From 88496a426a3c159162ec196e04ed2dc7989e3a72 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Mar 2026 10:01:08 +0000
Subject: [PATCH] ci(github-actions): bump the github-actions group across 1
 directory with 2 updates

Bumps the github-actions group with 2 updates in the / directory: [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) and [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog).


Updates `aquasecurity/trivy-action` from 0.34.2 to 0.35.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/97e0b3872f55f89b95b2f65b3dbab56962816478...57a97c7e7821a5776cebc9bb87c984fa69cba8f1)

Updates `trufflesecurity/trufflehog` from 3.93.6 to 3.93.7
- [Release notes](https://github.com/trufflesecurity/trufflehog/releases)
- [Commits](https://github.com/trufflesecurity/trufflehog/compare/041f07e9df901a1038a528e5525b0226d04dd5ea...c3e599b7163e8198a55467f3133db0e7b2a492cb)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: trufflesecurity/trufflehog
  dependency-version: 3.93.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/scans.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/scans.yml b/.github/workflows/scans.yml
index 794d6677..910198c4 100644
--- a/.github/workflows/scans.yml
+++ b/.github/workflows/scans.yml
@@ -319,14 +319,14 @@ jobs:
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
-      - uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # 0.30
+      - uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.30
         with:
           scan-type: fs
           format: github
           output: dependency-results.sbom.json
           github-pat: ${{ github.token }}
 
-      - uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # 0.30
+      - uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.30
         with:
           scan-type: fs
           format: sarif
@@ -359,14 +359,14 @@ jobs:
           cache-from: ${{ env.GHCR_IMAGE_NAME }}:cache
           load: true
 
-      - uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # 0.30
+      - uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.30
         with:
           image-ref: ${{ steps.build.outputs.imageid }}
           format: github
           output: dependency-results.sbom.json
           github-pat: ${{ github.token }}
 
-      - uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # 0.30
+      - uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.30
         with:
           image-ref: ${{ steps.build.outputs.imageid }}
           format: sarif
@@ -390,7 +390,7 @@ jobs:
         with:
           fetch-depth: (${{ github.event.pull_request.commits || 2 }} + 1)
 
-      - uses: trufflesecurity/trufflehog@041f07e9df901a1038a528e5525b0226d04dd5ea # v3
+      - uses: trufflesecurity/trufflehog@c3e599b7163e8198a55467f3133db0e7b2a492cb # v3
         with:
           extra_args: --results=verified,unknown