Skip to content

[gha]- Bump the github-actions-updates group across 1 directory with 2 updates#712

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-updates-15032c3625
Open

[gha]- Bump the github-actions-updates group across 1 directory with 2 updates#712
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-updates-15032c3625

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions-updates group with 2 updates in the / directory: actions/setup-node and trufflesecurity/trufflehog.

Updates actions/setup-node from 6 to 7

Release notes

Sourced from actions/setup-node's releases.

v7.0.0

What's Changed

Enhancements:

Bug fixes:

Documentation updates:

Dependency update:

New Contributors

Full Changelog: actions/setup-node@v6...v7.0.0

v6.5.0

What's Changed

Full Changelog: actions/setup-node@v6.4.0...v6.5.0

v6.4.0

What's Changed

Dependency updates:

New Contributors

Full Changelog: actions/setup-node@v6...v6.4.0

v6.3.0

What's Changed

Enhancements:

... (truncated)

Commits
  • 8207627 Migrate to ESM and upgrade dependencies (#1574)
  • 04be95c Add cache-primary-key and cache-matched-key as outputs (#1577)
  • 7c2c68d docs: Update caching recommendations to mitigate cache poisoning risks (#1567)
  • 6a61c03 Merge pull request #1569 from jasongin/update-actions-cache-5.1.0
  • 30eb73b Resolve high-severity audit issues
  • 4e1a87a Update dist
  • 360237f Strict equality
  • 4f8aac5 Bump @​actions/cache to 5.1.0, log cache write denied
  • f4a67bb Only use mirrorToken in getManifest if it's provided (#1548)
  • 0355742 Remove dummy NODE_AUTH_TOKEN export (#1558)
  • Additional commits viewable in compare view

Updates trufflesecurity/trufflehog from 3.95.8 to 3.95.9

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.95.9

What's Changed

New Contributors

Full Changelog: trufflesecurity/trufflehog@v3.95.8...v3.95.9

Commits
  • 27b0417 Don't log as error when git diff is too long (#5113)
  • d328285 [INS-410] Added batch token detector (#4824)
  • 33d9dad [INT-715] Retry transient failures when verifying OpenAI keys (#5117)
  • d7dcc6d feat: Support archived repo exclusion from GH org scans (#4875)
  • f845f18 feat(action): add image input to allow registry mirror overrides (#4965)
  • 6c97970 [INS-468] Add improved lob detector to defaults.go (#4971)
  • 1675e17 fix: reject --include-repos/--exclude-repos with --repo in github scan (#5112)
  • 5c27626 [INS-467] Add IPinfo detector to default detectors list (#4970)
  • 53e6391 [INS-341] Added Shippo detector (#4820)
  • d3b5487 [INS-351] Added Duffel Token Detector (#4795)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 14, 2026
…2 updates

Bumps the github-actions-updates group with 2 updates in the / directory: [actions/setup-node](https://github.com/actions/setup-node) and [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog).


Updates `actions/setup-node` from 6 to 7
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v6...v7)

Updates `trufflesecurity/trufflehog` from 3.95.8 to 3.95.9
- [Release notes](https://github.com/trufflesecurity/trufflehog/releases)
- [Commits](trufflesecurity/trufflehog@v3.95.8...v3.95.9)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions-updates
- dependency-name: trufflesecurity/trufflehog
  dependency-version: 3.95.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title [gha]- Bump the github-actions-updates group with 2 updates [gha]- Bump the github-actions-updates group across 1 directory with 2 updates Jul 15, 2026
@dependabot
dependabot Bot force-pushed the dependabot/github_actions/github-actions-updates-15032c3625 branch from c3e2040 to 0b1a596 Compare July 15, 2026 15:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants