chore(deps): bump trufflesecurity/trufflehog from 3.95.3 to 3.95.5

[dependabot]

Bumps trufflesecurity/trufflehog from 3.95.3 to 3.95.5.

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.95.5

What's Changed

• [INS-461] Add test to ensure new detectors are registered in defaults.go by @​mustansir14 in trufflesecurity/trufflehog#4915
• [INS-455] Unify common logic in Atlassian Data Center detectors by @​mustansir14 in trufflesecurity/trufflehog#4907
• fix(github): cache repo info under original URL on redirect by @​kashifkhan0771 in trufflesecurity/trufflehog#4958
• Added GitLab OAuth Detector by @​shahzadhaider1 in trufflesecurity/trufflehog#4729
• Box Detector: Extract Subject ID for Analyzer Integration by @​shahzadhaider1 in trufflesecurity/trufflehog#4761
• [INS-346] SpectralOps Personal API Key Detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4770
• [INS-335] Added AWS Appsync Detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4803
• fix(twilio): deduplicate matches to prevent O(N×M) result explosion by @​kashifkhan0771 in trufflesecurity/trufflehog#4954
• Automate corpora testing in CI by @​mustansir14 in trufflesecurity/trufflehog#4927
• Enable errcheck and staticcheck for golangci-lint v2 and resolve all issues by @​amanfcp in trufflesecurity/trufflehog#4924
• feat: add host, db and username to ExtraData for database detectors by @​mariocj89 in trufflesecurity/trufflehog#4849
• Remove over speculation from Corpora CI workflow by @​mustansir14 in trufflesecurity/trufflehog#4974
• Fix line numbers for duplicate secrets within a chunk by @​amanfcp in trufflesecurity/trufflehog#4910
• Add feature flags for Pinecone, Cloudinary, and GitLab OAuth detectors by @​camgunz in trufflesecurity/trufflehog#4961
• Update Go security dependencies by @​cursor[bot] in trufflesecurity/trufflehog#4986
• Pin GitHub Actions to SHA digests by @​bryanbeverly in trufflesecurity/trufflehog#4985
• Update CODEOWNERS: replace 5 slugs with scanning + integrations by @​bryanbeverly in trufflesecurity/trufflehog#4983
• Added source config flags to sharepoint proto by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4972
• [SCAN-795] HTML decoder: ASPX and entity-encoded HTML support by @​mustansir14 in trufflesecurity/trufflehog#4981
• adds some debugging info for APKs and fixes issues parsing obfuscated APKs by @​johannestaas-trufflesec in trufflesecurity/trufflehog#4991

New Contributors

• @​mariocj89 made their first contribution in trufflesecurity/trufflehog#4849
• @​cursor[bot] made their first contribution in trufflesecurity/trufflehog#4986
• @​johannestaas-trufflesec made their first contribution in trufflesecurity/trufflehog#4991

Full Changelog: trufflesecurity/trufflehog@v3.95.3...v3.95.5

v3.95.4

What's Changed

• [INS-461] Add test to ensure new detectors are registered in defaults.go by @​mustansir14 in trufflesecurity/trufflehog#4915
• [INS-455] Unify common logic in Atlassian Data Center detectors by @​mustansir14 in trufflesecurity/trufflehog#4907
• fix(github): cache repo info under original URL on redirect by @​kashifkhan0771 in trufflesecurity/trufflehog#4958
• Added GitLab OAuth Detector by @​shahzadhaider1 in trufflesecurity/trufflehog#4729
• Box Detector: Extract Subject ID for Analyzer Integration by @​shahzadhaider1 in trufflesecurity/trufflehog#4761
• [INS-346] SpectralOps Personal API Key Detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4770
• [INS-335] Added AWS Appsync Detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4803
• fix(twilio): deduplicate matches to prevent O(N×M) result explosion by @​kashifkhan0771 in trufflesecurity/trufflehog#4954
• Automate corpora testing in CI by @​mustansir14 in trufflesecurity/trufflehog#4927
• Enable errcheck and staticcheck for golangci-lint v2 and resolve all issues by @​amanfcp in trufflesecurity/trufflehog#4924
• feat: add host, db and username to ExtraData for database detectors by @​mariocj89 in trufflesecurity/trufflehog#4849
• Remove over speculation from Corpora CI workflow by @​mustansir14 in trufflesecurity/trufflehog#4974
• Fix line numbers for duplicate secrets within a chunk by @​amanfcp in trufflesecurity/trufflehog#4910
• Add feature flags for Pinecone, Cloudinary, and GitLab OAuth detectors by @​camgunz in trufflesecurity/trufflehog#4961
• Update Go security dependencies by @​cursor[bot] in trufflesecurity/trufflehog#4986
• Pin GitHub Actions to SHA digests by @​bryanbeverly in trufflesecurity/trufflehog#4985
• Update CODEOWNERS: replace 5 slugs with scanning + integrations by @​bryanbeverly in trufflesecurity/trufflehog#4983
• Added source config flags to sharepoint proto by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4972

... (truncated)

Commits

• d411fff feat(apk): adds some debugging info for APKs and fixes issues parsing obfusca...
• 26eae1f [SCAN-795] HTML decoder: ASPX and entity-encoded HTML support (#4981)
• 6c8f640 Added source config flags to sharepoint proto (#4972)
• 9f0b97f Update CODEOWNERS: replace 5 slugs with scanning + integrations (#4983)
• 36f6f69 Pin GitHub Actions to SHA digests (#4985)
• 52ebebb Update Go security dependencies (#4986)
• ec67ff2 Add feature flags for Pinecone, Cloudinary, and GitLab OAuth detectors (#4961)
• 0ec3634 Fix line numbers for duplicate secrets within a chunk (#4910)
• 79acbf4 Remove over speculation from Corpora CI workflow (#4974)
• d86254e feat: add host, db and username to ExtraData for database detectors (#4849)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🔍 Hypatia Security Scan

Findings: 186 issues detected

Severity	Count
🔴 Critical	0
🟠 High	0
🟡 Medium	186

View findings

[
  {
    "reason": "Action urin 21 JRE\n        uses: actions/setup-java@be666c2fcd27 needs attention",
    "type": "unpinned_action",
    "file": "verify-proofs.yml",
    "action": "pin_sha",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in clusterfuzzlite.yml",
    "type": "missing_timeout_minutes",
    "file": "clusterfuzzlite.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence

[github-actions]

🔍 Hypatia Security Scan

Findings: 186 issues detected

Severity	Count
🔴 Critical	0
🟠 High	0
🟡 Medium	186

View findings

[
  {
    "reason": "Action urin 21 JRE\n        uses: actions/setup-java@be666c2fcd27 needs attention",
    "type": "unpinned_action",
    "file": "verify-proofs.yml",
    "action": "pin_sha",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in clusterfuzzlite.yml",
    "type": "missing_timeout_minutes",
    "file": "clusterfuzzlite.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence

[github-actions]

🔍 Hypatia Security Scan

Findings: 186 issues detected

Severity	Count
🔴 Critical	0
🟠 High	0
🟡 Medium	186

View findings

[
  {
    "reason": "Action urin 21 JRE\n        uses: actions/setup-java@be666c2fcd27 needs attention",
    "type": "unpinned_action",
    "file": "verify-proofs.yml",
    "action": "pin_sha",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in ci.yml",
    "type": "missing_timeout_minutes",
    "file": "ci.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in clusterfuzzlite.yml",
    "type": "missing_timeout_minutes",
    "file": "clusterfuzzlite.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence