chore(deps): bump trufflesecurity/trufflehog from 3.95.5 to 3.95.6 by dependabot[bot] · Pull Request #512 · hyperpolymath/hypatia

dependabot · 2026-06-18T21:04:36Z

Bumps trufflesecurity/trufflehog from 3.95.5 to 3.95.6.

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.95.6

What's Changed

Enigma detector enhance verification to prevent false verified findings by @shahzadhaider1 in trufflesecurity/trufflehog#5011

fix: scan files with lines exceeding bufio's default 64 KB token limit by @MuneebUllahKhan222 in trufflesecurity/trufflehog#5022

fix(postgres): honor ignore tags for default port URLs by @Dawn-Fighter in trufflesecurity/trufflehog#4968

Move to github.com/moby/moby/client from docker/docker by @trufflesteeeve in trufflesecurity/trufflehog#4987

fix: avoid terminal probes before CLI output by @Hackerchen716 in trufflesecurity/trufflehog#4994

Update test containers dependency by @trufflesteeeve in trufflesecurity/trufflehog#4978

Re-host pkg/handlers JSON test fixtures under the org by @amanfcp in trufflesecurity/trufflehog#5023

[INS-465] Add datadogapikey detector to defaults.go by @mustansir14 in trufflesecurity/trufflehog#4969

[INS-470] Add Tly detector to defaults.go, gate it behind feat flag and update its verification logic by @MuneebUllahKhan222 in trufflesecurity/trufflehog#5006

[INS-473] Add wit detector to defaults.go, gate it behind feat flag and update verification logic by @MuneebUllahKhan222 in trufflesecurity/trufflehog#5008

Updating Klaviyo PK new format by @breetan in trufflesecurity/trufflehog#5009

Restructure Klaviyo detector pattern tests by @martinlocklear in trufflesecurity/trufflehog#5026

Replace Renovate config with shared preset (high-risk tier) by @bryanbeverly in trufflesecurity/trufflehog#4992

set redacted value to last 4 characters of secret, to match how the secret type admin interface displays it by @jordanTunstill in trufflesecurity/trufflehog#5027

GitHub finegrained analyzer was improperly handling errors by @dustin-decker in trufflesecurity/trufflehog#4498

[INS-469] Added Rev detectors to defaults.go and gated it behind feature flag by @MuneebUllahKhan222 in trufflesecurity/trufflehog#5005

Fix Renovate lookup: update setup-captain version comment by @bryanbeverly in trufflesecurity/trufflehog#4999

[INS-472] [INS-515] Add user detector to defaults.go, gate it behind feat flag, update verification logic and add custom ep configuration by @MuneebUllahKhan222 in trufflesecurity/trufflehog#5007

Fix: Resolve known dedup issues in notifierWorker by @MuneebUllahKhan222 in trufflesecurity/trufflehog#5028

fix(dropbox): prevent long sl.u. tokens from being truncated by @lukem-ts in trufflesecurity/trufflehog#5012

fix: add filetype=sdist param to pypi detector by @lukem-ts in trufflesecurity/trufflehog#4988

Handlers - Embed small HTTP test fixtures by @amanfcp in trufflesecurity/trufflehog#5001

S3: surface bucket listing failures and fix multi-role object count by @shahzadhaider1 in trufflesecurity/trufflehog#5035

New Contributors

@Dawn-Fighter made their first contribution in trufflesecurity/trufflehog#4968

@Hackerchen716 made their first contribution in trufflesecurity/trufflehog#4994

@breetan made their first contribution in trufflesecurity/trufflehog#5009

@lukem-ts made their first contribution in trufflesecurity/trufflehog#5012

Full Changelog: trufflesecurity/trufflehog@v3.95.4...v3.95.6

Commits

30d5bb9 S3: surface bucket listing failures and fix multi-role object count (#5035)
f0739f1 close todo - embed small HTTP test fixtures (#5001)
36d680a add filetype=sdist param so we get the correct response code (#4988)
248ffd5 fix(dropbox): prevent long sl.u. tokens from being truncated before verificat...
afbdaa8 Fix: Resolve known dedup issues in notifierWorker (#5028)
7bcf376 [INS-472] [INS-515] Add user detector to defaults.go, gate it behind feat fla...
84a2b33 Fix Renovate lookup: update setup-captain version comment (#4999)
ac0805e [INS-469] Added Rev detectors to defaults.go and gated it behind feature flag...
d03d087 GitHub finegrain analyzer was improperly handling errors (#4498)
b64cefe set redacted value to last 4 characters of secret, to match how the secret ty...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.95.5 to 3.95.6. - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](trufflesecurity/trufflehog@d411fff...30d5bb9) --- updated-dependencies: - dependency-name: trufflesecurity/trufflehog dependency-version: 3.95.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-06-18T21:05:35Z

🔍 Hypatia Security Scan

Findings: 42 issues detected

Severity	Count
🔴 Critical	0
🟠 High	0
🟡 Medium	42

View findings

[
  {
    "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.",
    "type": "GS007",
    "file": ".",
    "action": "delete_remote_branches",
    "rule_module": "git_state",
    "severity": "medium"
  },
  {
    "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old",
    "type": "CSA001",
    "file": "src/ui/gossamer/README.adoc",
    "action": "review",
    "rule_module": "code_scanning_alerts",
    "severity": "medium"
  },
  {
    "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old",
    "type": "CSA001",
    "file": "scripts/ci-tools/Cargo.toml",
    "action": "review",
    "rule_module": "code_scanning_alerts",
    "severity": "medium"
  },
  {
    "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old",
    "type": "CSA001",
    "file": "scripts/bench-tools/Cargo.toml",
    "action": "review",
    "rule_module": "code_scanning_alerts",
    "severity": "medium"
  },
  {
    "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old",
    "type": "CSA001",
    "file": "ffi/zig/README.adoc",
    "action": "review",
    "rule_module": "code_scanning_alerts",
    "severity": "medium"
  },
  {
    "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old",
    "type": "CSA001",
    "file": "docs/reports/audit/audit-2026-04-15-post.md",
    "action": "review",
    "rule_module": "code_scanning_alerts",
    "severity": "medium"
  },
  {
    "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old",
    "type": "CSA001",
    "file": "docs/integration/github-registry.adoc",
    "action": "review",
    "rule_module": "code_scanning_alerts",
    "severity": "medium"
  },
  {
    "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old",
    "type": "CSA001",
    "file": "docs/integration/github-registry.adoc",
    "action": "review",
    "rule_module": "code_scanning_alerts",
    "severity": "medium"
  },
  {
    "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old",
    "type": "CSA001",
    "file": "docs/integration/a2ml-k9.md",
    "action": "review",
    "rule_module": "code_scanning_alerts",
    "severity": "medium"
  },
  {
    "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old",
    "type": "CSA001",
    "file": "docs/architecture/system-integration.md",
    "action": "review",
    "rule_module": "code_scanning_alerts",
    "severity": "medium"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 18, 2026

hyperpolymath merged commit b3dd345 into main Jun 19, 2026
40 checks passed

hyperpolymath deleted the dependabot/github_actions/trufflesecurity/trufflehog-3.95.6 branch June 19, 2026 06:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump trufflesecurity/trufflehog from 3.95.5 to 3.95.6#512

chore(deps): bump trufflesecurity/trufflehog from 3.95.5 to 3.95.6#512
hyperpolymath merged 1 commit into
mainfrom
dependabot/github_actions/trufflesecurity/trufflehog-3.95.6

dependabot Bot commented on behalf of github Jun 18, 2026

Uh oh!

github-actions Bot commented Jun 18, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 18, 2026

v3.95.6

What's Changed

New Contributors

Uh oh!

github-actions Bot commented Jun 18, 2026

🔍 Hypatia Security Scan

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant