chore(deps): update gitleaks/gitleaks-action action to v3 by Renovate-Bot-PedroPombeiro · Pull Request #192 · pedropombeiro/dotfiles

Renovate-Bot-PedroPombeiro · 2026-05-30T22:26:41Z

This PR contains the following updates:

Package	Type	Update	Change
gitleaks/gitleaks-action	action	major	`v2` → `v3`

Release Notes

gitleaks/gitleaks-action (gitleaks/gitleaks-action)

`v3.0.0`

Compare Source

What's changed

gitleaks-action v3 migrates the runtime from Node 20 to Node 24. No changes to inputs, outputs, or behavior. Update your workflow from gitleaks/gitleaks-action@v2 to gitleaks/gitleaks-action@v3.

Migration

# Before
- uses: gitleaks/gitleaks-action@v2

# After
- uses: gitleaks/gitleaks-action@v3

Why

GitHub is deprecating the Node 20 runtime for Actions:

June 2, 2026: GitHub flips the runner default to Node 24. Workflows using gitleaks-action@v2 (Node 20) will still run, but only if ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true is set as an environment variable.
September 16, 2026: Node 20 is removed from GitHub-hosted runners entirely. gitleaks-action@v2 stops working regardless of any opt-out flag.

Changes

action.yml: runtime node20 → node24
@actions/core: 1.10.0 → 1.11.1
dist/ rebuilt
Example workflows updated to actions/checkout@v6 and gitleaks-action@v3
README updated with v3 migration guide

Self-hosted runners

If you use self-hosted runners, ensure your runner version is >= v2.327.1 (required for Node 24 support).

`v3`

Compare Source

`v2.3.9`

Compare Source

What's Changed

bump cache by @zricethezav in #181

Full Changelog: gitleaks/gitleaks-action@v2.3.8...v2.3.9

`v2.3.8`

Compare Source

What's Changed

Add environment variable to override gitleaks baseRef by @paulschuberth in #113
bump default gitleaks version, update license filename, fix vulns by @zricethezav in #178

New Contributors

@paulschuberth made their first contribution in #113

Full Changelog: gitleaks/gitleaks-action@v2.3.7...v2.3.8

`v2.3.7`

Compare Source

What's Changed

Update README.md by @HannesOberreiter in #165

New Contributors

@HannesOberreiter made their first contribution in #165

Full Changelog: gitleaks/gitleaks-action@v2.3.6...v2.3.7

`v2.3.6`

Compare Source

What's Changed

Using DefaultArtifactClient from @actions/artifact package by @codykhon in #157

New Contributors

@codykhon made their first contribution in #157

Full Changelog: gitleaks/gitleaks-action@v2...v2.3.6

`v2.3.5`

Compare Source

What's Changed

bumping artifact dep by @zricethezav in #153

Full Changelog: gitleaks/gitleaks-action@v2...v2.3.5

`v2.3.4`

Compare Source

Full Changelog: gitleaks/gitleaks-action@v2.3.3...v2.3.4

`v2.3.3`

Compare Source

What's Changed

bump gitleaks version by @zricethezav in #111
Document GITLEAKS_VERSION env var by @spaze in #123
Upgrade from 'node16' to 'node20' by @ericcornelissen in #134

New Contributors

@spaze made their first contribution in #123

Full Changelog: gitleaks/gitleaks-action@v2.3.2...v2.3.3

`v2.3.2`

Compare Source

What's Changed

Update build instructions by @ericcornelissen in #104
Update build instructions by @weineran in #105
Upload report artifact even if there are no leaks detected by @weineran in #106
Fix undefined repo by @weineran in #108

Full Changelog: gitleaks/gitleaks-action@v2.3.1...v2.3.2

`v2.3.1`

Compare Source

What's Changed

Upgraded @actions/core dependency in order to resolve the warning that says "The set-output command is deprecated...". More info: #100

Full Changelog: gitleaks/gitleaks-action@v2.3.0...v2.3.1

`v2.3.0`

Compare Source

What's Changed

Add logo use to EULA by @zricethezav in #97
Switch to plaintext fingerprint by @weineran in #98

Full Changelog: gitleaks/gitleaks-action@v2...v2.3.0

`v2.2.1`

Compare Source

What's Changed

Log error when comment fails by @weineran in #91

Full Changelog: gitleaks/gitleaks-action@v2...v2.2.1

`v2.2.0`

Compare Source

What's Changed

Feature/scheduled runs by @zricethezav in #89
populate html_url on scheduled runs by @zricethezav in #90

You can now run scheduled runs with gitleaks-action. A scheduled gitleaks-action will scan the entire history of a repo. You can set up a scheduled run by adding schedule to the on entry:

on:
  pull_request:
  push:
  workflow_dispatch:
  schedule:
    - cron: "0 4 * * *" # run once a day at 4 AM

Full Changelog: gitleaks/gitleaks-action@v2...v2.2.0

`v2.1.4`

Compare Source

What's Changed

bumping gitleaks by @zricethezav in #86

`v2.1.3`

Compare Source

What's New

Updates actions/core and gitleaks dependencies #85

`v2.1.2`

Compare Source

Bumps gitleaks dependency to latest version (v8.11.1) #84

`v2.1.1`

Compare Source

What's New

Fixes 0 commit scans on initial PR commit #82

`v2.1.0`

Compare Source

What's new

Bumped Gitleaks version #80
Introduced .gitleaksignore comments on PRs #80

`v2.0.8`

Compare Source

What's New

Fixed scanning merge-commits in PRs #79

`v2.0.7`

Compare Source

What's Changed:

Hardcoding gitleaks version by default instead of using latest #78

`v2.0.6`

Compare Source

What's New:

More thorough handling of different exit codes for job Summary #75
Changed the comment on PR message #74

`v2.0.5`

Compare Source

What's New

Fix edge case on initial commit to repo when base and head refs are the same.

`v2.0.4`

Compare Source

What's New

Ensure there are commits available to scan on push events #67

`v2.0.3`

Compare Source

What's New

Use eventJson.commits for commit range rather than eventJson.before and eventJson.after. This fixes invalid revision range on push event errors.

`v2.0.2`

Compare Source

What's New

Fixed action.yml name so this action can be published on the marketplace

`v2.0.1`

Compare Source

What's New

Individual user accounts do not need to obtain a license key. 🎉
Added GITLEAKS_ENABLE_SUMMARY env var option to enable or disable Gitleaks-action job summaries (defaults to true)
Added GITLEAKS_ENABLE_UPLOAD_ARTIFACT env var option to enable or disable Gitleaks-action job artifact uploads (defaults to true)

Configuration

📅 Schedule: (UTC)

Branch creation
- "before 9am on sunday"
Automerge
- At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

chore(deps): update gitleaks/gitleaks-action action to v3

d3e1f08

Renovate-Bot-PedroPombeiro requested a review from pedropombeiro May 30, 2026 22:26

pedropombeiro merged commit febbc4c into master May 31, 2026
5 checks passed

Renovate-Bot-PedroPombeiro deleted the renovate/major-3-github-actions branch May 31, 2026 06:26

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update gitleaks/gitleaks-action action to v3#192

chore(deps): update gitleaks/gitleaks-action action to v3#192
pedropombeiro merged 1 commit into
masterfrom
renovate/major-3-github-actions

Renovate-Bot-PedroPombeiro commented May 30, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

Renovate-Bot-PedroPombeiro commented May 30, 2026

Release Notes

What's changed

Migration

Why

Changes

Self-hosted runners

What's Changed

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

What's Changed

New Contributors

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's New

What's New

What's new

What's New

What's Changed:

What's New:

What's New

What's New

What's New

What's New

What's New

Configuration

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants