build(deps): bump trufflesecurity/trufflehog from 3.82.2 to 3.88.0 (#128

) * build(deps): bump trufflesecurity/trufflehog from 3.82.2 to 3.88.0 Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.82.2 to 3.88.0. - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Changelog](https://github.com/trufflesecurity/trufflehog/blob/main/.goreleaser.yml) - [Commits](trufflesecurity/trufflehog@7e78ca3...ddc015e) --- updated-dependencies: - dependency-name: trufflesecurity/trufflehog dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Add already closed dependabot issues * org.postgresql:postgresql from 42.7.3 to 42.7.4 * aquasecurity/trivy-action from 0.24.0 to 0.29.0 * jupiter from 5.10.3 to 5.11.4 Signed-off-by: Lars Geyer-Blaumeiser <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Lars Geyer-Blaumeiser <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Geyer-Blaumeiser <[email protected]>
eclipse-tractusx · Jan 14, 2025 · 864efb5 · 864efb5
1 parent 1731e52
commit 864efb5
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/.github/workflows/secrets-scan.yml b/.github/workflows/secrets-scan.yml
@@ -46,7 +46,7 @@ jobs:
 
       - name: TruffleHog OSS
         id: trufflehog
-        uses: trufflesecurity/trufflehog@7e78ca385fb82c19568c7a4b341c97d57d9aa5e1
+        uses: trufflesecurity/trufflehog@ddc015e5ed99942b2253d8ea16a0586a01ef2ab1
         continue-on-error: true
         with:
           path: ./  # Scan the entire repository

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -58,7 +58,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0.24.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           scan-type: "config"
           # ignore-unfixed: true
@@ -98,7 +98,7 @@ jobs:
         ## the next two steps will only execute if the image exists check was successful
       - name: Run Trivy vulnerability scanner
         if: success() && steps.imageCheck.outcome != 'failure'
-        uses: aquasecurity/trivy-action@0.24.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: "tractusx/${{ matrix.image }}:sha-${{ needs.git-sha7.outputs.value }}"
           format: "sarif"

diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
@@ -6,8 +6,8 @@ assertj = "3.26.3"
 edc = "0.7.1"
 nimbus = "9.40"
 restAssured = "5.5.0"
-jupiter = "5.10.3"
-postgres = "42.7.3"
+jupiter = "5.11.4"
+postgres = "42.7.4"
 flyway = "10.15.2"