Update all dependencies #67

renovate · 2025-12-15T00:56:50Z

This PR contains the following updates:

Package	Type	Update	Change
actions/download-artifact	action	major	`v6` -> `v7`
actions/upload-artifact	action	major	`v5` -> `v6`
dawidd6/action-send-mail	action	major	`v6` -> `v7`
trufflesecurity/trufflehog	action	patch	`v3.92.3` -> `v3.92.4`

Release Notes

actions/download-artifact (actions/download-artifact)

`v7`

Compare Source

actions/upload-artifact (actions/upload-artifact)

`v6`

Compare Source

dawidd6/action-send-mail (dawidd6/action-send-mail)

`v7`

Compare Source

What's Changed

build(deps): bump nodemailer from 7.0.3 to 7.0.4 by @dependabot[bot] in #230
build(deps): bump nodemailer from 7.0.4 to 7.0.5 by @dependabot[bot] in #232
build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in #233
build(deps): bump nodemailer from 7.0.5 to 7.0.6 by @dependabot[bot] in #235
build(deps): bump nodemailer from 7.0.6 to 7.0.7 by @dependabot[bot] in #236
build(deps): bump nodemailer from 7.0.7 to 7.0.9 by @dependabot[bot] in #237
build(deps): bump nodemailer from 7.0.9 to 7.0.10 by @dependabot[bot] in #239
build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in #241
build(deps): bump @actions/core from 1.11.1 to 2.0.0 by @dependabot[bot] in #243
build(deps): bump nodemailer from 7.0.10 to 7.0.11 by @dependabot[bot] in #242
build(deps): bump @actions/core from 2.0.0 to 2.0.1 by @dependabot[bot] in #244
build(deps): bump nodemailer from 7.0.11 to 7.0.12 by @dependabot[bot] in #245
node_modules: update by @dawidd6 in #246

Full Changelog: dawidd6/action-send-mail@v6...v7

trufflesecurity/trufflehog (trufflesecurity/trufflehog)

`v3.92.4`

Compare Source

What's Changed

[INS-170] Unify JDBC URL parsing across detectors and analyzers by @mustansir14 in #4574
Pagination and Rate-Limit Handling In Docker Registry Namespace API Calls by @nabeelalam in #4557
[INS-226] Use pinned image for Quay registry Integration test by @mustansir14 in #4602
Update module golang.org/x/crypto to v0.45.0 [SECURITY] by @renovate[bot] in #4562
[INS-207] Add Role-Aware Resumption Support for Legacy S3 Scan by @MuneebUllahKhan222 in #4600
Enable line numbers for GitHub Real-time by @rosecodym in #4611

Full Changelog: trufflesecurity/trufflehog@v3.92.3...v3.92.4

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

This change is

github-actions · 2025-12-25T12:59:00Z

Dependency Review

The following issues were found:

✅ 0 vulnerable package(s)
❌ 1 package(s) with incompatible licenses
✅ 0 package(s) with invalid SPDX license definitions
✅ 0 package(s) with unknown licenses.

See the Details below.

License Issues

.github/workflows/shared-secret-scan.yml

Package	Version	License	Issue Type
trufflesecurity/trufflehog	ef6e76c3c4023279497fab4721ffa071a722fd05	AGPL-3.0	Incompatible License

Allowed Licenses:
CC0-1.0, Unlicense, WTFPL, 0BSD, MIT, Apache-2.0, ISC, BSD-2-Clause, BSD-3-Clause, Zlib, MPL-1.1, MPL-2.0, CDDL-1.0, EPL-1.0, EPL-2.0, CECILL-2.1, LGPL-2.1-only, LGPL-2.1-or-later, LGPL-3.0-only, LGPL-3.0-or-later, EUPL-1.0, EUPL-1.1, EUPL-1.2, AAL, AFL-3.0, Apache-1.1, APL-1.0, APSL-2.0, Artistic-1.0-Perl, Artistic-2.0, BSL-1.0, CATOSL-1.1, CPAL-1.0, CUA-OPL-1.0, ECL-2.0, EFL-2.0, Entessa, EUDatagrid, Fair, LPPL-1.3c, LPL-1.02, MirOS, Motosoto, Multics, NASA-1.3, NCSA, NTP, Naumen, Nokia, PostgreSQL, PSF-2.0, RPSL-1.0, RSCPL, SimPL-2.0, Sleepycat, SPL-1.0, VSL-1.0, W3C, W3C-20150513, Xnet, ZPL-2.0

OpenSSF Scorecard

Package

Version

Score

Details

actions/dawidd6/action-send-mail

6e71c855c9a091d80a519621b9fd3e8d252ca40c

🟢 3.9

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	⚠️ 1	Found 2/14 approved changesets -- score normalized to 1
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 6	8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 8	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

actions/trufflesecurity/trufflehog

ef6e76c3c4023279497fab4721ffa071a722fd05

🟢 7.1

Details

Check	Score	Reason
Code-Review	🟢 10	all changesets reviewed
Maintained	🟢 10	30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	🟢 9	security policy file detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Binary-Artifacts	🟢 9	binaries present in source code
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	🟢 5	branch protection is not maximal on development and all release branches
Signed-Releases	🟢 8	5 out of the last 5 releases have a total of 5 signed artifacts.
Packaging	🟢 10	packaging workflow detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
SAST	🟢 10	SAST tool is run on all commits

Scanned Files

.github/workflows/shared-secret-scan.yml

renovate bot added the dependencies label Dec 15, 2025

renovate bot requested a review from a team December 15, 2025 00:56

renovate bot force-pushed the renovate/all branch from 7e3cf7d to 2203c93 Compare December 19, 2025 16:33

Update all dependencies

fbe0a96

renovate bot force-pushed the renovate/all branch from 2203c93 to fbe0a96 Compare December 25, 2025 12:58

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update all dependencies #67

Update all dependencies #67

Uh oh!

renovate bot commented Dec 15, 2025 •

edited by culka

Loading

Uh oh!

github-actions bot commented Dec 25, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Update all dependencies #67

Are you sure you want to change the base?

Update all dependencies #67

Uh oh!

Conversation

renovate bot commented Dec 15, 2025 • edited by culka Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

v7

v6

v7

What's Changed

v3.92.4

What's Changed

Configuration

Uh oh!

github-actions bot commented Dec 25, 2025

Dependency Review

License Issues

.github/workflows/shared-secret-scan.yml

OpenSSF Scorecard

Scanned Files

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

renovate bot commented Dec 15, 2025 •

edited by culka

Loading

`v7`

`v6`

`v7`

`v3.92.4`