSecret
 from detect_secrets.settings import configure_settings_from_baseline
 from detect_secrets.settings import get_settings
@@ -40,7 +41,7 @@ def load_from_baseline(cls, baseline: Dict[str, Any]) -> 'SecretsCollection':
         for filename in baseline['results']:
             for item in baseline['results'][filename]:
                 secret = PotentialSecret.load_secret_from_dict({'filename': filename, **item})
-                output[filename].add(secret)
+                output[convert_local_os_path(filename)].add(secret)
 
         return output
 
@@ -72,8 +73,8 @@ def scan_files(self, *filenames: str, num_processors: Optional[int] = None) -> N
                     self[os.path.relpath(secret.filename, self.root)].add(secret)
 
     def scan_file(self, filename: str) -> None:
-        for secret in scan.scan_file(os.path.join(self.root, filename)):
-            self[filename].add(secret)
+        for secret in scan.scan_file(os.path.join(self.root, convert_local_os_path(filename))):
+            self[convert_local_os_path(filename)].add(secret)
 
     def scan_diff(self, diff: str) -> None:
         """

diff --git a/detect_secrets/filters/heuristic.py b/detect_secrets/filters/heuristic.py
@@ -164,7 +164,7 @@ def is_prefixed_with_dollar_sign(secret: str) -> bool:
     # false negatives than `is_templated_secret` (e.g. secrets that actually start with a $).
     # This is best used with files that actually use this as a means of referencing variables.
     # TODO: More intelligent filetype handling?
-    return secret[0] == '$'
+    return bool(secret) and secret[0] == '$'
 
 
 def is_indirect_reference(line: str) -> bool:

diff --git a/detect_secrets/plugins/aws.py b/detect_secrets/plugins/aws.py
@@ -25,10 +25,10 @@ class AWSKeyDetector(RegexBasedDetector):
     secret_keyword = r'(?:key|pwd|pw|password|pass|token)'
 
     denylist = (
-        re.compile(r'AKIA[0-9A-Z]{16}'),
+        re.compile(r'(?:A3T[A-Z0-9]|ABIA|ACCA|AKIA|ASIA)[0-9A-Z]{16}'),
 
         # This examines the variable name to identify AWS secret tokens.
-        # The order is important since we want to prefer finding `AKIA`-based
+        # The order is important since we want to prefer finding access
         # keys (since they can be verified), rather than the secret tokens.
 
         re.compile(

diff --git a/detect_secrets/plugins/discord.py b/detect_secrets/plugins/discord.py
@@ -11,7 +11,8 @@ class DiscordBotTokenDetector(RegexBasedDetector):
     secret_type = 'Discord Bot Token'
 
     denylist = [
-        # Discord Bot Token ([M|N]XXXXXXXXXXXXXXXXXXXXXXX.XXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXX)
+        # Discord Bot Token ([M|N|O]XXXXXXXXXXXXXXXXXXXXXXX[XX].XXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXX)
         # Reference: https://discord.com/developers/docs/reference#authentication
-        re.compile(r'[MN][a-zA-Z\d_-]{23}\.[a-zA-Z\d_-]{6}\.[a-zA-Z\d_-]{27}'),
+        # Also see: https://github.com/Yelp/detect-secrets/issues/627
+        re.compile(r'[MNO][a-zA-Z\d_-]{23,25}\.[a-zA-Z\d_-]{6}\.[a-zA-Z\d_-]{27}'),
     ]