From 6c9030e814f7665d8d27cba2d2c64a7dfb8cd069 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 9 Apr 2026 13:39:35 +0000
Subject: [PATCH] chore(deps): bump the actions group across 1 directory with 2
 updates

Bumps the actions group with 2 updates in the / directory: [haskell-actions/setup](https://github.com/haskell-actions/setup) and [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog).


Updates `haskell-actions/setup` from 2.10.3 to 2.10.4
- [Release notes](https://github.com/haskell-actions/setup/releases)
- [Commits](https://github.com/haskell-actions/setup/compare/f9150cb1d140e9a9271700670baa38991e6fa25c...de26526e12bc780fb9d384c1fb61c0bf02e3a40d)

Updates `trufflesecurity/trufflehog` from 3.94.2 to 3.94.3
- [Release notes](https://github.com/trufflesecurity/trufflehog/releases)
- [Commits](https://github.com/trufflesecurity/trufflehog/compare/6bd2d14f7a4bc1e569fa3550efa7ec632a4fa67b...47e7b7cd74f578e1e3145d48f669f22fd1330ca6)

---
updated-dependencies:
- dependency-name: haskell-actions/setup
  dependency-version: 2.10.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: trufflesecurity/trufflehog
  dependency-version: 3.94.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/casket-pages.yml   | 2 +-
 .github/workflows/quality.yml        | 2 +-
 .github/workflows/secret-scanner.yml | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/casket-pages.yml b/.github/workflows/casket-pages.yml
index 7069e5b..005120c 100644
--- a/.github/workflows/casket-pages.yml
+++ b/.github/workflows/casket-pages.yml
@@ -29,7 +29,7 @@ jobs:
           path: .casket-ssg
 
       - name: Setup GHCup
-        uses: haskell-actions/setup@f9150cb1d140e9a9271700670baa38991e6fa25c # v2
+        uses: haskell-actions/setup@de26526e12bc780fb9d384c1fb61c0bf02e3a40d # v2
         with:
           ghc-version: '9.8.2'
           cabal-version: '3.10'
diff --git a/.github/workflows/quality.yml b/.github/workflows/quality.yml
index 70d6645..2a9a103 100644
--- a/.github/workflows/quality.yml
+++ b/.github/workflows/quality.yml
@@ -14,7 +14,7 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Check for secrets
-        uses: trufflesecurity/trufflehog@6bd2d14f7a4bc1e569fa3550efa7ec632a4fa67b # v3.93.3
+        uses: trufflesecurity/trufflehog@47e7b7cd74f578e1e3145d48f669f22fd1330ca6 # v3.93.3
         with:
           path: ./
           base: ${{ github.event.pull_request.base.sha || github.event.before }}
diff --git a/.github/workflows/secret-scanner.yml b/.github/workflows/secret-scanner.yml
index 5686a88..334a9fd 100644
--- a/.github/workflows/secret-scanner.yml
+++ b/.github/workflows/secret-scanner.yml
@@ -18,7 +18,7 @@ jobs:
           fetch-depth: 0
 
       - name: TruffleHog Secret Scan
-        uses: trufflesecurity/trufflehog@6bd2d14f7a4bc1e569fa3550efa7ec632a4fa67b # v3
+        uses: trufflesecurity/trufflehog@47e7b7cd74f578e1e3145d48f669f22fd1330ca6 # v3
         with:
           extra_args: --only-verified --fail