Update all dependencies

This MR contains the following updates:

Package	Type	Update	Change
sigstore/cosign	ironbank-github	minor	v2.1.1 -> v2.2.0
trufflesecurity/trufflehog	ironbank-github	patch	v3.54.1 -> v3.54.3

---

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the logs for more information.

---

Release Notes

sigstore/cosign

v2.2.0

Compare Source

Enhancements

• switch to uploading DSSE types to rekor instead of intoto (#​3113)
• add 'cosign sign' command-line parameters for mTLS (#​3052)
• improve error messages around bundle != payload hash (#​3146)
• make VerifyImageAttestation function public (#​3156)
• Switch to cryptoutils function for SANS (#​3185)
• Handle HTTP_1_1_REQUIRED errors in github provider (#​3172)

Bug Fixes

• Fix nondeterminsitic timestamps (#​3121)

Documentation

• doc: Add example of sign-blob with key in env var (#​3152)
• add deprecation notice for cosign-releases GCS bucket (#​3148)
• update doc links (#​3186)

Others

• Upgrade to go1.21 (#​3188)
• Updates ci tests (#​3142)
• test using latest release of scaffolding (#​3187)
• ci: free up disk space for the gh runner (#​3169)
• update go-github to v53 (#​3116)
• call e2e test for cosign attach (#​3112)
• bump build cross to use go1.20.6 and cosign image to 2.1.1 (#​3108)

Contributors

• Bob Callaway
• Carlos Tadeu Panato Junior
• Dmitry Savintsev
• Hayden B
• Hector Fernandez
• Jason Hall
• Jon Johnson
• Jubril Oyetunji
• Paulo Gomes
• Priya Wadhwa
• 张志强

trufflesecurity/trufflehog

v3.54.3

Compare Source

What's Changed

• Sourcegraph Detectors Iterations by @​shivasurya in https://github.com/trufflesecurity/trufflehog/pull/1742
• [chore] - fix sentry detector by @​ahrav in https://github.com/trufflesecurity/trufflehog/pull/1738
• [bug] - Correctly create azure git links by @​ahrav in https://github.com/trufflesecurity/trufflehog/pull/1743

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.54.2...v3.54.3

v3.54.2

Compare Source

What's Changed

• Add the 'Cause' family of functions to the context wrapper library by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1725
• Add a cancel cause to job cancellation by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1728
• Unify S3 client creation logic by @​rosecodym in https://github.com/trufflesecurity/trufflehog/pull/1657
• update slack webhook with tri-state verification by @​zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1724
• Update to Go 1.21 by @​mcastorina in https://github.com/trufflesecurity/trufflehog/pull/1733
• Add Sourcegraph Token Detection by @​shivasurya in https://github.com/trufflesecurity/trufflehog/pull/1730
• add tri-state verification for twilio detector by @​zubairk14 in https://github.com/trufflesecurity/trufflehog/pull/1729
• update jira detector to match new variable tokens by @​codevbus in https://github.com/trufflesecurity/trufflehog/pull/1720

New Contributors

• @​shivasurya made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1730

Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.54.1...v3.54.2

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This MR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.