From d22ca6c8953bbe6801625230281c06e4376a0483 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 21 Nov 2025 09:11:37 +0000
Subject: [PATCH] ci(github-actions): bump the github-actions group with 2
 updates

Bumps the github-actions group with 2 updates: [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) and [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog).


Updates `astral-sh/setup-uv` from 7.1.3 to 7.1.4
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](https://github.com/astral-sh/setup-uv/compare/5a7eac68fb9809dea845d802897dc5c723910fa3...1e862dfacbd1d6d858c55d9b792c756523627244)

Updates `trufflesecurity/trufflehog` from 3.91.0 to 3.91.1
- [Release notes](https://github.com/trufflesecurity/trufflehog/releases)
- [Changelog](https://github.com/trufflesecurity/trufflehog/blob/main/.goreleaser.yml)
- [Commits](https://github.com/trufflesecurity/trufflehog/compare/cb6aeefd6e2498240d0418e63f69684d28337e7b...aade3bff5594fe8808578dd4db3dfeae9bf2abdc)

---
updated-dependencies:
- dependency-name: astral-sh/setup-uv
  dependency-version: 7.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: trufflesecurity/trufflehog
  dependency-version: 3.91.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci.yml    | 2 +-
 .github/workflows/scans.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 0bbd404..adfddad 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -35,7 +35,7 @@ jobs:
     steps:
       - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
 
-      - uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7
+      - uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7
 
       - id: setup-python
         uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6
diff --git a/.github/workflows/scans.yml b/.github/workflows/scans.yml
index 4345e5d..df59c04 100644
--- a/.github/workflows/scans.yml
+++ b/.github/workflows/scans.yml
@@ -390,7 +390,7 @@ jobs:
         with:
           fetch-depth: (${{ github.event.pull_request.commits || 2 }} + 1)
 
-      - uses: trufflesecurity/trufflehog@cb6aeefd6e2498240d0418e63f69684d28337e7b # v3
+      - uses: trufflesecurity/trufflehog@aade3bff5594fe8808578dd4db3dfeae9bf2abdc # v3
         with:
           extra_args: --results=verified,unknown