Update all dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/download-artifact	action	major	v6 -> v7
actions/upload-artifact	action	major	v5 -> v6
dawidd6/action-send-mail	action	major	v6 -> v7
trufflesecurity/trufflehog	action	patch	v3.92.3 -> v3.92.4

---

Release Notes

actions/download-artifact (actions/download-artifact)

v7

Compare Source

actions/upload-artifact (actions/upload-artifact)

v6

Compare Source

dawidd6/action-send-mail (dawidd6/action-send-mail)

v7

Compare Source

What's Changed

• build(deps): bump nodemailer from 7.0.3 to 7.0.4 by @​dependabot[bot] in #​230
• build(deps): bump nodemailer from 7.0.4 to 7.0.5 by @​dependabot[bot] in #​232
• build(deps): bump actions/checkout from 4 to 5 by @​dependabot[bot] in #​233
• build(deps): bump nodemailer from 7.0.5 to 7.0.6 by @​dependabot[bot] in #​235
• build(deps): bump nodemailer from 7.0.6 to 7.0.7 by @​dependabot[bot] in #​236
• build(deps): bump nodemailer from 7.0.7 to 7.0.9 by @​dependabot[bot] in #​237
• build(deps): bump nodemailer from 7.0.9 to 7.0.10 by @​dependabot[bot] in #​239
• build(deps): bump actions/checkout from 5 to 6 by @​dependabot[bot] in #​241
• build(deps): bump @​actions/core from 1.11.1 to 2.0.0 by @​dependabot[bot] in #​243
• build(deps): bump nodemailer from 7.0.10 to 7.0.11 by @​dependabot[bot] in #​242
• build(deps): bump @​actions/core from 2.0.0 to 2.0.1 by @​dependabot[bot] in #​244
• build(deps): bump nodemailer from 7.0.11 to 7.0.12 by @​dependabot[bot] in #​245
• node_modules: update by @​dawidd6 in #​246

Full Changelog: dawidd6/action-send-mail@v6...v7

trufflesecurity/trufflehog (trufflesecurity/trufflehog)

v3.92.4

Compare Source

What's Changed

• [INS-170] Unify JDBC URL parsing across detectors and analyzers by @​mustansir14 in #​4574
• Pagination and Rate-Limit Handling In Docker Registry Namespace API Calls by @​nabeelalam in #​4557
• [INS-226] Use pinned image for Quay registry Integration test by @​mustansir14 in #​4602
• Update module golang.org/x/crypto to v0.45.0 [SECURITY] by @​renovate[bot] in #​4562
• [INS-207] Add Role-Aware Resumption Support for Legacy S3 Scan by @​MuneebUllahKhan222 in #​4600
• Enable line numbers for GitHub Real-time by @​rosecodym in #​4611

Full Changelog: trufflesecurity/trufflehog@v3.92.3...v3.92.4

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

---

This change is 

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/dawidd6/action-send-mail	6e71c855c9a091d80a519621b9fd3e8d252ca40c	🟢 3.9	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 1 Found 2/14 approved changesets -- score normalized to 1 Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 6 8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
actions/trufflesecurity/trufflehog	ef6e76c3c4023279497fab4721ffa071a722fd05	🟢 7.1	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 9 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Signed-Releases 🟢 8 5 out of the last 5 releases have a total of 5 signed artifacts. Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits

Scanned Files

• .github/workflows/shared-secret-scan.yml