Review: gitleaks 8.16.0-2~exp0
Package Information
| Description | protect and discover secrets using Gitleaks 🔑 (program) Gitleaks is a SAST tool for **detecting** and **preventing** hardcoded secrets like passwords, api keys, and tokens in git repos. Gitleaks is an **easy-to-use, all-in-one solution** for detecting secrets, past or present, in your code. This package contains the command-line tool 'gitleaks'. |
|---|---|
| Maintainer | Debian Go Packaging Team <team+pkg-go@tracker.debian.org> |
| Changed By | Simon Josefsson <simon@josefsson.org> |
| Sponsor | simon@josefsson.org |
| Distribution | experimental |
| Architecture | any all |
| VCS | git: https://salsa.debian.org/go-team/packages/gitleaks.git (browse) |
| Closes | #1121254 |
| Popcon Installs | 50 |
| Binary NEW | Yes (binary-only upload) |
| Blocked Bugs | #1089740 (wishlist) |
| Tracker | https://tracker.debian.org/pkg/gitleaks |
| Uploaded | 5 hours ago |
New Package Report
.changes
| Distribution | experimental |
|---|---|
| Date | Sat, 07 Mar 2026 23:14:48 +0100 |
| Source | gitleaks |
| Version | 8.16.0-2~exp0 |
| Changed-By | Simon Josefsson |
| Architecture | source amd64 all |
Changelog
gitleaks (8.16.0-2~exp0) experimental; urgency=medium . * Team upload. * Use gbp sign-tags and upstream-vcs-tag * Use watch v5 * Add golang-github-gitleaks-gitleaks-dev (Closes: #1121254) * Drop Priority: optional * Standards-Version: 4.7.3 * Drop Rules-Requires-Root: no * Bump debian/* copyright years * Fix tag2upload gitignore issue
.dsc
| Package-List | gitleaks deb utils optional arch=any golang-github-gitleaks-gitleaks-dev deb golang optional arch=all |
|---|---|
| Section | utils |
| Priority | optional |
| Component | main |
debian/copyright
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Source: https://github.com/gitleaks/gitleaks
Upstream-Name: Gitleaks
Upstream-Contact: https://github.com/gitleaks/gitleaks/issues/new
Files: *
Copyright: 2019 Zachary Rice
License: Expat
Files: debian/*
Copyright: 2023 Anthony Fok <foka@debian.org>
2026 Simon Josefsson <simon@josefsson.org>
License: Expat
Comment: Debian packaging is licensed under the same terms as upstream
License: Expat
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
.
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
Review Information
accepted — allocated to awm 1 hour ago, started 1 hour ago, completed 0 hours ago.
Final Comment
Public Notes
0 hours ago
● public
Lintian
Command: lintian -Iiv -L '>=warning' --show-overrides --color=never ../$(basename $PWD)_*.changes
Exit code: 0
N:
W: golang-github-gitleaks-gitleaks-dev: executable-not-elf-or-script [usr/share/gocode/src/github.com/zricethezav/gitleaks/testdata/config/bad_entropy_group.toml]
N:
N: This executable file is not an ELF format binary, and does not start with
N: the #! sequence that marks interpreted scripts. It might be a sh script
N: that fails to name /bin/sh as its shell, or it may be incorrectly marked
N: as executable. Sometimes upstream files developed on Windows are marked
N: unnecessarily as executable on other systems.
N:
N: If you are using debhelper to build your package, running dh_fixperms will
N: often correct this problem for you.
N:
N: Please refer to Scripts (Section 10.4) in the Debian Policy Manual for
N: details.
N:
N: Visibility: warning
N: Show-Always: no
N: Check: executable
N:
N:
W: golang-github-gitleaks-gitleaks-dev: executable-not-elf-or-script [usr/share/gocode/src/github.com/zricethezav/gitleaks/testdata/config/entropy_group.toml]
N:
W: gitleaks: no-manual-page [usr/bin/gitleaks]
N:
N: Each binary in /usr/bin, /usr/sbin, /bin, /sbin or /usr/games should have
N: a manual page
N:
N: Note that though the man program has the capability to check for several
N: program names in the NAMES section, each of these programs should have its
N: own manual page (a symbolic link to the appropriate manual page is
N: sufficient) because other manual page viewers such as xman or tkman don't
N: support this.
N:
N: If the name of the manual page differs from the binary by case, man may be
N: able to find it anyway; however, it is still best practice to match the
N: exact capitalization of the executable in the manual page.
N:
N: If the manual pages are provided by another package on which this package
N: depends, Lintian may not be able to determine that manual pages are
N: available. In this case, after confirming that all binaries do have manual
N: pages after this package and its dependencies are installed, please add a
N: Lintian override.
N:
N: Please refer to Manual pages (Section 12.1) in the Debian Policy Manual
N: for details.
N:
N: Visibility: warning
N: Show-Always: no
N: Check: documentation/manual
N: Renamed from: binary-without-manpage
N: