Skip to content

chore(deps): bump trufflesecurity/trufflehog from 3.95.8 to 3.95.9#8230

Merged
akarnokd merged 1 commit into
4.xfrom
dependabot/github_actions/trufflesecurity/trufflehog-3.95.9
Jul 10, 2026
Merged

chore(deps): bump trufflesecurity/trufflehog from 3.95.8 to 3.95.9#8230
akarnokd merged 1 commit into
4.xfrom
dependabot/github_actions/trufflesecurity/trufflehog-3.95.9

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps trufflesecurity/trufflehog from 3.95.8 to 3.95.9.

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.95.9

What's Changed

New Contributors

Full Changelog: trufflesecurity/trufflehog@v3.95.8...v3.95.9

Commits
  • 27b0417 Don't log as error when git diff is too long (#5113)
  • d328285 [INS-410] Added batch token detector (#4824)
  • 33d9dad [INT-715] Retry transient failures when verifying OpenAI keys (#5117)
  • d7dcc6d feat: Support archived repo exclusion from GH org scans (#4875)
  • f845f18 feat(action): add image input to allow registry mirror overrides (#4965)
  • 6c97970 [INS-468] Add improved lob detector to defaults.go (#4971)
  • 1675e17 fix: reject --include-repos/--exclude-repos with --repo in github scan (#5112)
  • 5c27626 [INS-467] Add IPinfo detector to default detectors list (#4970)
  • 53e6391 [INS-341] Added Shippo detector (#4820)
  • d3b5487 [INS-351] Added Duffel Token Detector (#4795)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.95.8 to 3.95.9.
- [Release notes](https://github.com/trufflesecurity/trufflehog/releases)
- [Commits](trufflesecurity/trufflehog@00155c9...27b0417)

---
updated-dependencies:
- dependency-name: trufflesecurity/trufflehog
  dependency-version: 3.95.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Jul 10, 2026
@github-actions

Copy link
Copy Markdown

🐷 TruffleHog + Entropy Beauty Scan

Average entropy of changed code: 4.721 bits/char
Verdict: ⚠️ Consider review — entropy outside sweet spot

Changed files entropy:

.github/workflows/entropy-beauty-scan.yml: 4.721

✅ No secrets or suspicious high-entropy strings found.

Mid-4 beauty heuristic in action — powered by our entropy chats! 😊

@akarnokd akarnokd merged commit 9b8e44b into 4.x Jul 10, 2026
9 checks passed
@dependabot dependabot Bot deleted the dependabot/github_actions/trufflesecurity/trufflehog-3.95.9 branch July 10, 2026 05:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant