Skip to content

chore(ci): bump gitleaks/gitleaks-action from 2 to 3#9

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/gitleaks/gitleaks-action-3
Open

chore(ci): bump gitleaks/gitleaks-action from 2 to 3#9
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/gitleaks/gitleaks-action-3

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Jun 1, 2026
edited
Loading

Bumps gitleaks/gitleaks-action from 2 to 3.

Release notes

Sourced from gitleaks/gitleaks-action's releases.

v3.0.0

What's changed

gitleaks-action v3 migrates the runtime from Node 20 to Node 24. No changes to inputs, outputs, or behavior. Update your workflow from gitleaks/gitleaks-action@v2 to gitleaks/gitleaks-action@v3.

Migration

# Before
- uses: gitleaks/gitleaks-action@v2
After

uses: gitleaks/gitleaks-action@v3

Why

GitHub is deprecating the Node 20 runtime for Actions:

  • June 2, 2026: GitHub flips the runner default to Node 24. Workflows using gitleaks-action@v2 (Node 20) will still run, but only if ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true is set as an environment variable.
  • September 16, 2026: Node 20 is removed from GitHub-hosted runners entirely. gitleaks-action@v2 stops working regardless of any opt-out flag.

Changes

  • action.yml: runtime node20node24
  • @actions/core: 1.10.0 → 1.11.1
  • dist/ rebuilt
  • Example workflows updated to actions/checkout@v6 and gitleaks-action@v3
  • README updated with v3 migration guide

Self-hosted runners

If you use self-hosted runners, ensure your runner version is >= v2.327.1 (required for Node 24 support).

v2.3.9

What's Changed

Full Changelog: gitleaks/gitleaks-action@v2.3.8...v2.3.9

v2.3.8

What's Changed

New Contributors

Full Changelog: gitleaks/gitleaks-action@v2.3.7...v2.3.8

... (truncated)

Commits

@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github Jun 1, 2026

Labels

The following labels could not be found: ci, dependabot. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from SchoenTom as a code owner June 1, 2026 23:51
@dependabot
chore(ci): bump gitleaks/gitleaks-action from 2 to 3
f4275b7 
Bumps [gitleaks/gitleaks-action](https://github.com/gitleaks/gitleaks-action) from 2 to 3.
- [Release notes](https://github.com/gitleaks/gitleaks-action/releases)
- [Commits](gitleaks/gitleaks-action@v2...v3)

---
updated-dependencies:
- dependency-name: gitleaks/gitleaks-action
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/gitleaks/gitleaks-action-3 branch from 16503db to f4275b7 Compare June 6, 2026 01:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SchoenTom SchoenTom Awaiting requested review from SchoenTom SchoenTom is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants