chore(deps): bump the gha group across 1 directory with 2 updates

[dependabot[bot]]

Bumps the gha group with 2 updates in the / directory: aquasecurity/trivy-action and trufflesecurity/trufflehog.

Updates aquasecurity/trivy-action from 0.18.0 to 0.21.0

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.21.0

What's Changed

• bump trivy version to v0.51.2 by @​Dr-DevOps in aquasecurity/trivy-action#360

New Contributors

• @​Dr-DevOps made their first contribution in aquasecurity/trivy-action#360

Full Changelog: https://github.com/aquasecurity/trivy-action/compare/0.20.0...0.21.0

v0.20.0

What's Changed

• Make 'hide-progress' input working again by @​uridium in aquasecurity/trivy-action#323
• feat(image): add --docker-host option for GH Action users by @​calinmarina in aquasecurity/trivy-action#267
• Browse Trivy reports without GitHub Advanced Security license by @​uridium in aquasecurity/trivy-action#328
• Fix docker host bug by @​admiralAwkbar in aquasecurity/trivy-action#329
• Bump trivy version to v0.50.2 by @​pdefreitas in aquasecurity/trivy-action#341
• update tests by @​nikpivkin in aquasecurity/trivy-action#334
• bump trivy version to v0.51.1 by @​simar7 in aquasecurity/trivy-action#353

New Contributors

• @​uridium made their first contribution in aquasecurity/trivy-action#323
• @​calinmarina made their first contribution in aquasecurity/trivy-action#267
• @​admiralAwkbar made their first contribution in aquasecurity/trivy-action#329
• @​pdefreitas made their first contribution in aquasecurity/trivy-action#341

Full Changelog: https://github.com/aquasecurity/trivy-action/compare/0.19.0...0.20.0

v0.19.0

What's Changed

• bump trivy version to v0.50.1 by @​simar7 in aquasecurity/trivy-action#324

Full Changelog: https://github.com/aquasecurity/trivy-action/compare/0.18.0...0.19.0

Commits

• fd25fed bump trivy version to v0.51.2 (#360)
• b2933f5 bump trivy version to v0.51.1 (#353)
• b2cd5ff Update bump-trivy.yaml
• 6f8c237 update tests (#334)
• 7088d18 Revert "fix: 🐛 allow trivy-config and other options to be used together (#338)"
• ee6a4f5 fix: 🐛 allow trivy-config and other options to be used together (#338)
• b5f4977 Bump trivy version to v0.50.2 (#341)
• 207cd40 Fix docker host bug (#329)
• 840deb4 Browse scan reports without GitHub Advanced Security license (#328)
• 0f287db feat(image): add --docker-host option for GH Action users (#267)
• Additional commits viewable in compare view

Updates trufflesecurity/trufflehog from 3.71.0 to 3.77.0

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.77.0

What's Changed

• Remove "finished verificationOverlap chunks" log line by @​rgmz in trufflesecurity/trufflehog#2860
• fix(deps): update module github.com/wasilibs/go-re2 to v1.5.3 by @​renovate in trufflesecurity/trufflehog#2861
• fix(deps): update module google.golang.org/api to v0.181.0 by @​renovate in trufflesecurity/trufflehog#2857
• fix(deps): update module github.com/aws/aws-sdk-go to v1.53.5 by @​renovate in trufflesecurity/trufflehog#2859
• Update azure storage extra data by @​abmussani in trufflesecurity/trufflehog#2808
• Update regex for Organization in Azure Devops detector by @​abmussani in trufflesecurity/trufflehog#2866
• fix(deps): update module github.com/aws/aws-sdk-go to v1.53.6 by @​renovate in trufflesecurity/trufflehog#2867
• [chore] - Use http.NewRequestWithContext by @​ahrav in trufflesecurity/trufflehog#2870
• adding Groq detector by @​0x1 in trufflesecurity/trufflehog#2873
• Log reasons for GitLab repo exclusion by @​rosecodym in trufflesecurity/trufflehog#2875
• [github] Scan user repositories by @​rgmz in trufflesecurity/trufflehog#2814
• Elastic adapter by @​camgunz in trufflesecurity/trufflehog#2727
• Improve handling of Gist URLs by @​rgmz in trufflesecurity/trufflehog#2653
• Fix some GitHub source test issues by @​rgmz in trufflesecurity/trufflehog#2774
• fix(deps): update module github.com/aws/aws-sdk-go to v1.53.10 by @​renovate in trufflesecurity/trufflehog#2871
• fix(deps): update module github.com/go-logr/logr to v1.4.2 by @​renovate in trufflesecurity/trufflehog#2869
• fix(deps): update module cloud.google.com/go/secretmanager to v1.13.1 by @​renovate in trufflesecurity/trufflehog#2884
• fix(deps): update golang.org/x/exp digest to 4c93da0 by @​renovate in trufflesecurity/trufflehog#2883
• fix(deps): update module github.com/elastic/go-elasticsearch/v8 to v8.13.1 by @​renovate in trufflesecurity/trufflehog#2886
• fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.4 by @​renovate in trufflesecurity/trufflehog#2890
• Added extra data for LaunchDarkly by @​abmussani in trufflesecurity/trufflehog#2836
• feat: support docker image history scanning by @​jamestelfer in trufflesecurity/trufflehog#2882

New Contributors

• @​camgunz made their first contribution in trufflesecurity/trufflehog#2727
• @​jamestelfer made their first contribution in trufflesecurity/trufflehog#2882

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.76.3...v3.77.0

v3.76.3

What's Changed

• fix(deps): update module github.com/aws/aws-sdk-go to v1.53.3 by @​renovate in trufflesecurity/trufflehog#2849
• Integromat detector - Deprecated by @​abmussani in trufflesecurity/trufflehog#2856
• add tolower to all keywords, and remove return on error for global vars by @​zricethezav in trufflesecurity/trufflehog#2852
• Adding postman to sub-commands list by @​CarlesLlobet in trufflesecurity/trufflehog#2813
• [chore] - upgrade Github dep by @​ahrav in trufflesecurity/trufflehog#2858
• [chore] - move buffers pkg out of writers pkg by @​ahrav in trufflesecurity/trufflehog#2826
• [refactor] - remove redundant chunking by @​ahrav in trufflesecurity/trufflehog#2855

New Contributors

• @​CarlesLlobet made their first contribution in trufflesecurity/trufflehog#2813

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.76.2...v3.76.3

v3.76.2

What's Changed

• [bug] - Handle empty reader case in newFileReader by @​ahrav in trufflesecurity/trufflehog#2854

... (truncated)

Commits

• 0024b6c feat: support docker image history scanning (#2882)
• 18b8101 Added extra data for LaunchDarkly (#2836)
• 48b570d fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.4 (#2890)
• 5f96f3c fix(deps): update module github.com/elastic/go-elasticsearch/v8 to v8.13.1 (#...
• a591f39 fix(deps): update golang.org/x/exp digest to 4c93da0 (#2883)
• 3460629 fix(deps): update module cloud.google.com/go/secretmanager to v1.13.1 (#2884)
• 45246c3 fix(deps): update module github.com/go-logr/logr to v1.4.2 (#2869)
• 3632349 fix(deps): update module github.com/aws/aws-sdk-go to v1.53.10 (#2871)
• 5102e3a test(github): fix some errors (#2774)
• e53f5bd Improve handling of Gist URLs (#2653)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.