build(deps): bump the actions group across 1 directory with 3 updates

[dependabot]

Bumps the actions group with 3 updates in the / directory: trufflesecurity/trufflehog, dependabot/fetch-metadata and DavidAnson/markdownlint-cli2-action.

Updates trufflesecurity/trufflehog from 3.93.8 to 3.95.2

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.95.2

What's Changed

• Revert "[INS-397] Fix git version parser panic on non-numeric patch versions" by @​trufflesteeeve in trufflesecurity/trufflehog#4903

Full Changelog: trufflesecurity/trufflehog@v3.95.1...v3.95.2

v3.95.1

What's Changed

• [INS-444] Fix verification logic in Mesibo detector by @​mustansir14 in trufflesecurity/trufflehog#4884

Full Changelog: trufflesecurity/trufflehog@v3.95.0...v3.95.1

v3.95.0

What's Changed

• Upgrade golangci-lint in CI runner and Makefile by @​amanfcp in trufflesecurity/trufflehog#4861
• Deprecate SquareUp Detector by @​nabeelalam in trufflesecurity/trufflehog#4855
• [INS-397] Fix git version parser panic on non-numeric patch versions by @​shahzadhaider1 in trufflesecurity/trufflehog#4882
• Fix Bitbucket line highlighting URLs by @​shahzadhaider1 in trufflesecurity/trufflehog#4854
• [INS-403] Support Custom endpoint config in hashicorpvaultauth Detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4825
• [INS-398] Added tests to ensure that custom endpoint configuration works in artifactory detectors by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4832
• Host ldap-verify library in trufflesecurity by @​trufflesteeeve in trufflesecurity/trufflehog#4859
• Add AnalysisError type and wrap all analyzer error paths by @​johnelliott in trufflesecurity/trufflehog#4779
• dep-updates: Go 1.25 and dependency refreshes by @​dustin-decker in trufflesecurity/trufflehog#4888
• Fix nil pointer panics in GitHub analyzer gist/repo binding functions by @​shahzadhaider1 in trufflesecurity/trufflehog#4864
• [INS-399] Added Bitbucket data center(on prem) PAT detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4883
• [INS-402] Add Jira Data Center PAT Detector by @​mustansir14 in trufflesecurity/trufflehog#4872
• Add man page generation for trufflehog by @​bryanbeverly in trufflesecurity/trufflehog#4894
• Add Confluence Data Center PAT detector by @​amanfcp in trufflesecurity/trufflehog#4886

Full Changelog: trufflesecurity/trufflehog@v3.94.3...v3.95.0

v3.94.3

What's Changed

• Add release bot workflow by @​bryanbeverly in trufflesecurity/trufflehog#4835
• handle AADSTS50173 as explicit revocation signal for azure refresh tokens by @​jordanTunstill in trufflesecurity/trufflehog#4842
• Add AnalysisInfo to verified results by @​hxnyk in trufflesecurity/trufflehog#4862
• Add nil check and error context to GitHub analyzer by @​johnelliott in trufflesecurity/trufflehog#4858
• [CSM-1857] Fix expired Azure secrets being silently dropped by @​dipto-truffle in trufflesecurity/trufflehog#4845
• Add HTML decoder for secret detection in HTML-formatted sources by @​alafiand in trufflesecurity/trufflehog#4840
• Split out detector types into separate proto file in order to narrow CODEOWNERS scope by @​casey-tran in trufflesecurity/trufflehog#4871

New Contributors

• @​johnelliott made their first contribution in trufflesecurity/trufflehog#4858
• @​dipto-truffle made their first contribution in trufflesecurity/trufflehog#4845
• @​alafiand made their first contribution in trufflesecurity/trufflehog#4840

Full Changelog: trufflesecurity/trufflehog@v3.94.2...v3.94.3

... (truncated)

Commits

• 17456f8 Revert "[INS-397] Fix git version parser panic on non-numeric patch versions ...
• 2b80819 [INS-444] Fix verification logic in Mesibo detector (#4884)
• 6572584 Add Confluence Data Center PAT detector (#4886)
• 4d2a8ef Add man page generation for trufflehog (#4894)
• 0d5afce [INS-402] Add Jira Data Center PAT Detector (#4872)
• 0112444 [INS-399] Added Bitbucket data center(on prem) PAT detector (#4883)
• 371e227 Fix nil pointer panics in GitHub analyzer gist/repo binding functions (#4864)
• 794a6e5 dep-updates: Go 1.25, refresh modules, add dependency workflow skill (#4888)
• 761be88 Add AnalysisError type and wrap all analyzer error paths (#4779)
• 3a11c83 Host ldap-verify library in trufflesecurity (#4859)
• Additional commits viewable in compare view

Updates dependabot/fetch-metadata from 2 to 3

Release notes

Sourced from dependabot/fetch-metadata's releases.

v3.0.0

The breaking change is requiring Node.js version v24 as the Actions runtime.

What's Changed

• feat: Parse versions from metadata links by @​ppkarwasz in dependabot/fetch-metadata#632
• Upgrade actions core and actions github packages by @​truggeri in dependabot/fetch-metadata#649
• docs: Add notes for using alert-lookup with App Token by @​sue445 in dependabot/fetch-metadata#656
• feat!: update Node.js version to v24 by @​sturman in dependabot/fetch-metadata#671
• Switch build tooling from ncc to esbuild by @​truggeri in dependabot/fetch-metadata#676
• Add --legal-comments=none to esbuild build commands by @​jeffwidman in dependabot/fetch-metadata#679
• Bump tsconfig target from es2022 to es2024 by @​jeffwidman in dependabot/fetch-metadata#680
• Remove vestigial outDir from tsconfig.json by @​jeffwidman in dependabot/fetch-metadata#681
• Switch tsconfig module resolution to bundler by @​jeffwidman in dependabot/fetch-metadata#682
• Remove skipLibCheck from tsconfig.json by @​jeffwidman in dependabot/fetch-metadata#683
• Add typecheck step to CI by @​jeffwidman in dependabot/fetch-metadata#685
• Enable noImplicitAny in tsconfig.json by @​jeffwidman in dependabot/fetch-metadata#684
• Upgrade @​actions/core to ^3.0.0 by @​truggeri in dependabot/fetch-metadata#677
• Upgrade @​actions/github to ^9.0.0 and @​octokit/request-error to ^7.1.0 by @​truggeri in dependabot/fetch-metadata#678
• Bump qs from 6.14.0 to 6.14.1 by @​dependabot[bot] in dependabot/fetch-metadata#651
• Bump hono from 4.11.1 to 4.11.4 by @​dependabot[bot] in dependabot/fetch-metadata#652
• Bump hono from 4.11.4 to 4.11.7 by @​dependabot[bot] in dependabot/fetch-metadata#653
• Bump hono from 4.11.7 to 4.12.0 by @​dependabot[bot] in dependabot/fetch-metadata#657
• Bump qs from 6.14.1 to 6.14.2 by @​dependabot[bot] in dependabot/fetch-metadata#655
• Bump @​modelcontextprotocol/sdk from 1.25.1 to 1.26.0 by @​dependabot[bot] in dependabot/fetch-metadata#654
• Bump @​hono/node-server from 1.19.9 to 1.19.10 by @​dependabot[bot] in dependabot/fetch-metadata#665
• Bump hono from 4.12.2 to 4.12.5 by @​dependabot[bot] in dependabot/fetch-metadata#664
• Bump minimatch from 3.1.2 to 3.1.5 by @​dependabot[bot] in dependabot/fetch-metadata#667
• Bump hono from 4.12.5 to 4.12.7 by @​dependabot[bot] in dependabot/fetch-metadata#668
• Bump actions/create-github-app-token from 2.2.1 to 3.0.0 by @​dependabot[bot] in dependabot/fetch-metadata#669
• Bump flatted from 3.3.3 to 3.4.2 by @​dependabot[bot] in dependabot/fetch-metadata#670
• build(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by @​dependabot[bot] in dependabot/fetch-metadata#674

New Contributors

• @​ppkarwasz made their first contribution in dependabot/fetch-metadata#632
• @​truggeri made their first contribution in dependabot/fetch-metadata#649
• @​sue445 made their first contribution in dependabot/fetch-metadata#656
• @​sturman made their first contribution in dependabot/fetch-metadata#671

Full Changelog: dependabot/fetch-metadata@v2...v3.0.0

v2.5.0

What's Changed

• Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot[bot] in dependabot/fetch-metadata#628
• Bump the dev-dependencies group with 11 updates by @​dependabot[bot] in dependabot/fetch-metadata#629
• Bump actions/create-github-app-token from 2.0.6 to 2.1.1 by @​dependabot[bot] in dependabot/fetch-metadata#635
• Bump actions/create-github-app-token from 2.1.1 to 2.1.4 by @​dependabot[bot] in dependabot/fetch-metadata#638
• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in dependabot/fetch-metadata#636
• Bump actions/setup-node from 4 to 5 by @​dependabot[bot] in dependabot/fetch-metadata#637
• Bump actions/setup-node from 5 to 6 by @​dependabot[bot] in dependabot/fetch-metadata#639
• Bump actions/create-github-app-token from 2.1.4 to 2.2.0 by @​dependabot[bot] in dependabot/fetch-metadata#643

... (truncated)

Commits

• 25dd0e3 v3.1.0 (#692)
• e073f50 Merge pull request #705 from dependabot/dependabot/npm_and_yarn/hono-4.12.14
• 0670e16 build(deps-dev): bump hono from 4.12.12 to 4.12.14
• 7a7fe10 Merge pull request #702 from dependabot/dependabot/npm_and_yarn/dependencies-...
• 5168191 Updating dist build
• 23882e1 build(deps): bump @​actions/github in the dependencies group
• 1072469 Merge pull request #701 from dependabot/dependabot/github_actions/actions/cre...
• 43f8a00 build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1
• b4d904a Merge pull request #703 from dependabot/dependabot/npm_and_yarn/globals-17.5.0
• c8046bb build(deps-dev): bump globals from 17.4.0 to 17.5.0
• Additional commits viewable in compare view

Updates DavidAnson/markdownlint-cli2-action from 22 to 23

Release notes

Sourced from DavidAnson/markdownlint-cli2-action's releases.

Update markdownlint-cli2 version (markdownlint-cli2 v0.22.1, markdownlint v0.40.0).

No release notes provided.

Update markdownlint-cli2 version (markdownlint-cli2 v0.22.0, markdownlint v0.40.0), update Node.js dependency to 24.

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.20.0, markdownlint v0.40.0).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.19.0, markdownlint v0.39.0).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.18.1, markdownlint v0.38.0).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.17.2, markdownlint v0.37.4).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.17.0, markdownlint v0.37.0).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.15.0, markdownlint v0.36.1).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.14.0, markdownlint v0.35.0).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.13.0, markdownlint v0.34.0).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.12.1, markdownlint v0.33.0).

Update markdownlint version (markdownlint-cli2 v0.11.0, markdownlint v0.32.1), remove deprecated "command" input.

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.10.0, markdownlint v0.31.1).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.9.2, markdownlint v0.30.0).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.8.1, markdownlint v0.29.0), add "config" and "fix" inputs, deprecate "command" input.

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.7.1, markdownlint v0.28.2).

No release notes provided.

Update markdownlint version (markdownlint-cli2 v0.7.0, markdownlint v0.28.1), include link to rule information in title of annotations (clickable in GitHub).

No release notes provided.

... (truncated)

Commits

• 6b51ade Update to version 23.1.0.
• ea6e0da Freshen generated index.js file.
• 3c4c2c8 Bump markdownlint-cli2 from 0.22.0 to 0.22.1
• 3a933d4 Bump @​actions/core from 3.0.0 to 3.0.1
• 648042e Freshen generated index.js file.
• d1cf982 Bump eslint from 10.2.0 to 10.2.1
• 4db3dfc Bump eslint from 10.1.0 to 10.2.0
• 70dbff9 Bump eslint-plugin-unicorn from 63.0.0 to 64.0.0
• ce4853d Update to version 23.0.0.
• 63a898c Improve type fidelity.
• Additional commits viewable in compare view