From 648f035953c59d15b908cff87b8fbe6b793515eb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Jul 2026 08:33:49 +0000 Subject: [PATCH] chore(deps): bump trufflesecurity/trufflehog from 3.94.3 to 3.95.8 Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.94.3 to 3.95.8. - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](https://github.com/trufflesecurity/trufflehog/compare/47e7b7cd74f578e1e3145d48f669f22fd1330ca6...00155c9dc586f34d189adc83d3ac2698c2ec551f) --- updated-dependencies: - dependency-name: trufflesecurity/trufflehog dependency-version: 3.95.8 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/secret-scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml index 65dde0b..ad39f22 100644 --- a/.github/workflows/secret-scan.yml +++ b/.github/workflows/secret-scan.yml @@ -76,7 +76,7 @@ jobs: # HIGH RISK historically ran as @main (moving HEAD of third-party action). # Now pinned to v3.94.3 commit SHA. Re-pin manually before bumping — never # go back to @main, @master, or any moving tag on a third-party action. - uses: trufflesecurity/trufflehog@47e7b7cd74f578e1e3145d48f669f22fd1330ca6 # v3.94.3 + uses: trufflesecurity/trufflehog@00155c9dc586f34d189adc83d3ac2698c2ec551f # v3.95.8 with: # Scan the whole working tree. `--only-verified` suppresses noisy # unverified hits; the action wrapper appends `--fail` itself, so