Skip to content

chore(deps): bump gitleaks/gitleaks-action from 2.3.9 to 3.0.0#1145

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/gitleaks/gitleaks-action-3.0.0
Open

chore(deps): bump gitleaks/gitleaks-action from 2.3.9 to 3.0.0#1145
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/gitleaks/gitleaks-action-3.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 5, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps gitleaks/gitleaks-action from 2.3.9 to 3.0.0.

Release notes

Sourced from gitleaks/gitleaks-action's releases.

v3.0.0

What's changed

gitleaks-action v3 migrates the runtime from Node 20 to Node 24. No changes to inputs, outputs, or behavior. Update your workflow from gitleaks/gitleaks-action@v2 to gitleaks/gitleaks-action@v3.

Migration

# Before
- uses: gitleaks/gitleaks-action@v2
After

uses: gitleaks/gitleaks-action@v3

Why

GitHub is deprecating the Node 20 runtime for Actions:

  • June 2, 2026: GitHub flips the runner default to Node 24. Workflows using gitleaks-action@v2 (Node 20) will still run, but only if ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true is set as an environment variable.
  • September 16, 2026: Node 20 is removed from GitHub-hosted runners entirely. gitleaks-action@v2 stops working regardless of any opt-out flag.

Changes

  • action.yml: runtime node20node24
  • @actions/core: 1.10.0 → 1.11.1
  • dist/ rebuilt
  • Example workflows updated to actions/checkout@v6 and gitleaks-action@v3
  • README updated with v3 migration guide

Self-hosted runners

If you use self-hosted runners, ensure your runner version is >= v2.327.1 (required for Node 24 support).

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 5, 2026
@dependabot dependabot Bot requested a review from vibeforge1111 as a code owner June 5, 2026 14:45
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 5, 2026
@dependabot
chore(deps): bump gitleaks/gitleaks-action from 2.3.9 to 3.0.0
3606008 
Bumps [gitleaks/gitleaks-action](https://github.com/gitleaks/gitleaks-action) from 2.3.9 to 3.0.0.
- [Release notes](https://github.com/gitleaks/gitleaks-action/releases)
- [Commits](gitleaks/gitleaks-action@ff98106...e0c47f4)

---
updated-dependencies:
- dependency-name: gitleaks/gitleaks-action
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/gitleaks/gitleaks-action-3.0.0 branch from c3855b2 to 3606008 Compare June 12, 2026 05:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vibeforge1111 vibeforge1111 Awaiting requested review from vibeforge1111 vibeforge1111 is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants