ci(github-actions): bump the github-actions group across 1 directory with 3 updates#680
Closed
dependabot[bot] wants to merge 1 commit intomainfrom
Closed
Conversation
dependabot
bot
added
dependencies
dependabot
bot
added
dependencies
Contributor
|
KICS version: v2.1.20
Queries Results
|
Contributor
✅MegaLinter analysis: Success
See detailed reports in MegaLinter artifacts
|
…with 3 updates Bumps the github-actions group with 3 updates in the / directory: [google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml](https://github.com/google/osv-scanner-action), [google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml](https://github.com/google/osv-scanner-action) and [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog). Updates `google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml` from 2.3.3 to 2.3.5 - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](google/osv-scanner-action@c5996e0...c518547) Updates `google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml` from 2.3.3 to 2.3.5 - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](google/osv-scanner-action@c5996e0...c518547) Updates `trufflesecurity/trufflehog` from 3.93.8 to 3.94.1 - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](trufflesecurity/trufflehog@6c05c4a...586f66d) --- updated-dependencies: - dependency-name: google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml dependency-version: 2.3.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml dependency-version: 2.3.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: trufflesecurity/trufflehog dependency-version: 3.94.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/github_actions/github-actions-7db7200702
branch
from
694c98f to
5c394ad
Compare
Contributor
Author
|
Looks like these dependencies are updatable in another way, so this is no longer needed. |
auto-merge was automatically disabled
March 30, 2026 00:47
Pull request was closed
dependabot
bot
deleted the
dependabot/github_actions/github-actions-7db7200702
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the github-actions group with 3 updates in the / directory: google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml, google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml and trufflesecurity/trufflehog.
Updates
google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.ymlfrom 2.3.3 to 2.3.5Release notes
Sourced from google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml's releases.
Commits
c518547Merge pull request #124 from google/update-to-v2.3.51fc5ec2Update unified workflow example to point to v2.3.5 reusable workflows3d5827dUpdate reusable workflows to point to v2.3.5 actions7222d1c"Update actions to use v2.3.5 osv-scanner image"a30b4c3Merge pull request #120 from google/lsc-1771431861.838104562f47c7Fix missing env var after the initial changeb7ee968Refactor Github Action per b/485167538Updates
google/osv-scanner-action/.github/workflows/osv-scanner-reusable.ymlfrom 2.3.3 to 2.3.5Release notes
Sourced from google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml's releases.
Commits
c518547Merge pull request #124 from google/update-to-v2.3.51fc5ec2Update unified workflow example to point to v2.3.5 reusable workflows3d5827dUpdate reusable workflows to point to v2.3.5 actions7222d1c"Update actions to use v2.3.5 osv-scanner image"a30b4c3Merge pull request #120 from google/lsc-1771431861.838104562f47c7Fix missing env var after the initial changeb7ee968Refactor Github Action per b/485167538Updates
trufflesecurity/trufflehogfrom 3.93.8 to 3.94.1Release notes
Sourced from trufflesecurity/trufflehog's releases.
Commits
586f66duse struct-based SourceMetadataFunc signature across git sources (#4813)6c64db9Expand tilde manually in TUI (#4827)afd5336Confine symlink state handling to scanSymlink in Filesystem source (#4807)d17df48Add test cases for escaped unicode (#4812)aeb1278Update README formatting and CLI help output (#4758)42b02efAdd anypoint oauth2 detector to defaults.go (#4722)4860052Analysis info now uses snake case (#4765)f9d1850[INS-241] Datadogapikey detector (#4627)16d6dcf[INS-254] Datadog detector verification fix and endpoint configuration (#4616)bc31aa9Rearrange some method parameters in the Filesystem source (#4806)