ci(github-actions): bump the github-actions group across 1 directory with 2 updates
Open
Number: #917
Type: Pull Request
State: Open
Type: Pull Request
State: Open
Author:
![dependabot[bot]](https://github.com/dependabot.png)
dependabot[bot]
Association: Unknown
Comments: 2
dependabot[bot]Association: Unknown
Comments: 2
Created:
March 03, 2026 at 02:25 AM UTC
(3 months ago)
(3 months ago)
Updated:
March 03, 2026 at 04:02 AM UTC
(3 months ago)
(3 months ago)
Labels:
dependencies github_actions size/S
dependencies github_actions size/S
Description:
Bumps the github-actions group with 2 updates in the / directory: aquasecurity/trivy-action and trufflesecurity/trufflehog.
Updates aquasecurity/trivy-action from 0.34.1 to 0.34.2
Release notes
Sourced from aquasecurity/trivy-action's releases.
v0.34.2
What's Changed
- feat: add YAML support for trivyignores by
@nikpivkinin aquasecurity/trivy-action#508- chore: bump default Trivy version to v0.69.2 by
@nick-the-nukein aquasecurity/trivy-action#513- chore: bump Trivy version to v0.69.2 in test workflow and README by
@DmitriyLewenin aquasecurity/trivy-action#515New Contributors
@nick-the-nukemade their first contribution in aquasecurity/trivy-action#513Full Changelog: https://github.com/aquasecurity/trivy-action/compare/0.34.1...0.34.2
Commits
97e0b38chore: bump Trivy version to v0.69.2 in test workflow and README (#515)4c61e63chore: bump default Trivy version to v0.69.2 (#513)1bd0625Merge pull request #508 from nikpivkin/feat/pass-yaml-ignore-filebce3086remove unused init-cache target5a9fbb1supress progress bar when download db1615450update trivyignores input descriptiondf85774add comment about fd356c8daeremove unused variable6476b93feat: support for YAML ignore file- See full diff in compare view
Updates trufflesecurity/trufflehog from 3.93.4 to 3.93.6
Release notes
Sourced from trufflesecurity/trufflehog's releases.
v3.93.6
What's Changed
- GH_TOKEN needed for gh by
@bill-richin trufflesecurity/trufflehog#4772- Move verify flag into
detectableChunkby@rosecodymin trufflesecurity/trufflehog#4558Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.93.5...v3.93.6
v3.93.5
What's Changed
- Add workspace_id to Slack Continuous metadata by
@mariduvin trufflesecurity/trufflehog#4749- fix(release): Disable docker provenance feature by
@mariduvin trufflesecurity/trufflehog#4752- Base64 decoding depth assessment by
@dxa4481in trufflesecurity/trufflehog#4744- [INS-246] Add Google Gemini API key detector by
@mustansir14in trufflesecurity/trufflehog#4649- Refactor log package by
@mcastorinain trufflesecurity/trufflehog#4734- [INS-309]updated google api version to v0.259.0 by
@MuneebUllahKhan222in trufflesecurity/trufflehog#4736- fix(ftp): set read deadline on connection to prevent indefinite hang by
@dylanTrufflein trufflesecurity/trufflehog#4759- added rotation on 403s access_refused, this detector considered them indeterminate failures by
@jordanTunstillin trufflesecurity/trufflehog#4740- [INS-283] Support following symlinks in filesystem source by
@MuneebUllahKhan222in trufflesecurity/trufflehog#4742- Fix typos in comments in json-enumerator source by
@bradlarsenin trufflesecurity/trufflehog#4764- Fix race condition in release process by
@bill-richin trufflesecurity/trufflehog#4766Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.93.4...v3.93.5
Commits
041f07eMove verify flag intodetectableChunk(#4558)e976603GH_TOKEN needed for gh (#4772)7cdc7efFix race condition in release process (#4766)4f1d07fFix typos in comments in json-enumerator source (#4764)4563dde[INS-283] Support following symlinks in filesystem source (#4742)be889faadded rotation on 403s access_refused, this detector considered them indeterm...e3cbb3afix(ftp): set read deadline on connection to prevent indefinite hang (#4759)0de5855[INS-309]updated google api version to v0.259.0 (#4736)ec1d9a6Refactor log package (#4734)7c84b27[INS-246] Add Google Gemini API key detector (#4649)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions
Package Dependencies
Package:
aquasecurity/trivy-action
Ecosystem:
actions
actions
Version Change:
0.34.1 → 0.34.2
Update Type:
Patch
Patch
Package:
trufflesecurity/trufflehog
Ecosystem:
actions
actions
Version Change:
3.93.4 → 3.93.6
Update Type:
Patch
Patch
Technical Details
| ID: | 14335526 |
| UUID: | 4014323277 |
| Node ID: | PR_kwDOLAwy7c7HfR6M |
| Host: | GitHub |
| Repository: | yxtay/python-example-app |