build(CI): Bump trufflesecurity/trufflehog from 3.93.3 to 3.93.4 (#1231)

dependabot[bot] · web-flow · commit 04387252fa03 · 2026-02-20T08:11:24.000Z
Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.93.3 to 3.93.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/trufflesecurity/trufflehog/releases">trufflesecurity/trufflehog's releases</a>.</em></p> <blockquote> <h2>v3.93.4</h2> <h2>What's Changed</h2> <ul> <li>Add a new NDJSON / JSONL input source by <a href="https://github.com/bradlarsen"><code>@​bradlarsen</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4721">trufflesecurity/trufflehog#4721</a></li> <li>Fix typo in CODEOWNERS for pkg/analyzer by <a href="https://github.com/shahzadhaider1"><code>@​shahzadhaider1</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4748">trufflesecurity/trufflehog#4748</a></li> <li>Pre-allocate anthropic analyzer bindings slice capacity with zero length by <a href="https://github.com/kashifkhan0771"><code>@​kashifkhan0771</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4746">trufflesecurity/trufflehog#4746</a></li> <li>Made indeterminate error for JWT detector determinate by <a href="https://github.com/jordanTunstill"><code>@​jordanTunstill</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4745">trufflesecurity/trufflehog#4745</a></li> <li>Optimize the regex pattern in the artifactory access token detector by <a href="https://github.com/shahzadhaider1"><code>@​shahzadhaider1</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4685">trufflesecurity/trufflehog#4685</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/trufflesecurity/trufflehog/compare/v3.93.3...v3.93.4">https://github.com/trufflesecurity/trufflehog/compare/v3.93.3...v3.93.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/7c0734f987ad0bb30ee8da210773b800ee2016d3"><code>7c0734f</code></a> optimize the regex pattern in the artifactory access token detector (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4685">#4685</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/cbdff3fa9cf5e46d9a78c0d3ab6374f7f5e89334"><code>cbdff3f</code></a> Changed matchingKey, found := keySet.LookupKeyID(kid) to be determinate if no...</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/1306f38c20bb065952cff015b7fb71374d1a0b93"><code>1306f38</code></a> Pre-allocate anthropic analyzer bindings slice capacity with zero length (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4746">#4746</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/c84a42ac1cbe546ad7ef47d560b779c4f4dbc868"><code>c84a42a</code></a> Fix typo in CODEOWNERS for pkg/analyzer (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4748">#4748</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/c563a0692fa2017ff949d219cc9f586293d41e66"><code>c563a06</code></a> Add a new NDJSON / JSONL input source (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4721">#4721</a>)</li> <li>See full diff in <a href="https://github.com/trufflesecurity/trufflehog/compare/v3.93.3...v3.93.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=trufflesecurity/trufflehog&package-manager=github_actions&previous-version=3.93.3&new-version=3.93.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml
@@ -13,7 +13,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: TruffleHog OSS
-        uses: trufflesecurity/trufflehog@v3.93.3
+        uses: trufflesecurity/trufflehog@v3.93.4
         with:
           path: ./
           base: ${{ github.event.repository.default_branch }}
