Sourced from trufflesecurity/trufflehog's releases.

v3.95.3

What's Changed

• Renamed AnypointOAuth2 detector's AnalysisInfo keys to make it consistent with its Analyzer by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4906
• Rename AnalysisInfo field to SecretParts on detectors.Result by @​mcastorina in trufflesecurity/trufflehog#4911
• Document SecretParts contract in detector-authoring docs by @​mcastorina in trufflesecurity/trufflehog#4912
• Add a static check for detectors that don't set SecretParts by @​mcastorina in trufflesecurity/trufflehog#4913
• Populate SecretParts on all detectors by @​mcastorina in trufflesecurity/trufflehog#4919
• Make checksecretparts required in CI by @​mcastorina in trufflesecurity/trufflehog#4921
• Deduplicate concurrent credential verification requests via singleflight by @​kashifkhan0771 in trufflesecurity/trufflehog#4314
• log non-critical chunk errors at V(2).Info instead of Error by @​johnelliott in trufflesecurity/trufflehog#4928
• [INS-320] Cloudinary detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4747
• ci: bump JS actions to Node 24 majors (incl. CodeQL v4 + WIF auth v3) by @​bryanbeverly in trufflesecurity/trufflehog#4933
• chore: bump golangci-lint-action v7 → v9 (Node 24) by @​bryanbeverly in trufflesecurity/trufflehog#4936
• Add default Content-Type: application/json header for custom detector verification request by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4947
• Make detector Result.SecretParts initialization stricter by @​mcastorina in trufflesecurity/trufflehog#4948
• Add Pinecone API key detector by @​dylanTruffle in trufflesecurity/trufflehog#4917
• adding customizable successRanges and rotatedRanges to customDetector by @​jordanTunstill in trufflesecurity/trufflehog#4892

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.95.2...v3.95.3

v3.95.2

What's Changed

• Revert "[INS-397] Fix git version parser panic on non-numeric patch versions" by @​trufflesteeeve in trufflesecurity/trufflehog#4903

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.95.1...v3.95.2

v3.95.1

What's Changed

• [INS-444] Fix verification logic in Mesibo detector by @​mustansir14 in trufflesecurity/trufflehog#4884

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.95.0...v3.95.1

v3.95.0

What's Changed

• Upgrade golangci-lint in CI runner and Makefile by @​amanfcp in trufflesecurity/trufflehog#4861
• Deprecate SquareUp Detector by @​nabeelalam in trufflesecurity/trufflehog#4855
• [INS-397] Fix git version parser panic on non-numeric patch versions by @​shahzadhaider1 in trufflesecurity/trufflehog#4882
• Fix Bitbucket line highlighting URLs by @​shahzadhaider1 in trufflesecurity/trufflehog#4854
• [INS-403] Support Custom endpoint config in hashicorpvaultauth Detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4825
• [INS-398] Added tests to ensure that custom endpoint configuration works in artifactory detectors by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4832
• Host ldap-verify library in trufflesecurity by @​trufflesteeeve in trufflesecurity/trufflehog#4859
• Add AnalysisError type and wrap all analyzer error paths by @​johnelliott in trufflesecurity/trufflehog#4779
• dep-updates: Go 1.25 and dependency refreshes by @​dustin-decker in trufflesecurity/trufflehog#4888
• Fix nil pointer panics in GitHub analyzer gist/repo binding functions by @​shahzadhaider1 in trufflesecurity/trufflehog#4864
• [INS-399] Added Bitbucket data center(on prem) PAT detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4883
• [INS-402] Add Jira Data Center PAT Detector by @​mustansir14 in trufflesecurity/trufflehog#4872
• Add man page generation for trufflehog by @​bryanbeverly in trufflesecurity/trufflehog#4894

... (truncated)

• 37b7700 adding customizable successRanges and rotatedRanges to customDetector (#4892)
• ba0a524 Add Pinecone API key detector (#4917)
• ab5dd03 Make detector Result.SecretParts initialization stricter (#4948)
• 90ca685 Add default Content-Type: application/json header for custom detector verific...
• 5f47aad chore: bump golangci-lint-action v7 → v9 (Node 24) (#4936)
• a4e3016 ci: bump JS actions to Node 24 majors (checkout v6, setup-go v6, codeql v4, a...
• 8a12e8e [INS-320] Cloudinary detector (#4747)
• cf31c26 Log non-critical chunk errors at V(2).Info instead of Error (#4928)
• 99dc7bd Deduplicate concurrent credential verification requests via singleflight (#4314)
• 3fc0c2a Make checksecretparts required in CI (#4921)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)