From 3f4304bfed84189adcfa36b5df24f5e29ea06ee5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Jul 2026 08:37:37 +0000 Subject: [PATCH] chore(deps): bump trufflesecurity/trufflehog from 3.94.3 to 3.95.7 Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.94.3 to 3.95.7. - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](https://github.com/trufflesecurity/trufflehog/compare/47e7b7cd74f578e1e3145d48f669f22fd1330ca6...f446421baf832d6356c42c1743d99abff52ff334) --- updated-dependencies: - dependency-name: trufflesecurity/trufflehog dependency-version: 3.95.7 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/secret-scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml index 65dde0b..441907b 100644 --- a/.github/workflows/secret-scan.yml +++ b/.github/workflows/secret-scan.yml @@ -76,7 +76,7 @@ jobs: # HIGH RISK historically ran as @main (moving HEAD of third-party action). # Now pinned to v3.94.3 commit SHA. Re-pin manually before bumping — never # go back to @main, @master, or any moving tag on a third-party action. - uses: trufflesecurity/trufflehog@47e7b7cd74f578e1e3145d48f669f22fd1330ca6 # v3.94.3 + uses: trufflesecurity/trufflehog@f446421baf832d6356c42c1743d99abff52ff334 # v3.95.7 with: # Scan the whole working tree. `--only-verified` suppresses noisy # unverified hits; the action wrapper appends `--fail` itself, so