Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the gha group with 3 updates: actions/cache, aquasecurity/trivy-action and trufflesecurity/trufflehog.
Updates
actions/cache
from 3 to 4Release notes
Sourced from actions/cache's releases.
... (truncated)
Changelog
Sourced from actions/cache's changelog.
... (truncated)
Commits
0c45773
Merge pull request #1327 from cdce8p/fix-fail-on-cache-miss8a55f83
Add test case for process exit3884cac
Bump versione29dad3
Fix fail-on-cache-miss not workingab5e6d0
Merge pull request #1341 from bethanyj28/main89c7d86
licensed cached2c84da
update@actions/cache
37e7d4e
Merge pull request #1340 from actions/bethanyj28/update-publish-flowa18323f
add release actiona2ed59d
Merge pull request #1305 from actions/yacaovsnc/update_examplesUpdates
aquasecurity/trivy-action
from 0.16.1 to 0.18.0Release notes
Sourced from aquasecurity/trivy-action's releases.
Commits
062f259
fix: Refer to scan-ref when scan-type is "sbom" (#314)1f6384b
docs(report): improve documentation aroundUsing Trivy to generate SBOM
and...84384bd
Upgraded Trivy from 0.48.1 to v0.49.0 (#304)f3d9851
fix: Fixskip-files
andhide-progress
options not being applied when usin...0b9d17b
docs: add configuration info for flags not supported by inputs (#296)Updates
trufflesecurity/trufflehog
from 3.63.9 to 3.71.0Release notes
Sourced from trufflesecurity/trufflehog's releases.
... (truncated)
Commits
6dbe808
Dockerhub v2 detector (#2361)f1abe2c
fix(deps): update module github.com/brianvoe/gofakeit/v6 to v7 (#2612)441d9ff
Update Snyk detector (#2559)72fb2b9
MaxMind detector uses the right endpoint (#2577)baf7ea1
feat(gitparse): avoid uneeded calls to strconv.Unquote (#2605)e8cc5be
fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.10....d96823b
fix(deps): update module google.golang.org/api to v0.171.0 (#2611)4bd25e6
fix(deps): update module github.com/brianvoe/gofakeit/v6 to v7 (#2524)2921370
fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v7 (#2590)41d5873
Use go 1.22 (#2599)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show