Skip to content

chore(deps-dev): bump secretlint from 10.2.2 to 13.0.2#61

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/secretlint-13.0.2
Open

chore(deps-dev): bump secretlint from 10.2.2 to 13.0.2#61
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/secretlint-13.0.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps secretlint from 10.2.2 to 13.0.2.

Release notes

Sourced from secretlint's releases.

v13.0.2

What's Changed

📝 v13.0.1 published as v13.0.2

Bug Fixes

CI

Dependency Updates

Other Changes

Full Changelog: secretlint/secretlint@v13.0.0...v13.0.2

v13.0.0

Highlights

v13 changes how files are discovered on disk and adds three credential detection rules.

.gitignore is respected by default

Nested .gitignore files now apply to file discovery with ripgrep semantics: rules from each directory cascade into its subtree, and a negation rule in a deeper file can flip an earlier verdict.

Files excluded by any .gitignore on the path are no longer scanned. Repositories that previously relied on Secretlint scanning ignored files (such as dist/ or generated artefacts) will see fewer files in the output. .secretlintignore is unchanged and continues to apply alongside .gitignore.

To restore the v12 behaviour:

secretlint --no-gitignore "**/*"

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for secretlint since your current version.


@dependabot @github

dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: security. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/secretlint-13.0.2 branch 5 times, most recently from 381c2b4 to 81793da Compare July 1, 2026 13:18
Bumps [secretlint](https://github.com/secretlint/secretlint) from 10.2.2 to 13.0.2.
- [Release notes](https://github.com/secretlint/secretlint/releases)
- [Commits](secretlint/secretlint@v10.2.2...v13.0.2)

---
updated-dependencies:
- dependency-name: secretlint
  dependency-version: 13.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/secretlint-13.0.2 branch from 81793da to b9edcdb Compare July 1, 2026 13:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant