ci(deps): bump trufflesecurity/trufflehog from 3.94.0 to 3.95.3 by dependabot[bot] · Pull Request #406 · aws/bedrock-agentcore-sdk-python

dependabot · 2026-04-13T03:13:26Z

Bumps trufflesecurity/trufflehog from 3.94.0 to 3.95.3.

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.95.3

What's Changed

Renamed AnypointOAuth2 detector's AnalysisInfo keys to make it consistent with its Analyzer by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4906

Rename AnalysisInfo field to SecretParts on detectors.Result by @mcastorina in trufflesecurity/trufflehog#4911

Document SecretParts contract in detector-authoring docs by @mcastorina in trufflesecurity/trufflehog#4912

Add a static check for detectors that don't set SecretParts by @mcastorina in trufflesecurity/trufflehog#4913

Populate SecretParts on all detectors by @mcastorina in trufflesecurity/trufflehog#4919

Make checksecretparts required in CI by @mcastorina in trufflesecurity/trufflehog#4921

Deduplicate concurrent credential verification requests via singleflight by @kashifkhan0771 in trufflesecurity/trufflehog#4314

log non-critical chunk errors at V(2).Info instead of Error by @johnelliott in trufflesecurity/trufflehog#4928

[INS-320] Cloudinary detector by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4747

ci: bump JS actions to Node 24 majors (incl. CodeQL v4 + WIF auth v3) by @bryanbeverly in trufflesecurity/trufflehog#4933

chore: bump golangci-lint-action v7 → v9 (Node 24) by @bryanbeverly in trufflesecurity/trufflehog#4936

Add default Content-Type: application/json header for custom detector verification request by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4947

Make detector Result.SecretParts initialization stricter by @mcastorina in trufflesecurity/trufflehog#4948

Add Pinecone API key detector by @dylanTruffle in trufflesecurity/trufflehog#4917

adding customizable successRanges and rotatedRanges to customDetector by @jordanTunstill in trufflesecurity/trufflehog#4892

Full Changelog: trufflesecurity/trufflehog@v3.95.2...v3.95.3

v3.95.2

What's Changed

Revert "[INS-397] Fix git version parser panic on non-numeric patch versions" by @trufflesteeeve in trufflesecurity/trufflehog#4903

Full Changelog: trufflesecurity/trufflehog@v3.95.1...v3.95.2

v3.95.1

What's Changed

[INS-444] Fix verification logic in Mesibo detector by @mustansir14 in trufflesecurity/trufflehog#4884

Full Changelog: trufflesecurity/trufflehog@v3.95.0...v3.95.1

v3.95.0

What's Changed

Upgrade golangci-lint in CI runner and Makefile by @amanfcp in trufflesecurity/trufflehog#4861

Deprecate SquareUp Detector by @nabeelalam in trufflesecurity/trufflehog#4855

[INS-397] Fix git version parser panic on non-numeric patch versions by @shahzadhaider1 in trufflesecurity/trufflehog#4882

Fix Bitbucket line highlighting URLs by @shahzadhaider1 in trufflesecurity/trufflehog#4854

[INS-403] Support Custom endpoint config in hashicorpvaultauth Detector by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4825

[INS-398] Added tests to ensure that custom endpoint configuration works in artifactory detectors by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4832

Host ldap-verify library in trufflesecurity by @trufflesteeeve in trufflesecurity/trufflehog#4859

Add AnalysisError type and wrap all analyzer error paths by @johnelliott in trufflesecurity/trufflehog#4779

dep-updates: Go 1.25 and dependency refreshes by @dustin-decker in trufflesecurity/trufflehog#4888

Fix nil pointer panics in GitHub analyzer gist/repo binding functions by @shahzadhaider1 in trufflesecurity/trufflehog#4864

[INS-399] Added Bitbucket data center(on prem) PAT detector by @MuneebUllahKhan222 in trufflesecurity/trufflehog#4883

[INS-402] Add Jira Data Center PAT Detector by @mustansir14 in trufflesecurity/trufflehog#4872

Add man page generation for trufflehog by @bryanbeverly in trufflesecurity/trufflehog#4894

... (truncated)

Commits

37b7700 adding customizable successRanges and rotatedRanges to customDetector (#4892)
ba0a524 Add Pinecone API key detector (#4917)
ab5dd03 Make detector Result.SecretParts initialization stricter (#4948)
90ca685 Add default Content-Type: application/json header for custom detector verific...
5f47aad chore: bump golangci-lint-action v7 → v9 (Node 24) (#4936)
a4e3016 ci: bump JS actions to Node 24 majors (checkout v6, setup-go v6, codeql v4, a...
8a12e8e [INS-320] Cloudinary detector (#4747)
cf31c26 Log non-critical chunk errors at V(2).Info instead of Error (#4928)
99dc7bd Deduplicate concurrent credential verification requests via singleflight (#4314)
3fc0c2a Make checksecretparts required in CI (#4921)
Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.94.0 to 3.95.3. - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](trufflesecurity/trufflehog@v3.94.0...v3.95.3) --- updated-dependencies: - dependency-name: trufflesecurity/trufflehog dependency-version: 3.94.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added the dependencies Pull requests that update a dependency file label Apr 13, 2026

dependabot Bot mentioned this pull request Apr 13, 2026

ci(deps): bump trufflesecurity/trufflehog from 3.94.0 to 3.94.2 #386

Closed

dependabot Bot requested a review from a team April 13, 2026 03:13

github-actions Bot enabled auto-merge (squash) April 13, 2026 03:13

dependabot Bot force-pushed the dependabot/github_actions/trufflesecurity/trufflehog-3.94.3 branch from e6ea9d5 to 232c46e Compare April 13, 2026 18:11

dependabot Bot changed the title ~~ci(deps): bump trufflesecurity/trufflehog from 3.94.0 to 3.94.3~~ ci(deps): bump trufflesecurity/trufflehog from 3.94.0 to 3.95.2 Apr 24, 2026

dependabot Bot force-pushed the dependabot/github_actions/trufflesecurity/trufflehog-3.94.3 branch 3 times, most recently from 5774871 to 494eb79 Compare April 28, 2026 21:18

dependabot Bot force-pushed the dependabot/github_actions/trufflesecurity/trufflehog-3.94.3 branch 3 times, most recently from 04380e2 to e30034e Compare May 11, 2026 14:44

dependabot Bot changed the title ~~ci(deps): bump trufflesecurity/trufflehog from 3.94.0 to 3.95.2~~ ci(deps): bump trufflesecurity/trufflehog from 3.94.0 to 3.95.3 May 12, 2026

dependabot Bot force-pushed the dependabot/github_actions/trufflesecurity/trufflehog-3.94.3 branch from e30034e to c1239d8 Compare May 12, 2026 20:01

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci(deps): bump trufflesecurity/trufflehog from 3.94.0 to 3.95.3#406

ci(deps): bump trufflesecurity/trufflehog from 3.94.0 to 3.95.3#406
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/trufflesecurity/trufflehog-3.94.3

dependabot Bot commented on behalf of github Apr 13, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.95.3

What's Changed

v3.95.2

What's Changed

v3.95.1

What's Changed

v3.95.0

What's Changed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 13, 2026 •

edited

Loading