chore(betterleaks): bump v1.3.0 to v1.3.1#42
Merged
Conversation
Upstream release: https://github.com/betterleaks/betterleaks/releases/tag/v1.3.1 - .github/workflows/reusable-secret-leak-check.yml: default betterleaks-image digest pinned to v1.3.1 (sha256:0ea9c1f011aa085efd9b27a195f5b70feb91a56fcbbdb8809a345caaf2c7d961). - betterleaks/.pre-commit-config.example.yaml: rev bumped so local pre-commit and per-PR CI keep using the same rule shapes. Companion to geolonia/geolonia-operations#107 which bumps the weekly org-wide audit. Mirrors the v1.2.0 -> v1.3.0 split (this repo #40 + operations #103). Closes #41.
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (2)
WalkthroughThis PR bumps the Betterleaks tool from v1.3.0 to v1.3.1 in two locations: the default container image digest in the reusable secret-leak-check GitHub Actions workflow and the pre-commit hook revision in the example configuration file. ChangesBetterleaks Version Bump
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~2 minutes Possibly related PRs
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
Secret Leak CheckOK No secrets detected in this PR's diff. |
4 tasks
dkastl
added a commit
that referenced
this pull request
May 24, 2026
The v1.3.1 image was rebuilt with Go 1.25, which has a known runtime panic on linux/amd64: fatal error: taggedPointerPack runtime: taggedPointerPack invalid packing Every per-PR secret-leak check across the org is failing on ubuntu-latest (amd64) runners because of this. Reverting the reusable workflow + pre-commit example to the v1.3.0 digest restores green CI. We'll re-bump once upstream cuts v1.3.2 with a fixed Go runtime. Reverts the change shipped in #42.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Bumps the betterleaks Docker image pinned in the reusable per-PR secret-leak workflow and the pre-commit example from v1.3.0 to v1.3.1.
.github/workflows/reusable-secret-leak-check.yml: defaultbetterleaks-imagepinned to the v1.3.1 digest (sha256:0ea9c1f011aa085efd9b27a195f5b70feb91a56fcbbdb8809a345caaf2c7d961).betterleaks/.pre-commit-config.example.yaml:rev: v1.3.0torev: v1.3.1.Upstream release: https://github.com/betterleaks/betterleaks/releases/tag/v1.3.1.
Companion to geolonia/geolonia-operations#107, which bumps the weekly org-wide audit. Mirrors the previous v1.2.0 -> v1.3.0 split (this repo #40 + operations #103).
Closes #41.
Test plan
docker pull ghcr.io/betterleaks/betterleaks:v1.3.1+docker inspect --format='{{index .RepoDigests 0}}'.Summary by CodeRabbit