Skip to content

chore(deps): bump trufflesecurity/trufflehog from 3.95.7 to 3.95.8#8210

Merged
akarnokd merged 1 commit into
4.xfrom
dependabot/github_actions/trufflesecurity/trufflehog-3.95.8
Jul 3, 2026
Merged

chore(deps): bump trufflesecurity/trufflehog from 3.95.7 to 3.95.8#8210
akarnokd merged 1 commit into
4.xfrom
dependabot/github_actions/trufflesecurity/trufflehog-3.95.8

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor

Bumps trufflesecurity/trufflehog from 3.95.7 to 3.95.8.

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.95.8

What's Changed

Full Changelog: trufflesecurity/trufflehog@v3.95.7...v3.95.8

Commits
  • 00155c9 Include encoded resume info instead of clobbering it (#5110)
  • 4d3a66f fixed syntax error (#5109)
  • 797f02b [INS-334] Octopus Deploy detector (#4787)
  • 7f04a89 [INS-465] Skip unverified JWT Detector results when feature flag is enabled (...
  • 459d5a7 Add prometheus metrics for engine channels and workers (#5095)
  • f38f8f7 fix(azuresastoken): match SAS tokens regardless of parameter order (#5043)
  • 6261f5c removed "unauthorized" as exception for rotated graphana secrets (#5068)
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.95.7 to 3.95.8.
- [Release notes](https://github.com/trufflesecurity/trufflehog/releases)
- [Commits](trufflesecurity/trufflehog@f446421...00155c9)

---
updated-dependencies:
- dependency-name: trufflesecurity/trufflehog
  dependency-version: 3.95.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Jul 3, 2026
@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown

🐷 TruffleHog + Entropy Beauty Scan

Average entropy of changed code: 4.779 bits/char
Verdict: ⚠️ Consider review — entropy outside sweet spot

Changed files entropy:

src/main/java/io/reactivex/rxjava4/core/Streamable.java: 4.574
src/main/java/io/reactivex/rxjava4/core/StreamableConverter.java: 4.893
src/main/java/io/reactivex/rxjava4/core/StreamableOperator.java: 4.846
src/main/java/io/reactivex/rxjava4/core/config/StreamableInterceptConfig.java: 4.917
src/main/java/io/reactivex/rxjava4/internal/fuseable/HasUpstreamStreamableSource.java: 4.937
src/main/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableIntercept.java: 4.627
src/main/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableLift.java: 4.880
src/main/java/io/reactivex/rxjava4/observers/BaseTestConsumer.java: 4.493
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableDeferTest.java: 4.847
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableDoOnXTest.java: 4.911
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableErrorTest.java: 4.826
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableFilterTest.java: 4.725
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableFlatMapTest.java: 4.780
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableForEachTest.java: 4.358
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableFromArrayTest.java: 4.924
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableFromIterableTest.java: 4.837
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableFromStreamTest.java: 4.823
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableInterceptTest.java: 4.638
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableLiftTest.java: 4.882
src/test/java/io/reactivex/rxjava4/internal/operators/streamable/StreamableMapOptionalTest.java: 4.805

✅ No secrets or suspicious high-entropy strings found.

Mid-4 beauty heuristic in action — powered by our entropy chats! 😊

@akarnokd akarnokd merged commit 80e425f into 4.x Jul 3, 2026
9 checks passed
@dependabot dependabot Bot deleted the dependabot/github_actions/trufflesecurity/trufflehog-3.95.8 branch July 3, 2026 05:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant