[dependabot][all](deps): Bump the dependabot-all group with 10 updates

dependabot[bot] · Nick2bad4u · commit e35d4367ccc7 · 2026-04-01T15:22:41.000-04:00
Bumps the dependabot-all group with 10 updates: | Package | From | To | | --- | --- | --- | | [github/codeql-action](https://github.com/github/codeql-action) | `4.31.9` | `4.35.1` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.2` | `4.9.0` | | [actions/configure-pages](https://github.com/actions/configure-pages) | `5.0.0` | `6.0.0` | | [actions/deploy-pages](https://github.com/actions/deploy-pages) | `4.0.5` | `5.0.0` | | [google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml](https://github.com/google/osv-scanner-action) | `2.3.3` | `2.3.5` | | [google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml](https://github.com/google/osv-scanner-action) | `2.3.3` | `2.3.5` | | [actions/cache](https://github.com/actions/cache) | `5.0.3` | `5.0.4` | | [ncipollo/release-action](https://github.com/ncipollo/release-action) | `1.20.0` | `1.21.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.2` | `6.0.0` | | [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.92.4` | `3.94.1` | Updates `github/codeql-action` from 4.31.9 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@5d4e8d1...c10b806) Updates `actions/dependency-review-action` from 4.8.2 to 4.9.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@3c4e3dc...2031cfc) Updates `actions/configure-pages` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/configure-pages/releases) - [Commits](actions/configure-pages@983d773...45bfe01) Updates `actions/deploy-pages` from 4.0.5 to 5.0.0 - [Release notes](https://github.com/actions/deploy-pages/releases) - [Commits](actions/deploy-pages@d6db901...cd2ce8f) Updates `google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml` from 2.3.3 to 2.3.5 - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](google/osv-scanner-action@c5996e0...c518547) Updates `google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml` from 2.3.3 to 2.3.5 - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](google/osv-scanner-action@c5996e0...c518547) Updates `actions/cache` from 5.0.3 to 5.0.4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@cdf6c1f...6682284) Updates `ncipollo/release-action` from 1.20.0 to 1.21.0 - [Release notes](https://github.com/ncipollo/release-action/releases) - [Commits](ncipollo/release-action@b7eabc9...339a818) Updates `codecov/codecov-action` from 5.5.2 to 6.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@671740a...57e3a13) Updates `trufflesecurity/trufflehog` from 3.92.4 to 3.94.1 - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](trufflesecurity/trufflehog@ef6e76c...586f66d) [dependabot][all](deps): Bump the dependabot-all group with 24 updates Bumps the dependabot-all group with 24 updates: | Package | From | To | | --- | --- | --- | | [prettier-plugin-merge](https://github.com/ony3000/prettier-plugin-merge) | `0.10.0` | `0.10.1` | | [prettier-plugin-packagejson](https://github.com/matzkoh/prettier-plugin-packagejson) | `3.0.0` | `3.0.2` | | [prettier-plugin-sql](https://github.com/un-ts/prettier) | `0.19.2` | `0.20.0` | | [@awmottaz/prettier-plugin-void-html](https://github.com/awmottaz/prettier-plugin-void-html) | `2.0.0` | `2.1.0` | | [prettier-plugin-multiline-arrays](https://github.com/electrovir/prettier-plugin-multiline-arrays) | `4.1.4` | `4.1.5` | | [@augment-vir/assert](https://github.com/electrovir/augment-vir) | `31.67.1` | `31.68.2` | | [@augment-vir/common](https://github.com/electrovir/augment-vir) | `31.67.1` | `31.68.2` | | [@augment-vir/core](https://github.com/electrovir/augment-vir) | `31.67.1` | `31.68.2` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.28.6` | `7.29.2` | | [@date-vir/duration](https://github.com/electrovir/date-vir) | `8.2.0` | `8.2.1` | | [@types/debug](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/debug) | `4.1.12` | `4.1.13` | | [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.0.3` | | [comment-parser](https://github.com/yavorskiy/comment-parser) | `1.4.5` | `1.4.6` | | [undici](https://github.com/nodejs/undici) | `6.23.0` | `6.24.1` | | [esbuild](https://github.com/evanw/esbuild) | `0.27.3` | `0.27.4` | | [katex](https://github.com/KaTeX/KaTeX) | `0.16.35` | `0.16.44` | | [marked](https://github.com/markedjs/marked) | `17.0.4` | `17.0.5` | | [mlly](https://github.com/unjs/mlly) | `1.8.0` | `1.8.2` | | [needle](https://github.com/tomas/needle) | `3.3.1` | `3.5.0` | | [rollup](https://github.com/rollup/rollup) | `4.59.0` | `4.60.1` | | [sax](https://github.com/isaacs/sax-js) | `1.5.0` | `1.6.0` | | [sql-formatter](https://github.com/sql-formatter-org/sql-formatter) | `15.7.2` | `15.7.3` | | [typed-event-target](https://github.com/electrovir/typed-event-target) | `4.1.0` | `4.3.0` | Updates `prettier-plugin-merge` from 0.10.0 to 0.10.1 - [Release notes](https://github.com/ony3000/prettier-plugin-merge/releases) - [Commits](ony3000/prettier-plugin-merge@v0.10.0...v0.10.1) Updates `prettier-plugin-packagejson` from 3.0.0 to 3.0.2 - [Release notes](https://github.com/matzkoh/prettier-plugin-packagejson/releases) - [Commits](matzkoh/prettier-plugin-packagejson@v3.0.0...v3.0.2) Updates `prettier-plugin-sql` from 0.19.2 to 0.20.0 - [Release notes](https://github.com/un-ts/prettier/releases) - [Changelog](https://github.com/un-ts/prettier/blob/master/CHANGELOG.md) - [Commits](https://github.com/un-ts/prettier/compare/prettier-plugin-sql@0.19.2...prettier-plugin-sql@0.20.0) Updates `@awmottaz/prettier-plugin-void-html` from 2.0.0 to 2.1.0 - [Release notes](https://github.com/awmottaz/prettier-plugin-void-html/releases) - [Changelog](https://github.com/awmottaz/prettier-plugin-void-html/blob/main/CHANGELOG.md) - [Commits](awmottaz/prettier-plugin-void-html@v2.0.0...v2.1.0) Updates `prettier-plugin-multiline-arrays` from 4.1.4 to 4.1.5 - [Release notes](https://github.com/electrovir/prettier-plugin-multiline-arrays/releases) - [Commits](electrovir/prettier-plugin-multiline-arrays@v4.1.4...v4.1.5) Updates `@augment-vir/assert` from 31.67.1 to 31.68.2 - [Release notes](https://github.com/electrovir/augment-vir/releases) - [Commits](electrovir/augment-vir@v31.67.1...v31.68.2) Updates `@augment-vir/common` from 31.67.1 to 31.68.2 - [Release notes](https://github.com/electrovir/augment-vir/releases) - [Commits](electrovir/augment-vir@v31.67.1...v31.68.2) Updates `@augment-vir/core` from 31.67.1 to 31.68.2 - [Release notes](https://github.com/electrovir/augment-vir/releases) - [Commits](electrovir/augment-vir@v31.67.1...v31.68.2) Updates `@babel/runtime` from 7.28.6 to 7.29.2 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.29.2/packages/babel-runtime) Updates `@date-vir/duration` from 8.2.0 to 8.2.1 - [Release notes](https://github.com/electrovir/date-vir/releases) - [Commits](electrovir/date-vir@v8.2.0...v8.2.1) Updates `@types/debug` from 4.1.12 to 4.1.13 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/debug) Updates `picomatch` from 2.3.1 to 2.3.2 - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](micromatch/picomatch@2.3.1...2.3.2) Updates `brace-expansion` from 2.0.2 to 2.0.3 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@v2.0.2...v2.0.3) Updates `comment-parser` from 1.4.5 to 1.4.6 - [Changelog](https://github.com/syavorsky/comment-parser/blob/main/CHANGELOG.md) - [Commits](https://github.com/yavorskiy/comment-parser/commits) Updates `undici` from 6.23.0 to 6.24.1 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v6.23.0...v6.24.1) Updates `esbuild` from 0.27.3 to 0.27.4 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.27.3...v0.27.4) Updates `katex` from 0.16.35 to 0.16.44 - [Release notes](https://github.com/KaTeX/KaTeX/releases) - [Changelog](https://github.com/KaTeX/KaTeX/blob/main/CHANGELOG.md) - [Commits](KaTeX/KaTeX@v0.16.35...v0.16.44) Updates `marked` from 17.0.4 to 17.0.5 - [Release notes](https://github.com/markedjs/marked/releases) - [Commits](markedjs/marked@v17.0.4...v17.0.5) Updates `mlly` from 1.8.0 to 1.8.2 - [Release notes](https://github.com/unjs/mlly/releases) - [Changelog](https://github.com/unjs/mlly/blob/main/CHANGELOG.md) - [Commits](unjs/mlly@v1.8.0...v1.8.2) Updates `needle` from 3.3.1 to 3.5.0 - [Release notes](https://github.com/tomas/needle/releases) - [Commits](tomas/needle@v3.3.1...v3.5.0) Updates `rollup` from 4.59.0 to 4.60.1 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.59.0...v4.60.1) Updates `sax` from 1.5.0 to 1.6.0 - [Commits](isaacs/sax-js@v1.5.0...v1.6.0) Updates `sql-formatter` from 15.7.2 to 15.7.3 - [Release notes](https://github.com/sql-formatter-org/sql-formatter/releases) - [Commits](sql-formatter-org/sql-formatter@v15.7.2...v15.7.3) Updates `typed-event-target` from 4.1.0 to 4.3.0 - [Release notes](https://github.com/electrovir/typed-event-target/releases) - [Commits](electrovir/typed-event-target@v4.1.0...v4.3.0) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: actions/dependency-review-action dependency-version: 4.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: actions/configure-pages dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependabot-all - dependency-name: actions/deploy-pages dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependabot-all - dependency-name: google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml dependency-version: 2.3.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml dependency-version: 2.3.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: ncipollo/release-action dependency-version: 1.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependabot-all - dependency-name: trufflesecurity/trufflehog dependency-version: 3.94.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: prettier-plugin-merge dependency-version: 0.10.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: prettier-plugin-packagejson dependency-version: 3.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: prettier-plugin-sql dependency-version: 0.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: "@awmottaz/prettier-plugin-void-html" dependency-version: 2.1.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: prettier-plugin-multiline-arrays dependency-version: 4.1.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: "@augment-vir/assert" dependency-version: 31.68.2 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: "@augment-vir/common" dependency-version: 31.68.2 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: "@augment-vir/core" dependency-version: 31.68.2 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: "@babel/runtime" dependency-version: 7.29.2 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: "@date-vir/duration" dependency-version: 8.2.1 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: "@types/debug" dependency-version: 4.1.13 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: picomatch dependency-version: 2.3.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: brace-expansion dependency-version: 2.0.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: comment-parser dependency-version: 1.4.6 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: undici dependency-version: 6.24.1 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: esbuild dependency-version: 0.27.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: katex dependency-version: 0.16.44 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: marked dependency-version: 17.0.5 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: mlly dependency-version: 1.8.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: needle dependency-version: 3.5.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: rollup dependency-version: 4.60.1 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: sax dependency-version: 1.6.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependabot-all - dependency-name: sql-formatter dependency-version: 15.7.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependabot-all - dependency-name: typed-event-target dependency-version: 4.3.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependabot-all ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -50,7 +50,7 @@ jobs:
 
             # Initializes the CodeQL tools for scanning.
             - name: Initialize CodeQL
-              uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+              uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
               with:
                   languages: ${{ matrix.language }}
                   # If you wish to specify custom queries, you can do so here or in a config file.
@@ -60,7 +60,7 @@ jobs:
             # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
             # If this step fails, then you should remove it and run the build manually (see below)
             - name: Autobuild
-              uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+              uses: github/codeql-action/autobuild@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
 
             # ℹ️ Command-line programs to run using the OS shell.
             # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -73,6 +73,6 @@ jobs:
             #   ./location_of_script_within_repo/buildscript.sh
 
             - name: Perform CodeQL Analysis
-              uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+              uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
               with:
                   category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -24,4 +24,4 @@ jobs:
             - name: "Checkout Repository"
               uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
             - name: "Dependency Review"
-              uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2
+              uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
diff --git a/.github/workflows/jekyll-gh-pages.yml b/.github/workflows/jekyll-gh-pages.yml
@@ -41,7 +41,7 @@ jobs:
             - name: Checkout
               uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
             - name: Setup Pages
-              uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0
+              uses: actions/configure-pages@45bfe0192ca1faeb007ade9deae92b16b8254a0d # v6.0.0
             - name: Build with Jekyll
               uses: actions/jekyll-build-pages@44a6e6beabd48582f863aeeb6cb2151cc1716697 # v1.0.13
               with:
@@ -68,4 +68,4 @@ jobs:
 
             - name: Deploy to GitHub Pages
               id: deployment
-              uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
+              uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0
diff --git a/.github/workflows/osv-scanner.yml b/.github/workflows/osv-scanner.yml
@@ -58,11 +58,11 @@ concurrency:
 jobs:
     scan-scheduled:
         if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }}
-        uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@c5996e0193a3df57d695c1b8a1dec2a4c62e8730" # v2.3.3
+        uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@c51854704019a247608d928f370c98740469d4b5" # v2.3.5
         with:
             scan-args: ./package-lock.json --fail-on-vuln=false
     scan-pr:
         if: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }}
-        uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@c5996e0193a3df57d695c1b8a1dec2a4c62e8730" # v2.3.3
+        uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@c51854704019a247608d928f370c98740469d4b5" # v2.3.5
         with:
             scan-args: ./package-lock.json --fail-on-vuln=false
diff --git a/.github/workflows/prettier.yml b/.github/workflows/prettier.yml
@@ -30,7 +30,7 @@ jobs:
                   node-version: 20
 
             - name: Cache node modules
-              uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
+              uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
               with:
                   path: ./node_modules
                   key: ${{ runner.os }}-.-node-modules-${{ hashFiles('./package-lock.json') }}
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -285,7 +285,7 @@ jobs:
 
             - name: Create GitHub Release
               if: ${{ github.event_name != 'workflow_dispatch' || env.CREATE_RELEASE_INPUT != 'false' }}
-              uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
+              uses: ncipollo/release-action@339a81892b84b4eeb0f6e744e4574d79d0d9b8dd # v1.21.0
               with:
                   tag: v${{ steps.manifest.outputs.version }}
                   name: Release v${{ steps.manifest.outputs.version }}
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -74,6 +74,6 @@ jobs:
 
             # Upload the results to GitHub's code scanning dashboard.
             - name: "Upload to code-scanning"
-              uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+              uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
               with:
                   sarif_file: results.sarif
diff --git a/.github/workflows/security-devops.yml b/.github/workflows/security-devops.yml
@@ -26,6 +26,6 @@ jobs:
               uses: microsoft/security-devops-action@d0736c546281e0632667b8e0046ae3d7bba0bf67 # latest
               id: msdo
             - name: Upload results to Security tab
-              uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5
+              uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5
               with:
                   sarif_file: ${{ steps.msdo.outputs.sarifFile }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -61,7 +61,7 @@ jobs:
                   path: coverage.xml
 
             - name: Upload coverage to Codecov
-              uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.1.2
+              uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v5.1.2
               with:
                   files: ./coverage.xml
                   flags: windows-powershell-51
@@ -141,7 +141,7 @@ jobs:
                   path: coverage.xml
 
             - name: Upload coverage to Codecov
-              uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.1.2
+              uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v5.1.2
               with:
                   files: ./coverage.xml
                   flags: pwsh-${{ matrix.os }}
diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml
@@ -26,7 +26,7 @@ jobs:
               with:
                   fetch-depth: 0
             - name: Secret Scanning (entire repo)
-              uses: trufflesecurity/trufflehog@ef6e76c3c4023279497fab4721ffa071a722fd05 # v3.92.4
+              uses: trufflesecurity/trufflehog@586f66d7886cd0b037c7c245d4a6e34ef357ab10 # v3.94.1
               with:
                   base: ""
                   head: ${{ github.ref_name }}
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
