chore(deps): bump trufflesecurity/trufflehog from 3.92.3 to 3.95.3 in the actions group by dependabot[bot] · Pull Request #81 · hyperpolymath/ambientops

dependabot · 2026-05-23T02:18:48Z

Bumps the actions group with 1 update: trufflesecurity/trufflehog.

Updates trufflesecurity/trufflehog from 3.92.3 to 3.95.3

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.95.3

What's Changed

Renamed AnypointOAuth2 detector's AnalysisInfo keys to make it consistent with its Analyzer by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4906

Rename AnalysisInfo field to SecretParts on detectors.Result by @mcastorina in trufflesecurity/trufflehog#4911

Document SecretParts contract in detector-authoring docs by @mcastorina in trufflesecurity/trufflehog#4912

Add a static check for detectors that don't set SecretParts by @mcastorina in trufflesecurity/trufflehog#4913

Populate SecretParts on all detectors by @mcastorina in trufflesecurity/trufflehog#4919

Make checksecretparts required in CI by @mcastorina in trufflesecurity/trufflehog#4921

Deduplicate concurrent credential verification requests via singleflight by @kashifkhan0771 in trufflesecurity/trufflehog#4314

log non-critical chunk errors at V(2).Info instead of Error by @johnelliott in trufflesecurity/trufflehog#4928

[INS-320] Cloudinary detector by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4747

ci: bump JS actions to Node 24 majors (incl. CodeQL v4 + WIF auth v3) by @bryanbeverly in trufflesecurity/trufflehog#4933

chore: bump golangci-lint-action v7 → v9 (Node 24) by @bryanbeverly in trufflesecurity/trufflehog#4936

Add default Content-Type: application/json header for custom detector verification request by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4947

Make detector Result.SecretParts initialization stricter by @mcastorina in trufflesecurity/trufflehog#4948

Add Pinecone API key detector by @dylanTruffle in trufflesecurity/trufflehog#4917

adding customizable successRanges and rotatedRanges to customDetector by @jordanTunstill in trufflesecurity/trufflehog#4892

Full Changelog: trufflesecurity/trufflehog@v3.95.2...v3.95.3

v3.95.2

What's Changed

Revert "[INS-397] Fix git version parser panic on non-numeric patch versions" by @trufflesteeeve in trufflesecurity/trufflehog#4903

Full Changelog: trufflesecurity/trufflehog@v3.95.1...v3.95.2

v3.95.1

What's Changed

[INS-444] Fix verification logic in Mesibo detector by @mustansir14 in trufflesecurity/trufflehog#4884

Full Changelog: trufflesecurity/trufflehog@v3.95.0...v3.95.1

v3.95.0

What's Changed

Upgrade golangci-lint in CI runner and Makefile by @amanfcp in trufflesecurity/trufflehog#4861

Deprecate SquareUp Detector by @nabeelalam in trufflesecurity/trufflehog#4855

[INS-397] Fix git version parser panic on non-numeric patch versions by @shahzadhaider1 in trufflesecurity/trufflehog#4882

Fix Bitbucket line highlighting URLs by @shahzadhaider1 in trufflesecurity/trufflehog#4854

[INS-403] Support Custom endpoint config in hashicorpvaultauth Detector by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4825

[INS-398] Added tests to ensure that custom endpoint configuration works in artifactory detectors by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4832

Host ldap-verify library in trufflesecurity by @trufflesteeeve in trufflesecurity/trufflehog#4859

Add AnalysisError type and wrap all analyzer error paths by @johnelliott in trufflesecurity/trufflehog#4779

dep-updates: Go 1.25 and dependency refreshes by @dustin-decker in trufflesecurity/trufflehog#4888

Fix nil pointer panics in GitHub analyzer gist/repo binding functions by @shahzadhaider1 in trufflesecurity/trufflehog#4864

[INS-399] Added Bitbucket data center(on prem) PAT detector by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4883

[INS-402] Add Jira Data Center PAT Detector by @mustansir14 in trufflesecurity/trufflehog#4872

Add man page generation for trufflehog by @bryanbeverly in trufflesecurity/trufflehog#4894

... (truncated)

Commits

37b7700 adding customizable successRanges and rotatedRanges to customDetector (#4892)
ba0a524 Add Pinecone API key detector (#4917)
ab5dd03 Make detector Result.SecretParts initialization stricter (#4948)
90ca685 Add default Content-Type: application/json header for custom detector verific...
5f47aad chore: bump golangci-lint-action v7 → v9 (Node 24) (#4936)
a4e3016 ci: bump JS actions to Node 24 majors (checkout v6, setup-go v6, codeql v4, a...
8a12e8e [INS-320] Cloudinary detector (#4747)
cf31c26 Log non-critical chunk errors at V(2).Info instead of Error (#4928)
99dc7bd Deduplicate concurrent credential verification requests via singleflight (#4314)
3fc0c2a Make checksecretparts required in CI (#4921)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions group with 1 update: [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog). Updates `trufflesecurity/trufflehog` from 3.92.3 to 3.95.3 - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](trufflesecurity/trufflehog@v3.92.3...37b7700) --- updated-dependencies: - dependency-name: trufflesecurity/trufflehog dependency-version: 3.95.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 23, 2026

Merge branch 'main' into dependabot/github_actions/actions-80f1a4759a

18a9480

hyperpolymath merged commit 414d3c7 into main May 23, 2026
25 of 28 checks passed

hyperpolymath deleted the dependabot/github_actions/actions-80f1a4759a branch May 23, 2026 13:17

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump trufflesecurity/trufflehog from 3.92.3 to 3.95.3 in the actions group#81

chore(deps): bump trufflesecurity/trufflehog from 3.92.3 to 3.95.3 in the actions group#81
hyperpolymath merged 2 commits into
mainfrom
dependabot/github_actions/actions-80f1a4759a

dependabot Bot commented on behalf of github May 23, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dependabot Bot commented on behalf of github May 23, 2026

v3.95.3

What's Changed

v3.95.2

What's Changed

v3.95.1

What's Changed

v3.95.0

What's Changed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant