chore(deps): bump trufflesecurity/trufflehog from 3.89.2 to 3.90.1 in the gha group

[dependabot]

Bumps the gha group with 1 update: trufflesecurity/trufflehog.

Updates trufflesecurity/trufflehog from 3.89.2 to 3.90.1

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.90.1

What's Changed

• Added KeySet Pagination for Gitlab Projects V2 Enumeration by @​kashifkhan0771 in trufflesecurity/trufflehog#4319
• Salesforce Refresh Token Detector by @​shahzadhaider1 in trufflesecurity/trufflehog#4295

Full Changelog: trufflesecurity/trufflehog@v3.90.0...v3.90.1

v3.90.0

What's Changed

• chore: fix comment by @​largemouth in trufflesecurity/trufflehog#4239
• Fixed jira detector invalid domain issue by @​kashifkhan0771 in trufflesecurity/trufflehog#4250
• Added LangSmith API Key detector by @​kashifkhan0771 in trufflesecurity/trufflehog#4251
• Gitparse test: Decreased MaxDiffSize in gitparse TestMaxDiffSize() function by @​nabeelalam in trufflesecurity/trufflehog#4240
• Updated GoDaddy Detector by @​kashifkhan0771 in trufflesecurity/trufflehog#4258
• Bannerbear Detector V2 by @​shahzadhaider1 in trufflesecurity/trufflehog#4222
• Surface errors when Github source cannot fetch repo or gist by @​kashifkhan0771 in trufflesecurity/trufflehog#4259
• Move default detectors ownership to OSS by @​rosecodym in trufflesecurity/trufflehog#4257
• Added Shannon Entropy Check in Gitlab v1 detector by @​kashifkhan0771 in trufflesecurity/trufflehog#4260
• Feat: bitbucket app by @​x-stp in trufflesecurity/trufflehog#4214
• fix: throws error if dir not found by @​sahil9001 in trufflesecurity/trufflehog#3419
• (fix) Flaky BoxOAuth detector test by @​abmussani in trufflesecurity/trufflehog#4199
• Enabled and Enhanced Artifactory Detector by @​kashifkhan0771 in trufflesecurity/trufflehog#4207
• Fix TestChunkUnit by @​shahzadhaider1 in trufflesecurity/trufflehog#4263
• Disable s3 filter test by @​rosecodym in trufflesecurity/trufflehog#4262
• feat [detector]: added hasura detector by @​sahil9001 in trufflesecurity/trufflehog#3427
• Handle no such host errors for Algolia Detector by @​kashifkhan0771 in trufflesecurity/trufflehog#4264
• [Update] Coinbase API Detector Updated by @​nabeelalam in trufflesecurity/trufflehog#4202
• Added SQL Server error code and message to verification error by @​kashifkhan0771 in trufflesecurity/trufflehog#4267
• Fixed and Improved billomat detector by @​kashifkhan0771 in trufflesecurity/trufflehog#4268
• Allow users to exit the TUI when there are extra args by @​mcastorina in trufflesecurity/trufflehog#4274
• Updated ExchangeRate Detector by @​kashifkhan0771 in trufflesecurity/trufflehog#4278
• Deprecated AirTable API Key detector by @​kashifkhan0771 in trufflesecurity/trufflehog#4266
• [chore] Write --help to stdout by @​mcastorina in trufflesecurity/trufflehog#4277
• Salesforce OAuth2 Detector by @​shahzadhaider1 in trufflesecurity/trufflehog#4252
• [Update] Added Missing Indeterminate Verification Errors In Detectors Starting With Letter "A" by @​nabeelalam in trufflesecurity/trufflehog#4256
• Updated Lokalise Detector by @​kashifkhan0771 in trufflesecurity/trufflehog#4279
• updating oss documentation to explain info provided here: CSM-1118 by @​jordanTunstill in trufflesecurity/trufflehog#4271
• RoninApp Rebranded to Clientary by @​kashifkhan0771 in trufflesecurity/trufflehog#4272
• [Update] Dwolla Detector Updated by @​nabeelalam in trufflesecurity/trufflehog#4282
• Added support for scanning images from the docker daemon by @​saghaulor in trufflesecurity/trufflehog#4276
• Revert "Added support for scanning images from the docker daemon" by @​rosecodym in trufflesecurity/trufflehog#4291
• Fixed Gist URL Detection by @​kashifkhan0771 in trufflesecurity/trufflehog#4284
• chore: fix some minor issues in the comments by @​shangchenglumetro in trufflesecurity/trufflehog#4292
• Updated Detectors Proto by @​kashifkhan0771 in trufflesecurity/trufflehog#4294
• [perf] - Optimize Chunk Size Handling for Improved I/O and Memory Efficiency by @​ahrav in trufflesecurity/trufflehog#3134
• fix(deps): update module github.com/charmbracelet/bubbletea to v1.3.6 by @​renovate[bot] in trufflesecurity/trufflehog#4227
• fix(deps): update module github.com/google/go-containerregistry to v0.20.6 by @​renovate[bot] in trufflesecurity/trufflehog#4230
• chore(deps): update dependency go to v1.24.5 by @​renovate[bot] in trufflesecurity/trufflehog#4298
• Simplified Gitlab Enumeration by @​kashifkhan0771 in trufflesecurity/trufflehog#4283

... (truncated)

Commits

• 907ac64 Salesforce Refresh Token Detector (#4295)
• 7792f02 Added KeySet Pagination for Gitlab Projects V2 Enumeration (#4319)
• eafb8c5 Add support for docker daemon as a source (#4306)
• 4c67ab3 Add field for conditional permission binding (#4316)
• 8d5986d Added v2 for CircleCI Detector (#4300)
• 55cfe6b add detection for updated asana personal access token (#4273)
• ab136f6 chore(deps): update sigstore/cosign-installer action to v3.9.1 (#4308)
• 8921e93 chore(deps): update alpine docker tag to v3.22 (#4307)
• e365bcf fix(deps): update module go.uber.org/mock to v0.5.2 (#4305)
• fec3bbc fix(deps): update module go.mongodb.org/mongo-driver to v1.17.4 (#4304)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[kusari-inspector]

Kusari Analysis Results

Analysis for commit: 570c4ba, performed at: 2025-08-04T09:14:34Z

• @kusari-inspector rerun - Trigger a re-analysis of this PR

• @kusari-inspector feedback [your message] - Send feedback to our AI and team

---

Recommendation

✅ PROCEED with this Pull Request

Summary

✅ No Flagged Issues Detected

All values appear to be within acceptable risk parameters.

No pinned version dependency changes, code issues or exposed secrets detected!

Found this helpful? Give it a 👍 or 👎 reaction!

[dependabot]

Looks like trufflesecurity/trufflehog is updatable in another way, so this is no longer needed.