ci(github-actions): bump the github-actions group across 1 directory with 2 updates
Open
Number: #577
Type: Pull Request
State: Open
Type: Pull Request
State: Open
Author:
![dependabot[bot]](https://github.com/dependabot.png)
dependabot[bot]
Association: Contributor
Comments: 2
dependabot[bot]Association: Contributor
Comments: 2
Created:
September 05, 2025 at 12:26 AM UTC
(9 months ago)
(9 months ago)
Updated:
September 05, 2025 at 01:29 AM UTC
(9 months ago)
(9 months ago)
Labels:
dependencies github_actions size/S
dependencies github_actions size/S
Description:
Bumps the github-actions group with 2 updates in the / directory: aquasecurity/trivy-action and trufflesecurity/trufflehog.
Updates aquasecurity/trivy-action from 0.33.0 to 0.33.1
Release notes
Sourced from aquasecurity/trivy-action's releases.
v0.33.1
What's Changed
- Update setup-trivy action to version v0.2.4 by
@martincostelloin aquasecurity/trivy-action#486Full Changelog: https://github.com/aquasecurity/trivy-action/compare/0.33.0...0.33.1
Commits
b6643a2Update setup-trivy action to version v0.2.4 (#486)- See full diff in compare view
Updates trufflesecurity/trufflehog from 3.90.5 to 3.90.6
Release notes
Sourced from trufflesecurity/trufflehog's releases.
v3.90.6
What's Changed
- Added support for indeterminate verification for letter Q detectors by
@patidartanayin trufflesecurity/trufflehog#4398- [Detector] rippling detector for phrase api tokens by
@SyedAliHamadin trufflesecurity/trufflehog#4348- Added explicit secrets manager write flag to Bitbucket source proto and generate new files by
@casey-tranin trufflesecurity/trufflehog#4403- [Feature] Updated Dotmailer Detector To Dotdigital by
@nabeelalamin trufflesecurity/trufflehog#4331- Add support for AWS account allow and deny lists by
@dustin-deckerin trufflesecurity/trufflehog#4407- Enable cloning repository to a specified location with retention option by
@kashifkhan0771in trufflesecurity/trufflehog#4408- fix(deps): update module google.golang.org/protobuf to v1.36.8 by
@renovate[bot] in trufflesecurity/trufflehog#4397- fix(deps): update module cloud.google.com/go/storage to v1.56.1 by
@renovate[bot] in trufflesecurity/trufflehog#4412- added flyio detector by
@lonmarsDevin trufflesecurity/trufflehog#2381- Added a dedicated optional flag to ignore gists during scan by
@kashifkhan0771in trufflesecurity/trufflehog#4423- Fix git tests if run with global commit.gpgsign=true by
@mariduvin trufflesecurity/trufflehog#4415- Recover logger if wrapped by a non-logging context implementation by
@mcastorinain trufflesecurity/trufflehog#4406- fix(deps): update aws-sdk-go-v2 monorepo by
@renovate[bot] in trufflesecurity/trufflehog#4422- fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.10 by
@renovate[bot] in trufflesecurity/trufflehog#4424- [GitHub] Add a GraphQL client to the connector by
@rgmzin trufflesecurity/trufflehog#3837- Added support for additional validation rules in custom detector by
@kashifkhan0771in trufflesecurity/trufflehog#4413- Ignore known common prefix matches for Github V1 detector by
@kashifkhan0771in trufflesecurity/trufflehog#4379- Fix error propagation and a typo in verification logic by
@bradlarsenin trufflesecurity/trufflehog#4427- [Feature] Added Detector for the Photoroom API by
@nabeelalamin trufflesecurity/trufflehog#4414- Scan Github Private Repositories With Token by
@kashifkhan0771in trufflesecurity/trufflehog#4426- fix(deps): update module github.com/brianvoe/gofakeit/v7 to v7.5.1 by
@renovate[bot] in trufflesecurity/trufflehog#4425- fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.8 by
@renovate[bot] in trufflesecurity/trufflehog#4396- Fix legacy json flag for Github and Gitlab private repos by
@shahzadhaider1in trufflesecurity/trufflehog#4386- Changes to fix Enterprise UI filtering of Github Hosted Scanner Repositories to Include by
@jordanTunstillin trufflesecurity/trufflehog#4430- pkg: fix some typos in comment by
@vetclippyin trufflesecurity/trufflehog#4440- Added feature flag to configure projects per page in gitlab enumeration by
@kashifkhan0771in trufflesecurity/trufflehog#4437New Contributors
@patidartanaymade their first contribution in trufflesecurity/trufflehog#4398@bradlarsenmade their first contribution in trufflesecurity/trufflehog#4427@vetclippymade their first contribution in trufflesecurity/trufflehog#4440Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.90.5...v3.90.6
Commits
18c7b1fAdded feature flag to configure projects per page in gitlab enumeration (#4437)ce7a092pkg: fix some typos in comment (#4440)a66d9e7Changes to fix Enterprise UI filtering of Github Hosted Scanner Repositories ...2114e77Fix legacy json flag for Github and Gitlab private repos (#4386)1e8671cfix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.8 (#4396)68899d3fix(deps): update module github.com/brianvoe/gofakeit/v7 to v7.5.1 (#4425)000d748Scan Github Private Repositories With Token (#4426)b231e11[Feature] Added Detector for the Photoroom API (#4414)554cd79Fix error propagation and a typo in verification logic (#4427)6dd65a5Ignore known common prefix matches for Github V1 detector (#4379)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions
Pull Request Statistics
Commits:
0
0
Files Changed:
0
0
Additions:
+0
+0
Deletions:
-0
-0
Package Dependencies
Package:
aquasecurity/trivy-action
Ecosystem:
actions
actions
Version Change:
0.33.0 → 0.33.1
Update Type:
Patch
Patch
Package:
trufflesecurity/trufflehog
Ecosystem:
actions
actions
Version Change:
3.90.5 → 3.90.6
Update Type:
Patch
Patch
Technical Details
| ID: | 6991193 |
| UUID: | 3385897185 |
| Node ID: | PR_kwDOLAwy7c6m9mdT |
| Host: | GitHub |
| Repository: | yxtay/python-example-app |