chore(deps): bump trufflesecurity/trufflehog from 3.93.8 to 3.95.3 (#68)

Bumps
[trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog)
from 3.93.8 to 3.95.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/trufflesecurity/trufflehog/releases">trufflesecurity/trufflehog's
releases</a>.</em></p>
<blockquote>
<h2>v3.95.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Renamed AnypointOAuth2 detector's AnalysisInfo keys to make it
consistent with its Analyzer by <a
href="https://github.com/MuneebUllahKhan222"><code>@​MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4906">trufflesecurity/trufflehog#4906</a></li>
<li>Rename AnalysisInfo field to SecretParts on detectors.Result by <a
href="https://github.com/mcastorina"><code>@​mcastorina</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4911">trufflesecurity/trufflehog#4911</a></li>
<li>Document SecretParts contract in detector-authoring docs by <a
href="https://github.com/mcastorina"><code>@​mcastorina</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4912">trufflesecurity/trufflehog#4912</a></li>
<li>Add a static check for detectors that don't set SecretParts by <a
href="https://github.com/mcastorina"><code>@​mcastorina</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4913">trufflesecurity/trufflehog#4913</a></li>
<li>Populate SecretParts on all detectors by <a
href="https://github.com/mcastorina"><code>@​mcastorina</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4919">trufflesecurity/trufflehog#4919</a></li>
<li>Make checksecretparts required in CI by <a
href="https://github.com/mcastorina"><code>@​mcastorina</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4921">trufflesecurity/trufflehog#4921</a></li>
<li>Deduplicate concurrent credential verification requests via
singleflight by <a
href="https://github.com/kashifkhan0771"><code>@​kashifkhan0771</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4314">trufflesecurity/trufflehog#4314</a></li>
<li>log non-critical chunk errors at V(2).Info instead of Error by <a
href="https://github.com/johnelliott"><code>@​johnelliott</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4928">trufflesecurity/trufflehog#4928</a></li>
<li>[INS-320] Cloudinary detector by <a
href="https://github.com/MuneebUllahKhan222"><code>@​MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4747">trufflesecurity/trufflehog#4747</a></li>
<li>ci: bump JS actions to Node 24 majors (incl. CodeQL v4 + WIF auth
v3) by <a
href="https://github.com/bryanbeverly"><code>@​bryanbeverly</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4933">trufflesecurity/trufflehog#4933</a></li>
<li>chore: bump golangci-lint-action v7 → v9 (Node 24) by <a
href="https://github.com/bryanbeverly"><code>@​bryanbeverly</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4936">trufflesecurity/trufflehog#4936</a></li>
<li>Add default Content-Type: application/json header for custom
detector verification request by <a
href="https://github.com/MuneebUllahKhan222"><code>@​MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4947">trufflesecurity/trufflehog#4947</a></li>
<li>Make detector Result.SecretParts initialization stricter by <a
href="https://github.com/mcastorina"><code>@​mcastorina</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4948">trufflesecurity/trufflehog#4948</a></li>
<li>Add Pinecone API key detector by <a
href="https://github.com/dylanTruffle"><code>@​dylanTruffle</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4917">trufflesecurity/trufflehog#4917</a></li>
<li>adding customizable successRanges and rotatedRanges to
customDetector by <a
href="https://github.com/jordanTunstill"><code>@​jordanTunstill</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4892">trufflesecurity/trufflehog#4892</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/trufflesecurity/trufflehog/compare/v3.95.2...v3.95.3">https://github.com/trufflesecurity/trufflehog/compare/v3.95.2...v3.95.3</a></p>
<h2>v3.95.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Revert &quot;[INS-397] Fix git version parser panic on non-numeric
patch versions&quot; by <a
href="https://github.com/trufflesteeeve"><code>@​trufflesteeeve</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4903">trufflesecurity/trufflehog#4903</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/trufflesecurity/trufflehog/compare/v3.95.1...v3.95.2">https://github.com/trufflesecurity/trufflehog/compare/v3.95.1...v3.95.2</a></p>
<h2>v3.95.1</h2>
<h2>What's Changed</h2>
<ul>
<li>[INS-444] Fix verification logic in Mesibo detector by <a
href="https://github.com/mustansir14"><code>@​mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4884">trufflesecurity/trufflehog#4884</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/trufflesecurity/trufflehog/compare/v3.95.0...v3.95.1">https://github.com/trufflesecurity/trufflehog/compare/v3.95.0...v3.95.1</a></p>
<h2>v3.95.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgrade golangci-lint in CI runner and Makefile by <a
href="https://github.com/amanfcp"><code>@​amanfcp</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4861">trufflesecurity/trufflehog#4861</a></li>
<li>Deprecate SquareUp Detector by <a
href="https://github.com/nabeelalam"><code>@​nabeelalam</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4855">trufflesecurity/trufflehog#4855</a></li>
<li>[INS-397] Fix git version parser panic on non-numeric patch versions
by <a
href="https://github.com/shahzadhaider1"><code>@​shahzadhaider1</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4882">trufflesecurity/trufflehog#4882</a></li>
<li>Fix Bitbucket line highlighting URLs by <a
href="https://github.com/shahzadhaider1"><code>@​shahzadhaider1</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4854">trufflesecurity/trufflehog#4854</a></li>
<li>[INS-403] Support Custom endpoint config in hashicorpvaultauth
Detector by <a
href="https://github.com/MuneebUllahKhan222"><code>@​MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4825">trufflesecurity/trufflehog#4825</a></li>
<li>[INS-398] Added tests to ensure that custom endpoint configuration
works in artifactory detectors by <a
href="https://github.com/MuneebUllahKhan222"><code>@​MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4832">trufflesecurity/trufflehog#4832</a></li>
<li>Host ldap-verify library in trufflesecurity by <a
href="https://github.com/trufflesteeeve"><code>@​trufflesteeeve</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4859">trufflesecurity/trufflehog#4859</a></li>
<li>Add AnalysisError type and wrap all analyzer error paths by <a
href="https://github.com/johnelliott"><code>@​johnelliott</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4779">trufflesecurity/trufflehog#4779</a></li>
<li>dep-updates: Go 1.25 and dependency refreshes by <a
href="https://github.com/dustin-decker"><code>@​dustin-decker</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4888">trufflesecurity/trufflehog#4888</a></li>
<li>Fix nil pointer panics in GitHub analyzer gist/repo binding
functions by <a
href="https://github.com/shahzadhaider1"><code>@​shahzadhaider1</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4864">trufflesecurity/trufflehog#4864</a></li>
<li>[INS-399] Added Bitbucket data center(on prem) PAT detector by <a
href="https://github.com/MuneebUllahKhan222"><code>@​MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4883">trufflesecurity/trufflehog#4883</a></li>
<li>[INS-402] Add Jira Data Center PAT Detector by <a
href="https://github.com/mustansir14"><code>@​mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4872">trufflesecurity/trufflehog#4872</a></li>
<li>Add man page generation for trufflehog by <a
href="https://github.com/bryanbeverly"><code>@​bryanbeverly</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4894">trufflesecurity/trufflehog#4894</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/37b77001d0174ebec2fcca2bd83ff83a6d45a3ab"><code>37b7700</code></a>
adding customizable successRanges and rotatedRanges to customDetector
(<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4892">#4892</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/ba0a524d6e51744d9d4e306bc57ac5d6ca5173ea"><code>ba0a524</code></a>
Add Pinecone API key detector (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4917">#4917</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/ab5dd03ee012e5f372e2ba82c4813c2ba1331261"><code>ab5dd03</code></a>
Make detector Result.SecretParts initialization stricter (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4948">#4948</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/90ca685b33dd2ad6fe7d287d935f85088260ec90"><code>90ca685</code></a>
Add default Content-Type: application/json header for custom detector
verific...</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/5f47aad1c2df34f7c6230784ce9a5a659922f479"><code>5f47aad</code></a>
chore: bump golangci-lint-action v7 → v9 (Node 24) (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4936">#4936</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/a4e3016d045b88a1a93acf6f9012af7b8158e9f3"><code>a4e3016</code></a>
ci: bump JS actions to Node 24 majors (checkout v6, setup-go v6, codeql
v4, a...</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/8a12e8e2fb6f3c4a4294a8e63b3659af6c08cfe3"><code>8a12e8e</code></a>
[INS-320] Cloudinary detector (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4747">#4747</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/cf31c26af3131bd053d161a3b2155ed0cc47a050"><code>cf31c26</code></a>
Log non-critical chunk errors at V(2).Info instead of Error (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4928">#4928</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/99dc7bd6c06427bcb32f32fe1641d7fb83583915"><code>99dc7bd</code></a>
Deduplicate concurrent credential verification requests via singleflight
(<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4314">#4314</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/3fc0c2aa6648d54242e4af6fbfde0701796e4fb0"><code>3fc0c2a</code></a>
Make checksecretparts required in CI (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4921">#4921</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/trufflesecurity/trufflehog/compare/6c05c4a00b91aa542267d8e32a8254774799d68d...37b77001d0174ebec2fcca2bd83ff83a6d45a3ab">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=trufflesecurity/trufflehog&package-manager=github_actions&previous-version=3.93.8&new-version=3.95.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonathan D.A. Jewell <6759885+hyperpolymath@users.noreply.github.com>

Author: dependabot[bot]

.github/workflows/secret-scanner.yml

@@ -27,7 +27,7 @@ jobs:
           fetch-depth: 0  # Full history for scanning
 
       - name: TruffleHog Secret Scan
-        uses: trufflesecurity/trufflehog@6c05c4a00b91aa542267d8e32a8254774799d68d # v3
+        uses: trufflesecurity/trufflehog@37b77001d0174ebec2fcca2bd83ff83a6d45a3ab # v3
         with:
           # The v3 action injects --fail automatically on pull_request events.
           # Passing --fail here triggers "flag 'fail' cannot be repeated".