ci(github-actions): bump trufflesecurity/trufflehog from 3.90.8 to 3.90.11 in the github-actions group
Open
Number: #678
Type: Pull Request
State: Open
Type: Pull Request
State: Open
Author:
![dependabot[bot]](https://github.com/dependabot.png)
dependabot[bot]
Association: Unknown
Comments: 2
dependabot[bot]Association: Unknown
Comments: 2
Created:
October 16, 2025 at 09:12 AM UTC
(8 months ago)
(8 months ago)
Updated:
October 16, 2025 at 09:14 AM UTC
(8 months ago)
(8 months ago)
Labels:
dependencies github_actions size/XS
dependencies github_actions size/XS
Description:
Bumps the github-actions group with 1 update: trufflesecurity/trufflehog.
Updates trufflesecurity/trufflehog from 3.90.8 to 3.90.11
Release notes
Sourced from trufflesecurity/trufflehog's releases.
v3.90.11
What's Changed
- bump rardecode by
@rosecodymin trufflesecurity/trufflehog#4503Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.90.10...v3.90.11
v3.90.10
What's Changed
- Local Git Config Sanitization by
@joeleonjrin trufflesecurity/trufflehog#4502Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.90.9...v3.90.10
v3.90.9
What's Changed
- Return non-zero exit code if an error occurs during a scan. by
@mplzikin trufflesecurity/trufflehog#4476- Fix: SonarCloud Verification Logic by
@shahzadhaider1in trufflesecurity/trufflehog#4482- Clarify what 'unknown' means by
@dustin-deckerin trufflesecurity/trufflehog#4477- Proto update to support scanning confluence comments by
@mustansir14in trufflesecurity/trufflehog#4484- Fix SSH schema error executing git clone by
@shahzadhaider1in trufflesecurity/trufflehog#4488- Detect Organization ID to pass into AnalysisInfo for Atlassian Detector by
@mustansir14in trufflesecurity/trufflehog#4480- Add support for Account API Token verification in Postmark Detector by
@mustansir14in trufflesecurity/trufflehog#4495- refactor: use b.Loop() to simplify the code and improve performance by
@dulantingin trufflesecurity/trufflehog#4497- Fix wrong line number in private key detector (#4485) by
@kmgvin trufflesecurity/trufflehog#4486- Reduce GitHub V1 Detector False Positives by
@shahzadhaider1in trufflesecurity/trufflehog#4494- Bump github.com/nwaples/rardecode/v2 from 2.0.0-beta.4.0.20241112120701-034e449c6e78 to 2.2.0 by
@dependabot[bot] in trufflesecurity/trufflehog#4501New Contributors
@mplzikmade their first contribution in trufflesecurity/trufflehog#4476@mustansir14made their first contribution in trufflesecurity/trufflehog#4484@dulantingmade their first contribution in trufflesecurity/trufflehog#4497@kmgvmade their first contribution in trufflesecurity/trufflehog#4486Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.90.8...v3.90.9
Commits
ad6fc8fbump rardecode (#4503)bc2cd3eLocal Git Config Sanitization (#4502)e88e7d0Bump github.com/nwaples/rardecode/v2 (#4501)e08744cadded prefix to the github old detector regex pattern (#4494)1ef44e7Fix wrong line number in private key detector (#4485) (#4486)7afd5darefactor: use b.Loop() to simplify the code and improve performance (#4497)f9dd660add support for account api token (#4495)b140e2bDetect Organization ID to pass into AnalysisInfo for Atlassian Detector (#4480)d005847set auth-in-url flag to true when using ssh clone (#4488)26d039cProto update to support scanning confluence comments (#4484)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions
Package Dependencies
Package:
trufflesecurity/trufflehog
Ecosystem:
actions
actions
Version Change:
3.90.8 → 3.90.11
Update Type:
Patch
Patch
Path:
the github-actions group
Technical Details
| ID: | 10219111 |
| UUID: | 3521006806 |
| Node ID: | PR_kwDOLAwy7c6uClEG |
| Host: | GitHub |
| Repository: | yxtay/python-example-app |