chore(deps): bump the dependencies group with 2 updates

[dependabot[bot]]

Bumps the dependencies group with 2 updates: aquasecurity/trivy-action and trufflesecurity/trufflehog.

Updates aquasecurity/trivy-action from 0.27.0 to 0.28.0

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.28.0

What's Changed

• chore(deps): bump setup-trivy to v0.2.1 by @​DmitriyLewen in aquasecurity/trivy-action#411

Full Changelog: https://github.com/aquasecurity/trivy-action/compare/0.27.0...0.28.0

Commits

• 915b19b chore(deps): bump setup-trivy to v0.2.1 (#411)
• See full diff in compare view

Updates trufflesecurity/trufflehog from 3.82.8 to 3.82.11

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.82.11

What's Changed

• Revert "Compress release with UPX" by @​dustin-decker in trufflesecurity/trufflehog#3455

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.82.10...v3.82.11

v3.82.10

What's Changed

• Ignore https: as false positive for slackwebhook detector by @​kashifkhan0771 in trufflesecurity/trufflehog#3425
• Compress release with UPX by @​dustin-decker in trufflesecurity/trufflehog#3445

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.82.9...v3.82.10

v3.82.9

What's Changed

• fix(deps): update module github.com/xanzy/go-gitlab to v0.111.0 by @​renovate in trufflesecurity/trufflehog#3393
• Add SaladCloud API Key detector by @​seniorquico in trufflesecurity/trufflehog#3273
• add description to salad by @​zricethezav in trufflesecurity/trufflehog#3397
• [chore] Update custom detector default description by @​mcastorina in trufflesecurity/trufflehog#3398
• [bug] - fix test by @​ahrav in trufflesecurity/trufflehog#3400
• Update SaladCloud description by @​seniorquico in trufflesecurity/trufflehog#3399
• fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.6 by @​renovate in trufflesecurity/trufflehog#3407
• fix(deps): update module github.com/getsentry/sentry-go to v0.29.1 by @​renovate in trufflesecurity/trufflehog#3408
• fix(deps): update module github.com/xanzy/go-gitlab to v0.112.0 by @​renovate in trufflesecurity/trufflehog#3410
• Propagate file info in log context by @​rgmz in trufflesecurity/trufflehog#3405
• [detector] Implemented Box Detector by @​abmussani in trufflesecurity/trufflehog#3242
• [fix] - resource leak by @​ahrav in trufflesecurity/trufflehog#3402
• feat: add github comments timeframe filtering (fixes #3388) by @​JonZeolla in trufflesecurity/trufflehog#3390
• fix(deps): update module google.golang.org/api to v0.201.0 by @​renovate in trufflesecurity/trufflehog#3416
• Add feature flags to CLI args by @​ktranSC in trufflesecurity/trufflehog#3359
• Include integration test in generate.go by @​rgmz in trufflesecurity/trufflehog#3415
• fix(deps): update module github.com/prometheus/client_golang to v1.20.5 by @​renovate in trufflesecurity/trufflehog#3412

New Contributors

• @​seniorquico made their first contribution in trufflesecurity/trufflehog#3273
• @​ktranSC made their first contribution in trufflesecurity/trufflehog#3359

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.82.8...v3.82.9

Commits

• b66c167 Revert "Compress release with UPX (#3445)" (#3455)
• c46d52b Compress release with UPX (#3445)
• e6c43ca ignore https as false postive for slackwebhook detector (#3425)
• 8988cb5 fix(deps): update module github.com/prometheus/client_golang to v1.20.5 (#3412)
• c39c5cb fix: include integration test in generate.go (#3415)
• aa23f3d Add feature flags to CLI args (#3359)
• 75dd64b fix(deps): update module google.golang.org/api to v0.201.0 (#3416)
• 4ea311d feat: add github comments timeframe filtering (fixes #3388) (#3390)
• bf38b84 [fix] - resource leak (#3402)
• aa17b8e [detector] Implemented Box Detector (#3242)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[sonarcloud[bot]]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud